diff options
| author | nachoparker <nacho@ownyourbits.com> | 2017-09-21 19:57:11 +0300 |
|---|---|---|
| committer | nachoparker <nacho@ownyourbits.com> | 2017-11-05 15:36:15 +0300 |
| commit | d0a839c09db4aab2c63cf832465880da537c9367 (patch) | |
| tree | e909ff2079da0ef760204ae08c821e93d2ea92e4 | |
| parent | fa2279faa9c5db091b97376a323275ad1f368ef6 (diff) | |
added docker-x86: nc and ncp for development. Update docker-armhf
38 files changed, 559 insertions, 145 deletions
@@ -5,20 +5,34 @@ # -nextcloudpi: nextcloud - docker build . -f docker/nextcloudpi/Dockerfile -t ownyourbits/nextcloudpi:latest +nextcloudpi-armhf: nextcloud-armhf + docker build . -f docker-armhf/nextcloudpi/Dockerfile -t ownyourbits/nextcloudpi-armhf:latest -nextcloud: lamp - docker build . -f docker/nextcloud/Dockerfile -t ownyourbits/nextcloud:latest +nextcloud-armhf: lamp-armhf + docker build . -f docker-armhf/nextcloud/Dockerfile -t ownyourbits/nextcloud-armhf:latest -lamp: miniraspbian - docker build . -f docker/lamp/Dockerfile -t ownyourbits/lamp-arm:latest +lamp-armhf: debian-ncp-armhf + docker build . -f docker-armhf/lamp/Dockerfile -t ownyourbits/lamp-armhf:latest -miniraspbian: - docker build . -f docker/miniraspbian/Dockerfile -t ownyourbits/miniraspbian:latest +debian-ncp-armhf: + docker build . -f docker-armhf/debian-ncp/Dockerfile -t ownyourbits/debian-ncp-armhf:latest + + +nextcloudpi-x86: nextcloud-x86 + docker build . -f docker/nextcloudpi/Dockerfile -t ownyourbits/nextcloudpi-x86:latest + +nextcloud-x86: lamp-x86 + docker build . -f docker/nextcloud/Dockerfile -t ownyourbits/nextcloud-x86:latest + +lamp-x86: debian-ncp-x86 + docker build . -f docker/lamp/Dockerfile -t ownyourbits/lamp-x86:latest + +debian-ncp-x86: + docker build . -f docker/debian-ncp/Dockerfile -t ownyourbits/debian-ncp-x86:latest devel: - docker build . -f docker/devel/Dockerfile -t ownyourbits/nextcloudpi:devel + docker build . -f docker/devel/Dockerfile -t ownyourbits/nextcloudpi-x86:devel + # License # # This script is free software; you can redistribute it and/or modify it diff --git a/bin/nextcloudpi-config b/bin/nextcloudpi-config index a631b8be..5e59cf9e 100755 --- a/bin/nextcloudpi-config +++ b/bin/nextcloudpi-config @@ -63,8 +63,8 @@ function nextcloud-config() done } -if [ $(id -u) -ne 0 ]; then - printf "Must be run as root. Try 'sudo $0'\n" +if [[ ${EUID} -ne 0 ]]; then + printf "Must be run as root. Try 'sudo $( basename "$0" )'\n" exit 1 fi diff --git a/changelog.md b/changelog.md index e91b4b2d..4000637d 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,7 @@ -[v0.32.1](https://github.com/nextcloud/nextcloudpi/commit/b9f5c95) (2017-11-04) build: replace user pi for user ncp +[v0.32.2 ](https://github.com/nextcloud/nextcloudpi/commit/d46f567) (2017-11-04) ncp-web: fix return value + +[v0.32.1 ](https://github.com/nextcloud/nextcloudpi/commit/8f28660) (2017-11-04) build: replace user pi for user ncp [v0.32.0 ](https://github.com/nextcloud/nextcloudpi/commit/8c70198) (2017-11-03) spDYN: initial adjustments diff --git a/docker/build-container.sh b/docker-armhf/build-container.sh index 7080ae0b..7080ae0b 100644 --- a/docker/build-container.sh +++ b/docker-armhf/build-container.sh diff --git a/docker-armhf/debian-ncp/Dockerfile b/docker-armhf/debian-ncp/Dockerfile new file mode 100644 index 00000000..bf37a275 --- /dev/null +++ b/docker-armhf/debian-ncp/Dockerfile @@ -0,0 +1,9 @@ +FROM arm32v7/debian:stretch-slim + +MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> + +CMD /bin/bash + +RUN mkdir -p /etc/services.d + +COPY docker/debian-ncp/run-parts.sh / diff --git a/docker/miniraspbian/run-parts.sh b/docker-armhf/debian-ncp/run-parts.sh index b4e9f74a..dee4fe61 100755 --- a/docker/miniraspbian/run-parts.sh +++ b/docker-armhf/debian-ncp/run-parts.sh @@ -2,16 +2,16 @@ cleanup() { - for file in $( ls -1rv /etc/cont-init.d ); do - /etc/cont-init.d/$file stop + for file in $( ls -1rv /etc/services.d ); do + /etc/services.d/"$file" stop "$1" done exit } trap cleanup SIGTERM -for file in $( ls -1v /etc/cont-init.d ); do - /etc/cont-init.d/$file start +for file in $( ls -1v /etc/services.d ); do + /etc/services.d/"$file" start "$1" done echo "Init done" diff --git a/docker-armhf/docker-env.sh b/docker-armhf/docker-env.sh new file mode 100644 index 00000000..70c9bc04 --- /dev/null +++ b/docker-armhf/docker-env.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +# Install docker ARM on Raspbian +# +# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com> +# GPL licensed (see end of file) * Use at your own risk! +# +# Usage: ./installer.sh docker-env.sh <DHCP QEMU image IP> <image> +# + + +install() +{ + curl -sSL get.docker.com | sh + usermod -aG docker pi +} + +configure(){ :; } + +cleanup() +{ + apt-get autoremove + apt-get clean + rm /var/lib/apt/lists/* -r + rm -f /home/pi/.bash_history + + systemctl disable ssh +} + +# License +# +# This script is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This script is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this script; if not, write to the +# Free Software Foundation, Inc., 59 Temple Place, Suite 330, +# Boston, MA 02111-1307 USA diff --git a/docker-armhf/lamp/010-lamp-run.sh b/docker-armhf/lamp/010-lamp-run.sh new file mode 100755 index 00000000..9552d848 --- /dev/null +++ b/docker-armhf/lamp/010-lamp-run.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +source /usr/local/etc/library.sh + +set -e + +[[ "$1" == "stop" ]] && { + echo "Stopping apache" + apachectl graceful-stop + echo "Stopping PHP-fpm" + killall php-fpm7.0 + echo "Stopping mariaDB" + mysqladmin -u root shutdown + echo "LAMP cleanup complete" + exit 0 +} + +# MOVE CONFIGS TO PERSISTENT VOLUME +persistent_cfg /etc/apache2 + +echo "Starting PHP-fpm" +php-fpm7.0 & + +echo "Starting Apache" +/usr/sbin/apache2ctl start + +echo "Starting mariaDB" +mysqld & + +# wait for mariadb +while :; do + [[ -S /var/run/mysqld/mysqld.sock ]] && break + sleep 0.5 +done + +exit 0 diff --git a/docker-armhf/lamp/Dockerfile b/docker-armhf/lamp/Dockerfile new file mode 100644 index 00000000..4b672951 --- /dev/null +++ b/docker-armhf/lamp/Dockerfile @@ -0,0 +1,40 @@ +FROM ownyourbits/debian-ncp-armhf + +MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> + +SHELL ["/bin/bash", "-c"] + +ENV DOCKERBUILD 1 + +COPY etc/library.sh lamp.sh /usr/local/etc/ + +RUN \ + +# installation +source /usr/local/etc/library.sh; \ +set +x; \ +install_script /usr/local/etc/lamp.sh; \ + +# mariaDB fixups (move database to /data, which will be in a persistent volume) +mkdir -p /data/; \ +mv /var/lib/mysql /data/database; \ +sed -i "s|^datadir.*|datadir = /data/database|" /etc/mysql/mariadb.conf.d/50-server.cnf; \ + +# package cleanup +apt-get autoremove -y; \ +apt-get clean; \ +rm /var/lib/apt/lists/* -f; \ +rm -rf /usr/share/man/*; \ +rm -rf /usr/share/doc/*; \ +rm /var/cache/debconf/*-old; \ +rm -f /var/log/alternatives.log /var/log/apt/*; \ + +# specific cleanup +rm /data/database/ib_logfile*; \ +rm /usr/local/etc/lamp.sh + +COPY docker/lamp/010-lamp-run.sh /etc/services.d/ + +ENTRYPOINT ["/run-parts.sh"] + +EXPOSE 80 443 diff --git a/docker-armhf/nextcloud/020-nextcloud-run.sh b/docker-armhf/nextcloud/020-nextcloud-run.sh new file mode 100755 index 00000000..68114e1a --- /dev/null +++ b/docker-armhf/nextcloud/020-nextcloud-run.