mar
/
container
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

changed how user files relate to nextcloud

feature/startup-from-labels
Mar Alegre 5 years ago
parent
119dcd3da6
commit
d11621f05b
6 changed files with 31 additions and 67 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 21
      src/nextcloud/Containerfile
  2. 6
      src/nextcloud/Systemdfile
  3. 2
      src/nextcloud/assets/bin/maint
  4. 21
      src/nextcloud/assets/bin/nc-adduser
  5. 2
      src/nextcloud/bugfix/cronfix
  6. 46
      src/nextcloud/bugfix/redis.service

21
src/nextcloud/Containerfile
View File

@ -7,10 +7,8 @@ FROM localhost/debian
# -p (port) and -v (volume) both go host:container
LABEL deployopts="\
-p 9080:80 \
-v /tank/files/user/mar:/vol/files/mar/files \
-v /tank/files/db/nextcloud:/vol/db"
# make sure mount directories exist
RUN mkdir -p /vol/files/mar/files /vol/db
-v /srv/vol/nextcloud/files:/vol/files \
-v /srv/vol/nextcloud/data:/vol/data"
# Build Variables
# versions of php and postgres
@ -96,6 +94,10 @@ RUN wget https://download.nextcloud.com/server/releases/latest.zip && \
chown -R www-data:www-data nextcloud && \
rm latest.zip
# create data dir for nextcloud
RUN mkdir -p /srv/nextcloud/data && \
chown -R www-data:www-data /srv/nextcloud
# copy nextcloud config
COPY --chown=www-data:www-data assets/my.config.php nextcloud/config/
@ -105,14 +107,3 @@ COPY --chown=www-data:www-data assets/my.config.php nextcloud/config/
COPY assets/crontab /root/
# crontab for www-data
RUN crontab -u www-data /root/crontab
###
### Bugfix
###
# push the fixed systemd file for redis
COPY bugfix/redis.service /etc/systemd/system/redis.service
# execute command to workaround bug in cron
COPY bugfix/cronfix /root/
RUN chmod +x /root/cronfix && /root/cronfix

6
src/nextcloud/Systemdfile
View File

@ -10,9 +10,9 @@ sleep 5
db-make
# install nextcloud
nc-occ maintenance:install --data-dir "/vol/files/" --database "pgsql" --database-host "/var/run/postgresql" --database-name "$DBNAME" --database-user "$DBUSER" --database-pass "" --admin-user "admin" --admin-pass "admin"
nc-occ maintenance:install --data-dir "/srv/nextcloud/data/" --database "pgsql" --database-host "/var/run/postgresql" --database-name "$DBNAME" --database-user "$DBUSER" --database-pass "" --admin-user "admin" --admin-pass "admin"
# configure nextcloud
# do post-installation steps
nc-occ maintenance:update:htaccess
nc-occ db:add-missing-indices
nc-occ db:convert-filecache-bigint
@ -28,5 +28,5 @@ nc-occ app:install mail
nc-occ app:disable comments federation files_trashbin files_versions firstrunwizard recommendations support survey_client systemtags
# configure apps
# currently set to one day; to set to one hour use 'PT1H'
# set calendar to refresh subscriptions once a day (to set to one hour use 'PT1H' instead)
nc-occ config:app:set dav calendarSubscriptionRefreshRate --value P1D

2
src/nextcloud/assets/bin/maint
View File

@ -8,7 +8,7 @@ day=$(date +%d)
month=$(date +%m)
year=$(date +%Y)
dumpdir=/vol/db
dumpdir=/vol/data
errlog=error/$year-$month-$day-T$hour.log
mkdir -p $dumpdir/error

21
src/nextcloud/assets/bin/nc-adduser
View File

@ -0,0 +1,21 @@
#!/bin/bash
if [[ -z $1 ]]; then
echo "Usage: $0 username"
exit 2
fi
set -e
nc-occ user:add "$1"
nc-occ maintenance:mode --on
mkdir -p /vol/files/"$1"
chown www-data:www-data /vol/files/"$1"
rsync -vaSH /srv/nextcloud/data/"$1"/files/ /vol/files/"$1"/
rm -r /srv/nextcloud/data/"$1"/files
ln -s /vol/files/"$1" /srv/nextcloud/data/"$1"/files
nc-occ maintenance:mode --off

2
src/nextcloud/bugfix/cronfix
View File

@ -1,2 +0,0 @@
#!/bin/sh
sed -i '/session required pam_loginuid.so/c\#session required pam_loginuid.so' /etc/pam.d/cron

46
src/nextcloud/bugfix/redis.service
View File

@ -1,46 +0,0 @@
[Unit]
Description=Advanced key-value store
After=network.target
Documentation=http://redis.io/documentation, man:redis-server(1)
[Service]
Type=forking
ExecStart=/usr/bin/redis-server /etc/redis/redis.conf
ExecStop=/bin/kill -s TERM $MAINPID
PIDFile=/run/redis/redis-server.pid
TimeoutStopSec=0
Restart=always
User=redis
Group=redis
RuntimeDirectory=redis
RuntimeDirectoryMode=2755
UMask=007
#PrivateTmp=yes
LimitNOFILE=65535
#PrivateDevices=yes
#ProtectHome=yes
#ReadOnlyDirectories=/
#ReadWritePaths=-/var/lib/redis
#ReadWritePaths=-/var/log/redis
#ReadWritePaths=-/var/run/redis
NoNewPrivileges=true
CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE
MemoryDenyWriteExecute=true
#ProtectKernelModules=true
#ProtectKernelTunables=true
#ProtectControlGroups=true
RestrictRealtime=true
RestrictNamespaces=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
# redis-server can write to its own config file when in cluster mode so we
# permit writing there by default. If you are not using this feature, it is
# recommended that you replace the following lines with "ProtectSystem=full".
#ProtectSystem=true
#ReadWritePaths=-/etc/redis
[Install]
WantedBy=multi-user.target
Alias=redis.service
Write Preview
Loading…
Cancel
Save