diff --git a/src/nextcloud/Containerfile b/src/nextcloud/Containerfile index f65e575..2d7e024 100644 --- a/src/nextcloud/Containerfile +++ b/src/nextcloud/Containerfile @@ -7,10 +7,8 @@ FROM localhost/debian # -p (port) and -v (volume) both go host:container LABEL deployopts="\ -p 9080:80 \ --v /tank/files/user/mar:/vol/files/mar/files \ --v /tank/files/db/nextcloud:/vol/db" -# make sure mount directories exist -RUN mkdir -p /vol/files/mar/files /vol/db +-v /srv/vol/nextcloud/files:/vol/files \ +-v /srv/vol/nextcloud/data:/vol/data" # Build Variables # versions of php and postgres @@ -96,6 +94,10 @@ RUN wget https://download.nextcloud.com/server/releases/latest.zip && \ chown -R www-data:www-data nextcloud && \ rm latest.zip +# create data dir for nextcloud +RUN mkdir -p /srv/nextcloud/data && \ + chown -R www-data:www-data /srv/nextcloud + # copy nextcloud config COPY --chown=www-data:www-data assets/my.config.php nextcloud/config/ @@ -105,14 +107,3 @@ COPY --chown=www-data:www-data assets/my.config.php nextcloud/config/ COPY assets/crontab /root/ # crontab for www-data RUN crontab -u www-data /root/crontab - -### -### Bugfix -### - -# push the fixed systemd file for redis -COPY bugfix/redis.service /etc/systemd/system/redis.service - -# execute command to workaround bug in cron -COPY bugfix/cronfix /root/ -RUN chmod +x /root/cronfix && /root/cronfix diff --git a/src/nextcloud/Systemdfile b/src/nextcloud/Systemdfile index 3794956..0d8d5de 100644 --- a/src/nextcloud/Systemdfile +++ b/src/nextcloud/Systemdfile @@ -10,9 +10,9 @@ sleep 5 db-make # install nextcloud -nc-occ maintenance:install --data-dir "/vol/files/" --database "pgsql" --database-host "/var/run/postgresql" --database-name "$DBNAME" --database-user "$DBUSER" --database-pass "" --admin-user "admin" --admin-pass "admin" +nc-occ maintenance:install --data-dir "/srv/nextcloud/data/" --database "pgsql" --database-host "/var/run/postgresql" --database-name "$DBNAME" --database-user "$DBUSER" --database-pass "" --admin-user "admin" --admin-pass "admin" -# configure nextcloud +# do post-installation steps nc-occ maintenance:update:htaccess nc-occ db:add-missing-indices nc-occ db:convert-filecache-bigint @@ -28,5 +28,5 @@ nc-occ app:install mail nc-occ app:disable comments federation files_trashbin files_versions firstrunwizard recommendations support survey_client systemtags # configure apps -# currently set to one day; to set to one hour use 'PT1H' +# set calendar to refresh subscriptions once a day (to set to one hour use 'PT1H' instead) nc-occ config:app:set dav calendarSubscriptionRefreshRate --value P1D diff --git a/src/nextcloud/assets/bin/maint b/src/nextcloud/assets/bin/maint index 85f6f89..bac5eb2 100755 --- a/src/nextcloud/assets/bin/maint +++ b/src/nextcloud/assets/bin/maint @@ -8,7 +8,7 @@ day=$(date +%d) month=$(date +%m) year=$(date +%Y) -dumpdir=/vol/db +dumpdir=/vol/data errlog=error/$year-$month-$day-T$hour.log mkdir -p $dumpdir/error diff --git a/src/nextcloud/assets/bin/nc-adduser b/src/nextcloud/assets/bin/nc-adduser new file mode 100755 index 0000000..a4ae752 --- /dev/null +++ b/src/nextcloud/assets/bin/nc-adduser @@ -0,0 +1,21 @@ +#!/bin/bash + +if [[ -z $1 ]]; then + echo "Usage: $0 username" + exit 2 +fi + +set -e + +nc-occ user:add "$1" + +nc-occ maintenance:mode --on + +mkdir -p /vol/files/"$1" +chown www-data:www-data /vol/files/"$1" + +rsync -vaSH /srv/nextcloud/data/"$1"/files/ /vol/files/"$1"/ +rm -r /srv/nextcloud/data/"$1"/files +ln -s /vol/files/"$1" /srv/nextcloud/data/"$1"/files + +nc-occ maintenance:mode --off diff --git a/src/nextcloud/bugfix/cronfix b/src/nextcloud/bugfix/cronfix deleted file mode 100644 index 483c9dc..0000000 --- a/src/nextcloud/bugfix/cronfix +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -sed -i '/session required pam_loginuid.so/c\#session required pam_loginuid.so' /etc/pam.d/cron diff --git a/src/nextcloud/bugfix/redis.service b/src/nextcloud/bugfix/redis.service deleted file mode 100644 index 797f23e..0000000 --- a/src/nextcloud/bugfix/redis.service +++ /dev/null @@ -1,46 +0,0 @@ -[Unit] -Description=Advanced key-value store -After=network.target -Documentation=http://redis.io/documentation, man:redis-server(1) - -[Service] -Type=forking -ExecStart=/usr/bin/redis-server /etc/redis/redis.conf -ExecStop=/bin/kill -s TERM $MAINPID -PIDFile=/run/redis/redis-server.pid -TimeoutStopSec=0 -Restart=always -User=redis -Group=redis -RuntimeDirectory=redis -RuntimeDirectoryMode=2755 - -UMask=007 -#PrivateTmp=yes -LimitNOFILE=65535 -#PrivateDevices=yes -#ProtectHome=yes -#ReadOnlyDirectories=/ -#ReadWritePaths=-/var/lib/redis -#ReadWritePaths=-/var/log/redis -#ReadWritePaths=-/var/run/redis - -NoNewPrivileges=true -CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE -MemoryDenyWriteExecute=true -#ProtectKernelModules=true -#ProtectKernelTunables=true -#ProtectControlGroups=true -RestrictRealtime=true -RestrictNamespaces=true -RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX - -# redis-server can write to its own config file when in cluster mode so we -# permit writing there by default. If you are not using this feature, it is -# recommended that you replace the following lines with "ProtectSystem=full". -#ProtectSystem=true -#ReadWritePaths=-/etc/redis - -[Install] -WantedBy=multi-user.target -Alias=redis.service