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +source /usr/local/etc/library.sh + +set -e + +NCDIR=/var/www/nextcloud +OCC="$NCDIR/occ" + +[[ "$1" == "stop" ]] && { + echo "stopping cron..." + killall cron + exit 0 +} + +echo "Starting cron" +cron + +# INIT DATABASE AND NEXTCLOUD CONFIG (first run) +test -f /data/app/config/config.php || { + echo "Uninitialized instance, running nc-init..." + source /usr/local/etc/library.sh + cd /usr/local/etc/ + activate_script nc-init.sh +} + +# Trusted Domain ( local IP ) +IFACE=$( ip r | grep "default via" | awk '{ print $5 }' ) +IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(\.\d{1,3}){3}' | head -1 ) +sudo -u www-data php "$OCC" config:system:set trusted_domains 1 --value="$IP" + +# Trusted Domain ( as an argument ) +[[ "$@" != "" ]] && { + IP=$( grep -oP '\d{1,3}(\.\d{1,3}){3}' <<< "$2" ) # validate that the first argument is a valid IP + if [[ "$IP" != "" ]]; then + sudo -u www-data php "$OCC" config:system:set trusted_domains 6 --value="$IP" + else + echo "First argument must be an IP address to include as a Trusted domain. Ignoring" + fi +} + +exit 0 diff --git a/docker-armhf/nextcloud/Dockerfile b/docker-armhf/nextcloud/Dockerfile new file mode 100644 index 00000000..f8c42fa3 --- /dev/null +++ b/docker-armhf/nextcloud/Dockerfile @@ -0,0 +1,36 @@ +FROM ownyourbits/lamp-armhf + +MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> + +SHELL ["/bin/bash", "-c"] + +ENV DOCKERBUILD 1 + +COPY etc/library.sh etc/nextcloudpi-config.d/nc-init.sh etc/nextcloudpi-config.d/nc-nextcloud.sh /usr/local/etc/ + +RUN \ + +# installation ( /var/www/nextcloud -> /data/app which will be in a volume ) +apt-get update; \ +apt-get install --no-install-recommends -y wget ca-certificates sudo; \ +source /usr/local/etc/library.sh; \ +set +x; \ +install_script /usr/local/etc/nc-nextcloud.sh; \ +activate_script /usr/local/etc/nc-nextcloud.sh; \ +mv /var/www/nextcloud /data/app; \ +ln -s /data/app /var/www/nextcloud; \ + +# package cleanup +apt-get autoremove -y; \ +apt-get clean; \ +rm /var/lib/apt/lists/* -f; \ +rm -rf /usr/share/man/*; \ +rm -rf /usr/share/doc/*; \ +rm /var/cache/debconf/*-old; \ +rm -f /var/log/alternatives.log /var/log/apt/*; \ + +# specific cleanup +apt-get purge -y wget ca-certificates; \ +rm /usr/local/etc/nc-nextcloud.sh + +COPY docker/nextcloud/020-nextcloud-run.sh /etc/services.d/ diff --git a/docker-armhf/nextcloudpi/000-ncp-run.sh b/docker-armhf/nextcloudpi/000-ncp-run.sh new file mode 100755 index 00000000..6a4d2d2e --- /dev/null +++ b/docker-armhf/nextcloudpi/000-ncp-run.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +source /usr/local/etc/library.sh + +# INIT NCP CONFIG (first run) +persistent_cfg /usr/local/etc/nextcloudpi-config.d /data/ncp + +exit 0 diff --git a/docker-armhf/nextcloudpi/Dockerfile b/docker-armhf/nextcloudpi/Dockerfile new file mode 100644 index 00000000..70dab04e --- /dev/null +++ b/docker-armhf/nextcloudpi/Dockerfile @@ -0,0 +1,75 @@ +FROM ownyourbits/nextcloud-armhf + +MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> + +SHELL ["/bin/bash", "-c"] + +ENV DOCKERBUILD 1 + +COPY nextcloudpi.sh /usr/local/etc/ + +RUN \ +apt-get update; \ +apt-get install --no-install-recommends -y wget ca-certificates; \ + +# install nextcloudpi +source /usr/local/etc/library.sh; \ +set +x; \ +cd /usr/local/etc/; \ +install_script nextcloudpi.sh; \ + +# fix default paths +sed -i 's|/media/USBdrive|/data/backups|' nextcloudpi-config.d/nc-backup.sh; \ + +# specific cleanup +rm /usr/local/etc/nextcloudpi.sh; \ +apt-get purge -y wget ca-certificates; \ + +# letsencrypt build artifacts cleanup +apt-get purge -y \ + make \ + git \ + augeas-lenses \ + binutils \ + cpp \ + cpp-6 \ + gcc \ + gcc-6 \ + libasan3 \ + libaugeas0 \ + libc-dev-bin \ + libc6-dev \ + libcc1-0 \ + libexpat1-dev \ + libffi-dev \ + libgcc-6-dev \ + libgomp1 \ + libisl15 \ + libmpc3 \ + libpython-dev \ + libpython2.7-dev \ + libssl-dev \ + libubsan0 \ + linux-libc-dev \ + python-dev \ + python-virtualenv \ + python2.7-dev \ + python-pkg-resources \ + python3-pkg-resources \ + python3-virtualenv \ + virtualenv \ + python-pip-whl; \ + +# package clean up +apt-get autoremove -y; \ +apt-get clean; \ +rm -f /var/lib/apt/lists/*; \ +rm -rf /usr/share/man/*; \ +rm -rf /usr/share/doc/*; \ +rm -f /var/log/alternatives.log /var/log/apt/*; \ +rm /var/cache/debconf/*-old; + +COPY docker/nextcloudpi/000-ncp-run.sh /etc/services.d/ + +# 4443 - ncp-web +EXPOSE 80 443 4443 diff --git a/docker-compose-armhf.yml b/docker-compose-armhf.yml new file mode 100644 index 00000000..8e4fb019 --- /dev/null +++ b/docker-compose-armhf.yml @@ -0,0 +1,14 @@ +version: '3' +services: + nextcloudpi: + image: ownyourbits/nextcloudpi-armhf + command: "${IP}" + ports: + - "80:80" + - "443:443" + - "4443:4443" + volumes: + - ncdata:/data + +volumes: + ncdata: diff --git a/docker-compose-nc-armhf.yml b/docker-compose-nc-armhf.yml new file mode 100644 index 00000000..d70713d0 --- /dev/null +++ b/docker-compose-nc-armhf.yml @@ -0,0 +1,13 @@ +version: '3' +services: + nextcloud: + image: ownyourbits/nextcloud-armhf + command: "${IP}" + ports: + - "80:80" + - "443:443" + volumes: + - ncdata:/data + +volumes: + ncdata: diff --git a/docker-compose-nc.yml b/docker-compose-nc.yml new file mode 100644 index 00000000..3fb7d33d --- /dev/null +++ b/docker-compose-nc.yml @@ -0,0 +1,13 @@ +version: '3' +services: + nextcloud: + image: ownyourbits/nextcloud-x86 + command: "${IP}" + ports: + - "80:80" + - "443:443" + volumes: + - ncdata:/data + +volumes: + ncdata: diff --git a/docker-compose-ncpdev.yml b/docker-compose-ncpdev.yml new file mode 100644 index 00000000..798335b4 --- /dev/null +++ b/docker-compose-ncpdev.yml @@ -0,0 +1,15 @@ +version: '3' +services: + nextcloudpi-dev: + image: ownyourbits/nextcloudpi-x86 + command: "${IP}" + ports: + - "80:80" + - "443:443" + - "4443:4443" + volumes: + - ./ncp-web:/var/www/ncp-web + - ncdata:/data + +volumes: + ncdata: diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 00000000..8ec6d990 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,14 @@ +version: '3' +services: + nextcloudpi: + image: ownyourbits/nextcloudpi-x86 + command: "${IP}" + ports: + - "80:80" + - "443:443" + - "4443:4443" + volumes: + - ncdata:/data + +volumes: + ncdata: diff --git a/docker/debian-ncp/Dockerfile b/docker/debian-ncp/Dockerfile new file mode 100644 index 00000000..208603ff --- /dev/null +++ b/docker/debian-ncp/Dockerfile @@ -0,0 +1,9 @@ +FROM debian:stretch-slim + +MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> + +CMD /bin/bash + +RUN mkdir -p /etc/services.d + +COPY docker/debian-ncp/run-parts.sh / diff --git a/docker/debian-ncp/run-parts.sh b/docker/debian-ncp/run-parts.sh new file mode 100755 index 00000000..dee4fe61 --- /dev/null +++ b/docker/debian-ncp/run-parts.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +cleanup() +{ + for file in $( ls -1rv /etc/services.d ); do + /etc/services.d/"$file" stop "$1" + done + exit +} + +trap cleanup SIGTERM + +for file in $( ls -1v /etc/services.d ); do + /etc/services.d/"$file" start "$1" +done + +echo "Init done" +while true; do sleep 0.5; done # do nothing, just wait for trap from 'docker stop' diff --git a/docker/devel/Dockerfile b/docker/devel/Dockerfile index af01c876..277d87fa 100644 --- a/docker/devel/Dockerfile +++ b/docker/devel/Dockerfile @@ -1,7 +1,4 @@ -# docker run -d -p 4443:4443 -p 443:443 -p 80:80 -v ncdata:/data --name nextcloudpi ownyourbits/nextcloudpi:devel -# docker build . -f docker/devel/Dockerfile -t ownyourbits/nextcloudpi:devel - -FROM ownyourbits/nextcloud +FROM ownyourbits/nextcloudpi-x86 MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> diff --git a/docker/lamp/010-lamp-run.sh b/docker/lamp/010-lamp-run.sh index 69d8c13f..9552d848 100755 --- a/docker/lamp/010-lamp-run.sh +++ b/docker/lamp/010-lamp-run.sh @@ -1,16 +1,22 @@ #!