diff options
-rw-r--r-- | .github/workflows/build-docker.yml | 83 | ||||
-rw-r--r-- | .github/workflows/build-lxd.yml | 12 | ||||
-rw-r--r-- | .github/workflows/build-sd-images.yml | 58 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | bin/ncp-diag | 2 | ||||
-rwxr-xr-x | bin/ncp-dist-upgrade | 2 | ||||
-rwxr-xr-x | bin/ncp-update | 9 | ||||
-rwxr-xr-x | bin/ncp-update-nc | 17 | ||||
-rw-r--r-- | bin/ncp/CONFIG/nc-nextcloud.sh | 17 | ||||
-rw-r--r-- | build/armbian/armbian.sh | 2 | ||||
-rwxr-xr-x | build/build-SD-rpi.sh | 2 | ||||
-rw-r--r-- | etc/ncp-templates/systemd/notify_push.service.sh | 23 | ||||
-rw-r--r-- | ncp.sh | 6 | ||||
-rwxr-xr-x | update.sh | 3 | ||||
-rw-r--r-- | updates/1.50.0.sh | 2 | ||||
-rw-r--r-- | updates/1.50.1.sh | 11 |
16 files changed, 160 insertions, 91 deletions
diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index 0f7c6dc3..0a9b91a0 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -103,46 +103,63 @@ jobs: run: | docker logs nextcloudpi |& awk '{ print "CONTAINER::" $0 }' echo 'CONTAINER:: ==========' - docker logs -f |& awk '{ print "CONTAINER::" $0 }' & + docker logs -f nextcloudpi |& awk '{ print "CONTAINER::" $0 }' & docker exec nextcloudpi bash -c 'tail -f /var/log/ncp.log' |& awk '{ print "NCP::" $0 }' & cmd=(python activation_tests.py --no-gui localhost 8443 4443) [[ "${{ matrix.arch }}" == "x86" ]] || cmd+=(--timeout 300) - "${cmd[@]}" || { - tail -n 20 geckodriver.log >&2 || true - echo "=======================" - echo "Activation test failed!" - echo "Container logs:" - echo "===========================================" - docker logs nextcloudpi - echo "Last lines of ncp.log:" - echo "===========================================" - docker exec nextcloudpi tail /var/log/ncp.log; + + success=false + for attempt in {1..3} + do + echo ":: Activation Tests (attempt $attempt/3) ::" + "${cmd[@]}" || { + tail -n 20 geckodriver.log >&2 || true + echo "CI:: Activation test (attempt $attempt/3) failed!" + docker exec nextcloudpi bash /usr/local/bin/ncp-diag + sleep 12 + continue + } + success=true + break + done + [[ "$success" == "true" ]] || { + echo "CI:: Activation test failed in all attempts!" exit 1 } - echo "Activation test successful" - python system_tests.py --no-ping --non-interactive || { - echo "System test failed!" - echo "Container logs:" - echo "===========================================" - docker logs nextcloudpi - echo "Last lines of ncp.log:" - echo "===========================================" - docker exec nextcloudpi tail /var/log/ncp.log; - exit 1 + echo "CI:: Activation test successful" + + success=false + for attempt in {1..3} + do + echo ":: System Tests (attempt $attempt/3) ::" + python system_tests.py --no-ping --non-interactive || { + echo "CI:: System test (attempt $attempt) failed!" + continue + } + success=true + break + done + [[ "$success" == "true" ]] || { + echo "CI:: System test failed in all attempts!" exit 1 } - echo "System test successful" - python nextcloud_tests.py --no-gui localhost 8443 4443 || { - tail -n 20 geckodriver.log >&2 || true - echo "=======================" - echo "Nextcloud test failed!" - echo "Container logs:" - echo "===========================================" - docker logs nextcloudpi - echo "Last lines of ncp.log:" - echo "===========================================" - docker exec nextcloudpi tail /var/log/ncp.log; + echo "CI:: System test successful" + + success=false + for attempt in {1..3} + do + echo ":: Nextcloud Tests (attempt $attempt/3) ::" + python nextcloud_tests.py --no-gui localhost 8443 4443 || { + tail -n 