/bin/bash +source /usr/local/etc/library.sh + set -e -case "$1" in - stop) - apachectl graceful-stop - killall php-fpm7.0 - mysqladmin -u root shutdown - echo "LAMP cleanup complete" - exit 0 - ;; -esac +[[ "$1" == "stop" ]] && { + echo "Stopping apache" + apachectl graceful-stop + echo "Stopping PHP-fpm" + killall php-fpm7.0 + echo "Stopping mariaDB" + mysqladmin -u root shutdown + echo "LAMP cleanup complete" + exit 0 +} + +# MOVE CONFIGS TO PERSISTENT VOLUME +persistent_cfg /etc/apache2 echo "Starting PHP-fpm" php-fpm7.0 & @@ -21,4 +27,10 @@ echo "Starting Apache" echo "Starting mariaDB" mysqld & +# wait for mariadb +while :; do + [[ -S /var/run/mysqld/mysqld.sock ]] && break + sleep 0.5 +done + exit 0 diff --git a/docker/lamp/Dockerfile b/docker/lamp/Dockerfile index 54b5c666..e6e77b93 100644 --- a/docker/lamp/Dockerfile +++ b/docker/lamp/Dockerfile @@ -1,12 +1,11 @@ -# docker run -d -p 443:443 -p 80:80 -v ncdata:/data --name lamp ownyourbits/lamp -# docker build . -f lamp.dockerfile -t ownyourbits/lamp-arm:latest - -FROM ownyourbits/miniraspbian +FROM ownyourbits/debian-ncp-x86 MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> SHELL ["/bin/bash", "-c"] +ENV DOCKERBUILD 1 + COPY etc/library.sh lamp.sh /usr/local/etc/ RUN \ @@ -32,9 +31,9 @@ rm -f /var/log/alternatives.log /var/log/apt/*; \ # specific cleanup rm /data/database/ib_logfile*; \ -rm /usr/local/etc/{lamp.sh,library.sh} +rm /usr/local/etc/lamp.sh -COPY docker/lamp/010-lamp-run.sh /etc/cont-init.d/ +COPY docker/lamp/010-lamp-run.sh /etc/services.d/ ENTRYPOINT ["/run-parts.sh"] diff --git a/docker/miniraspbian/Dockerfile b/docker/miniraspbian/Dockerfile deleted file mode 100644 index 2eca1bfa..00000000 --- a/docker/miniraspbian/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -# docker build . -f Dockerfile.raspbian -t ownyourbits/raspbian:latest - -FROM ownyourbits/miniraspbian:raw - -MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> - -CMD /bin/bash - -RUN mkdir -p /etc/cont-init.d - -COPY docker/miniraspbian/run-parts.sh / diff --git a/docker/nextcloud/020-nextcloud-run.sh b/docker/nextcloud/020-nextcloud-run.sh index d4a8570c..68114e1a 100755 --- a/docker/nextcloud/020-nextcloud-run.sh +++ b/docker/nextcloud/020-nextcloud-run.sh @@ -1,25 +1,21 @@ #!/bin/bash +source /usr/local/etc/library.sh + set -e NCDIR=/var/www/nextcloud OCC="$NCDIR/occ" -case "$1" in - stop) - echo "stopping cron..." - killall cron - exit 0 - ;; -esac - -# COPY NEXTCLOUD TO /data, WHICH WILL BE IN A PERSISTENT VOLUME (first run) -test -d /data/app || { - echo "Setting up persistent Nextcloud dir..." - mv "$NCDIR" /data/app - ln -s /data/app "$NCDIR" +[[ "$1" == "stop" ]] && { + echo "stopping cron..." + killall cron + exit 0 } +echo "Starting cron" +cron + # INIT DATABASE AND NEXTCLOUD CONFIG (first run) test -f /data/app/config/config.php || { echo "Uninitialized instance, running nc-init..." @@ -28,22 +24,19 @@ test -f /data/app/config/config.php || { activate_script nc-init.sh } +# Trusted Domain ( local IP ) +IFACE=$( ip r | grep "default via" | awk '{ print $5 }' ) +IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(\.\d{1,3}){3}' | head -1 ) +sudo -u www-data php "$OCC" config:system:set trusted_domains 1 --value="$IP" + # Trusted Domain ( as an argument ) [[ "$@" != "" ]] && { - IP=$( grep -oP '\d{1,3}(\.\d{1,3}){3}' <<< "$1" ) # validate that the first argument is a valid IP + IP=$( grep -oP '\d{1,3}(\.