20 geckodriver.log >&2 || true + echo "CI:: Nextcloud test (attempt $attempt/3) failed!" + continue + } + success=true + break + done + [[ "$success" == "true" ]] || { + echo "CI:: Nextcloud test failed in all attempts!" exit 1 } - echo "Nextcloud test successful" + echo "CI:: Nextcloud test successful" diff --git a/.github/workflows/build-lxd.yml b/.github/workflows/build-lxd.yml index 275e283d..223a8ffb 100644 --- a/.github/workflows/build-lxd.yml +++ b/.github/workflows/build-lxd.yml @@ -161,10 +161,20 @@ jobs: fi echo "VERSION=${VERSION}" >> "$GITHUB_ENV" echo "Running update ${{ needs.build-previous.outputs.previous_version }} -> ${VERSION}" + + current_nc_version="$(lxc exec ncp -- ncc status | grep "version:" | awk '{ print $3 }')" latest_nc_version="$(cat etc/ncp.cfg | jq -r '.nextcloud_version')" + lxc exec ncp -- bash -c "DBG=x ncp-update ${UPDATE_ARGS[*]}" lxc exec ncp -- /usr/local/bin/ncc status - lxc exec ncp -- bash -c "DBG=x ncp-update-nc ${latest_nc_version?}" + + if [[ "$current_nc_version" =~ "$latest_nc_version".* ]] + then + echo "Nextcloud is up to date - skipping NC update test." + else + lxc exec ncp -- bash -c "DBG=x ncp-update-nc ${latest_nc_version?}" + fi + lxc stop ncp - name: Pack LXD image id: pack-lxd diff --git a/.github/workflows/build-sd-images.yml b/.github/workflows/build-sd-images.yml index 3df86c88..08af6d47 100644 --- a/.github/workflows/build-sd-images.yml +++ b/.github/workflows/build-sd-images.yml @@ -34,18 +34,25 @@ jobs: artifact_name: ${{ github.run_id }}-${{ inputs.board_id }}-image steps: - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - name: Apply workaround for sudo bug (https://github.com/multiarch/qemu-user-static/issues/17) + uses: docker/setup-qemu-action@v2 + - name: Setup qemu-user-static run: | - apt-get -y --no-install-recommends install binfmt-support qemu-user-static - for conf in qemu-{aarch64,arm}-static.conf - do - sed 's/:F$/:OC/' /usr/lib/binfmt.d/$conf > /etc/binfmt/$conf - done + sudo apt-get update +# docker run --rm --privileged multiarch/qemu-user-static:register --reset --credential yes +# sudo mkdir -p /etc/binfmt +# for conf in qemu-{aarch64,arm}-static.conf +# do +# sed 's/:F$/:OC/' /usr/lib/binfmt.d/$conf | sudo tee /etc/binfmt/$conf +# done - name: Checkout code uses: actions/checkout@v3 with: ref: "${{ env.VERSION }}" +# - name: Debug +# run: | +# which qemu-aarch64-static +# update-binfmts --display qemu-aarch64 +# update-binfmts --display qemu-arm - name: "Build Armbian" if: ${{ inputs.board_id != 'raspberrypi' }} id: build-armbian @@ -83,7 +90,7 @@ jobs: echo "::set-output name=artifact_file::${IMG}" echo "ARTIFACT_FILE=${IMG}" >> $GITHUB_ENV - name: "Upload Armbian logs" - if: ${{ inputs.board_id != 'raspberrypi' && steps.build-armbian-2nd.outcome == 'failure' }} + if: ${{ inputs.board_id != 'raspberrypi' && failure() }} uses: actions/upload-artifact@v3 with: name: ${{ github.run_id }}-${{ inputs.board_id }}-logs @@ -96,6 +103,7 @@ jobs: echo "Protected? ${{ github.ref_protected }}" export IMG="NextCloudPi_${{ inputs.board_name }}_${VERSION//\//_}.img" [[ "${{ github.ref_protected }}" == true ]] || export DBG=x + wget -q https://github.com/multiarch/qemu-user-static/releases/latest/download/qemu-aarch64-static -O ./qemu-aarch64-static ./build/build-SD-rpi.sh mkdir -p output mv "tmp/$IMG" ./output/ @@ -129,14 +137,21 @@ jobs: shell: bash steps: - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - name: Apply workaround for sudo bug (https://github.com/multiarch/qemu-user-static/issues/17) + uses: docker/setup-qemu-action@v2 + - name: Apt