\d{1,3}){3}' <<< "$2" ) # validate that the first argument is a valid IP if [[ "$IP" != "" ]]; then - sudo -u www-data php $OCC config:system:set trusted_domains 1 --value="$IP" + sudo -u www-data php "$OCC" config:system:set trusted_domains 6 --value="$IP" else echo "First argument must be an IP address to include as a Trusted domain. Ignoring" fi } -# Trusted Domain ( local IP ) -IFACE=$( ip r | grep "default via" | awk '{ print $5 }' ) -IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(\.\d{1,3}){3}' | head -1 ) -sudo -u www-data php $OCC config:system:set trusted_domains 2 --value="$IP" - -echo "Starting cron" -cron - exit 0 diff --git a/docker/nextcloud/Dockerfile b/docker/nextcloud/Dockerfile index ba7848e5..d0fda0bb 100644 --- a/docker/nextcloud/Dockerfile +++ b/docker/nextcloud/Dockerfile @@ -1,22 +1,24 @@ -# docker run -d -p 443:443 -p 80:80 -v ncdata:/data --name nextcloud ownyourbits/nextcloud -# docker build . -f nextcloud.dockerfile -t ownyourbits/nextcloud:latest - -FROM ownyourbits/lamp-arm +FROM ownyourbits/lamp-x86 MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> SHELL ["/bin/bash", "-c"] +ENV DOCKERBUILD 1 + COPY etc/library.sh etc/nextcloudpi-config.d/nc-init.sh etc/nextcloudpi-config.d/nc-nextcloud.sh /usr/local/etc/ RUN \ -# installation +# installation ( /var/www/nextcloud -> /data/app which will be in a volume ) apt-get update; \ -apt-get install --no-install-recommends -y wget ca-certificates iputils-ping; \ +apt-get install --no-install-recommends -y wget ca-certificates sudo; \ source /usr/local/etc/library.sh; \ set +x; \ +install_script /usr/local/etc/nc-nextcloud.sh; \ activate_script /usr/local/etc/nc-nextcloud.sh; \ +mv /var/www/nextcloud /data/app; \ +ln -s /data/app /var/www/nextcloud; \ # package cleanup apt-get autoremove -y; \ @@ -31,14 +33,4 @@ rm -f /var/log/alternatives.log /var/log/apt/*; \ apt-get purge -y wget ca-certificates; \ rm /usr/local/etc/nc-nextcloud.sh -# TODO install make in noip: - -# TODO consider pre-populating /data (volume overcopies) -# TODO call cleanup() hooks for extras -# TODO remove packages unneeded from lamp, wget... -# # libudev1 util-linux -# TODO remove mariadb client (reinstall mysqldump later, but that only) -# apt-get purge -y wget ca-certificates libhogweed4 libnettle4 libpsl5 -# apt-get purge -y wget ca-certificates libgnutls-deb0-28 libhogweed2 libicu52 libnettle4 libpsl0 - -COPY docker/nextcloud/020-nextcloud-run.sh /etc/cont-init.d/ +COPY docker/nextcloud/020-nextcloud-run.sh /etc/services.d/ diff --git a/docker/nextcloudpi/000-ncp-run.sh b/docker/nextcloudpi/000-ncp-run.sh index d6a2cb49..6a4d2d2e 100755 --- a/docker/nextcloudpi/000-ncp-run.sh +++ b/docker/nextcloudpi/000-ncp-run.sh @@ -1,25 +1,8 @@ #!/bin/bash -NCDIR=/var/www/nextcloud -OCC="$NCDIR/occ" - -# INIT SYSTEM CONFIG (first run) -test -d /data/etc || { - echo "Setting up system dir..." - #mv /etc /data/etc - #ln -s /data/etc /etc -} +source /usr/local/etc/library.sh # INIT NCP CONFIG (first run) -test -d /data/ncp || { - echo "Setting up ncp dir..." - mv /usr/local/etc/ /data/ncp - ln -s /data/ncp /usr/local/etc -} - -# NC-INIT TODO copy all nextcloud folder? -# INIT DATABASE AND NEXTCLOUD CONFIG - #source /usr/local/etc/library.sh - #activate_script /usr/local/etc/nextcloudpi-config.d/nc-init.sh +persistent_cfg /usr/local/etc/nextcloudpi-config.d /data/ncp exit 0 diff --git a/docker/nextcloudpi/Dockerfile b/docker/nextcloudpi/Dockerfile index 445e6faf..d6baf749 100644 --- a/docker/nextcloudpi/Dockerfile +++ b/docker/nextcloudpi/Dockerfile @@ -1,7 +1,4 @@ -# docker run -d -p 4443:4443 -p 443:443 -p 80:80 -v ncdata:/data --name nextcloudpi ownyourbits/nextcloudpi -# docker build . -f nextcloud.dockerfile -t ownyourbits/nextcloudpi:latest - -FROM ownyourbits/nextcloudpi +FROM ownyourbits/nextcloud-x86 MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com> @@ -21,10 +18,54 @@ set +x; \ cd /usr/local/etc/; \ install_script nextcloudpi.sh; \ +# fix default paths +sed -i 's|/media/USBdrive|/data/backups|' nextcloudpi-config.d/nc-backup.sh; \ + # specific cleanup rm /usr/local/etc/nextcloudpi.sh; \ apt-get purge -y wget ca-certificates; \ +# letsencrypt build artifacts cleanup +apt-get purge -y \ + make \ + git \ + augeas-lenses \ + binutils \ + cpp \ + cpp-6 \ + gcc \ + gcc-6 \ + libasan3 \ + libaugeas0 \ + libc-dev-bin \ + libc6-dev \ + libcc1-0 \ + libcilkrts5 \ + libexpat1-dev \ + libffi-dev \ + libgcc-6-dev \ + libgomp1 \ + libisl15 \ + libitm1 \ + liblsan0 \ + libmpc3 \ + libmpx2 \ + libpython-dev \ + libpython2.7-dev \ + libquadmath0 \ + libssl-dev \ + libtsan0 \ + libubsan0 \ + linux-libc-dev \ + python-dev \ + python-virtualenv \ + python2.7-dev \ + python-pkg-resources \ + python3-pkg-resources \ + python3-virtualenv \ + virtualenv \ + python-pip-whl; \ + # package clean up apt-get autoremove -y; \ apt-get clean; \ @@ -34,7 +75,7 @@ rm -rf /usr/share/doc/*; \ rm -f /var/log/alternatives.log /var/log/apt/*; \ rm /var/cache/debconf/*-old; -COPY docker/nextcloudpi/000-ncp-run.sh /etc/cont-init.d/ +COPY docker/nextcloudpi/000-ncp-run.sh /etc/services.d/ # 4443 - ncp-web EXPOSE 80 443 4443 diff --git a/docker/run-ncdocker.sh b/docker/run-ncdocker.sh deleted file mode 100755 index f7cb5def..00000000 --- a/docker/run-ncdocker.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Initial Trusted Domain -IFACE=$( ip r | grep "default via" | awk '{ print $5 }' ) -IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(\.\d{1,3}){3}' | head -1 ) - -docker run -d -p 443:443 -p 80:80 -v ncdata:/data --name nextcloudpi ownyourbits/nextcloudpi $IP diff --git a/etc/library.sh b/etc/library.sh index 82dc0798..c177abc6 100755 --- a/etc/library.sh +++ b/etc/library.sh @@ -141,16 +141,17 @@ function configure_script() ) } -function persistent_cfgdir() +function persistent_cfg() { - local SRCDIR="$1" - local DSTDIR="${2:-/data/etc/$SRCDIR}" - mkdir -p "$( basename "$DSTDIR" )" - test -d "$DSTDIR" || { - echo "Setting up $SRCDIR dir..." - mv /etc/"$SRCDIR" "$DSTDIR" - ln -s "$DSTDIR" /etc/"$SRCDIR" + local SRC="$1" + local DST="${2:-/data/etc/$( basename "$SRC" )}" + mkdir -p "$( dirname "$DST" )" + test -d "$DST" || { + echo "Making $SRC persistent ..." + mv "$SRC" "$DST" } + rm -rf "$SRC" + ln -s "$DST" "$SRC" } # License diff --git a/etc/nextcloudpi-config.d/dnsmasq.sh b/etc/nextcloudpi-config.d/dnsmasq.sh index 145ebc48..69ee6948 100644 --- a/etc/nextcloudpi-config.d/dnsmasq.sh +++ b/etc/nextcloudpi-config.d/dnsmasq.sh @@ -28,25 +28,25 @@ install() update-rc.d dnsmasq disable [[ "$DOCKERBUILD" == 1 ]] && { - cat > /etc/cont-init.d/100-dnsmasq-run.sh <<EOF + cat > /etc/services.d/100-dnsmasq-run.sh <<EOF #!/bin/bash source /usr/local/etc/library.sh -[[ "$1" == "stop" ]] && { +[[ "\$1" == "stop" ]] && { echo "stopping dnsmasq..." service dnsmasq stop exit 0 } -persistent_cfgdir /etc/dnsmasq +persistent_cfg /etc/dnsmasq.conf echo "Starting dnsmasq..." service dnsmasq start exit 0 EOF - chmod +x /etc/cont-init.d/100-dnsmasq-run.sh + chmod +x /etc/services.d/100-dnsmasq-run.sh } } diff --git a/etc/nextcloudpi-config.d/fail2ban.sh b/etc/nextcloudpi-config.d/fail2ban.sh index cef07fd2..f9dffb59 100644 --- a/etc/nextcloudpi-config.d/fail2ban.sh +++ b/etc/nextcloudpi-config.d/fail2ban.sh @@ -39,25 +39,25 @@ install() rm -f /etc/fail2ban/jail.d/defaults-debian.conf [[ "$DOCKERBUILD" == 1 ]] && { - cat > /etc/cont-init.d/100-fail2ban-run.sh <<EOF + cat > /etc/services.d/100-fail2ban-run.sh <<EOF #!/bin/bash source /usr/local/etc/library.sh -[[ "$1" == "stop" ]] && { +[[ "\$1" == "stop" ]] && { echo "stopping fail2ban..." service fail2ban stop exit 0 } -persistent_cfgdir /etc/fail2ban +persistent_cfg /etc/fail2ban echo "Starting fail2ban..." service fail2ban start exit 0 EOF - chmod +x /etc/cont-init.d/100-fail2ban-run.sh + chmod +x /etc/services.d/100-fail2ban-run.sh } # tweak fail2ban email diff --git a/etc/nextcloudpi-config.d/letsencrypt.sh b/etc/nextcloudpi-config.d/letsencrypt.sh index 8ab898ed..79fafbe8 100644 --- a/etc/nextcloudpi-config.d/letsencrypt.sh +++ b/etc/nextcloudpi-config.d/letsencrypt.sh @@ -36,19 +36,21 @@ is_active() install() { cd /etc || return 1 + apt-get update + apt-get install --no-install-recommends -y python2.7-minimal git clone https://github.com/letsencrypt/letsencrypt /etc/letsencrypt/letsencrypt-auto --help # do not actually run certbot, only install packages [[ "$DOCKERBUILD" == 1 ]] && { - cat > /etc/cont-init.d/100-letsencrypt-run.sh <<EOF + cat > /etc/services.d/100-letsencrypt-run.sh <<EOF #!/bin/bash source /usr/local/etc/library.sh -persistent_cfgdir /etc/letsencrypt +persistent_cfg /etc/letsencrypt exit 0 EOF - chmod +x /etc/cont-init.d/100-letsencrypt-run.sh + chmod +x /etc/services.d/100-letsencrypt-run.sh } } diff --git a/etc/nextcloudpi-config.d/nc-nextcloud.sh b/etc/nextcloudpi-config.d/nc-nextcloud.sh index cb48f99d..bff9152b 100644 --- a/etc/nextcloudpi-config.d/nc-nextcloud.sh +++ b/etc/nextcloudpi-config.d/nc-nextcloud.sh @@ -41,7 +41,7 @@ install() # Optional packets for Nextcloud and Apps apt-get update $APTINSTALL -o "Dpkg::Options::=--force-confold" php-smbclient - $APTINSTALL postfix + $APTINSTALL postfix lbzip2 iputils-ping } configure() diff --git a/etc/nextcloudpi-config.d/no-ip.sh b/etc/nextcloudpi-config.d/no-ip.sh index 58231134..e5e895f5 100644 --- a/etc/nextcloudpi-config.d/no-ip.sh +++ b/etc/nextcloudpi-config.d/no-ip.sh @@ -61,25 +61,25 @@ EOF mkdir -p /usr/local/etc/noip2 [[ "$DOCKERBUILD" == 1 ]] && { - cat > /etc/cont-init.d/100-noip-run.sh <<EOF + cat > /etc/services.d/100-noip-run.sh <<EOF #!/bin/bash source /usr/local/etc/library.sh -[[ "$1" == "stop" ]] && { +[[ "\$1" == "stop" ]] && { echo "stopping noip..." service noip2 stop exit 0 } -persistent_cfgdir /usr/local/etc/noip2 /data/etc/noip2 +persistent_cfg /usr/local/etc/noip2 /data/etc/noip2 echo "Starting noip..." service noip2 start exit 0 EOF - chmod +x /etc/cont-init.d/100-noip-run.sh + chmod +x /etc/services.d/100-noip-run.sh } } @@ -31,7 +31,6 @@ install() $APTINSTALL apt-utils $APTINSTALL cron - $APTINSTALL util-linux # TODO only need getopt (busybox?) $APTINSTALL apache2 $APTINSTALL php7.0 php7.0-curl php7.0-gd php7.0-fpm php7.0-cli php7.0-opcache php7.0-mbstring php7.0-xml php7.0-zip php7.0-APC php7.0-fileinfo php7.0-mcrypt mkdir -p /run/php diff --git a/nextcloudpi.sh b/nextcloudpi.sh index c1d3cefd..34d2e6b8 100644 --- a/nextcloudpi.sh +++ b/nextcloudpi.sh @@ -28,9 +28,9 @@ install() # NEXTCLOUDPI-CONFIG ########################################## apt-get update - $APTINSTALL dialog + $APTINSTALL dialog whiptail mkdir -p $CONFDIR - [[ "$DOCKERBUILD" != 1 ]] && { + test -f /usr/bin/raspi-config && { sed -i '/Change User Password/i"0 NextCloudPi Configuration" "Configuration of NextCloudPi" \\\\' /usr/bin/raspi-config sed -i '/1\\\\ \*) do_change_pass ;;/i0\\\\ *) nextcloudpi-config ;;' /usr/bin/raspi-config } @@ -74,6 +74,7 @@ Listen 4443 Require host localhost Require local Require ip 192.168 + Require ip 172 Require ip 10 </RequireAny> @@ -24,13 +24,20 @@ nc-nextcloud.sh nc-init.sh " +# need to be fixed for this +EXCL_DOCKER+=" +nc-webui.sh +dnsmasq.sh +fail2ban.sh +" + # better use a designated container EXCL_DOCKER+=" samba.sh NFS.sh " -# TODO review systemd timers +# use systemd timers EXCL_DOCKER+=" nc-notify-updates.sh nc-scan-auto.sh @@ -220,6 +227,8 @@ EOF grep -q TimeOut /etc/apache2/sites-enabled/ncp.conf || \ sed -i '/SSLCertificateKeyFile/aTimeOut 172800' /etc/apache2/sites-enabled/ncp.conf +# relocate noip2 config +mkdir -p /usr/local/etc/noip2 } # License |