update run: | - apt-get -y --no-install-recommends install binfmt-support qemu-user-static - for conf in qemu-{aarch64,arm}-static.conf - do - sed 's/:F$/:OC/' /usr/lib/binfmt.d/$conf > /etc/binfmt/$conf - done + sudo apt-get update +# sudo apt-get -y --no-install-recommends install qemu-user-static +# - name: Apply workaround for sudo bug (https://github.com/multiarch/qemu-user-static/issues/17) +# run: | +# sudo apt-get update +# sudo apt-get -y --no-install-recommends install binfmt-support qemu-user-static +# docker run --rm --privileged multiarch/qemu-user-static:register --reset --credential yes +# sudo mkdir -p /etc/binfmt +# for conf in qemu-{aarch64,arm}-static.conf +# do +# sed 's/:F$/:OC/' /usr/lib/binfmt.d/$conf | sudo tee /etc/binfmt/$conf +# done - name: Checkout code uses: actions/checkout@v3 with: @@ -154,6 +169,9 @@ jobs: sudo rm -rf raspbian_root . ./build/buildlib.sh mount_raspbian "ncp.img" + sudo wget -nv https://github.com/multiarch/qemu-user-static/releases/latest/download/qemu-aarch64-static -O raspbian_root/usr/bin/qemu-aarch64-static + sudo wget -nv https://github.com/multiarch/qemu-user-static/releases/latest/download/qemu-arm-static -O raspbian_root/usr/bin/qemu-arm-static + sudo chmod +x raspbian_root/usr/bin/qemu-{arm,aarch64}-static echo 'Mutex posixsem' | sudo tee -a raspbian_root/etc/apache2/mods-available/ssl.conf - name: Test image id: test @@ -163,8 +181,7 @@ jobs: trap 'sudo machinectl terminate ncp' EXIT sudo systemd-nspawn --boot -D ./raspbian_root/ -M ncp --hostname=nextcloudpi |& awk '{ print "CONTAINER::" $0 }' & - sudo systemd-run --machine=ncp -P --wait bash -c 'tail -f /var/log/ncp.log' |& awk '{ print "NCP::" $0 }' & - sleep 30 + sleep 60 success=false for attempt in {1..30} @@ -175,6 +192,8 @@ jobs: success=true break done + sudo systemd-run --machine=ncp -P --wait bash -c 'cat /var/log/ncp.log' |& awk '{ print "NCP::" $0 }' + sudo systemd-run --machine=ncp -P --wait bash -c 'tail -n 0 -f /var/log/ncp.log' |& awk '{ print "NCP::" $0 }' & [[ "$success" == "true" ]] || { echo "Could not reach container. Aborting..." @@ -190,8 +209,9 @@ jobs: echo "Geckodriver logs:" tail -n 20 geckodriver.log >&2 || true echo "================" - echo "ncp.log: " - sudo systemd-run --wait -P --machine=ncp ncp /bin/bash -c "tail -n20 /var/log/ncp.log || echo 'ncp.log not found'" + echo "mysql: " + sudo systemd-run --wait -P --machine=ncp bash /usr/local/bin/ncp-diag + sudo systemd-run --wait -P --machine=ncp systemctl status mysql sleep 6 continue } @@ -23,7 +23,7 @@ Find the full documentation at [docs.nextcloudpi.com](http://docs.nextcloudpi.co ## Features * Debian/Raspbian 11 Bullseye - * Nextcloud 23.0.2 + * Nextcloud 24.0.5 * Apache 2.4.25, with HTTP2 enabled * PHP 7.4 * MariaDB 10 diff --git a/bin/ncp-diag b/bin/ncp-diag index 5c26c20d..8241ed57 100644 --- a/bin/ncp-diag +++ b/bin/ncp-diag @@ -130,7 +130,7 @@ GW=$( ip r | grep "default via" | awk '{ print $3 }' | head -1 ) IP="$(get_ip)" echo "IP|$IP" -echo "Gateway|$GW" +echo "gateway|$GW" echo "Interface|$IFACE" # Certificates diff --git a/bin/ncp-dist-upgrade b/bin/ncp-dist-upgrade index f5fd13ba..3ccc8458 100755 --- a/bin/ncp-dist-upgrade +++ b/bin/ncp-dist-upgrade @@ -72,6 +72,8 @@ release_new=$(jq -r '.release' < "${new_cfg}") # the default repo in bullseye is bullseye-security - use bullseye if it is not available grep -Eh '^deb ' /etc/apt/sources.list | grep 'bullseye-security' > /dev/null && release_new="${release_new}-security" php_ver_new=$(jq -r '.php_version' < "${new_cfg}") +# PHP 8.1 is only supported via the +[[ "$php_ver_new" != 8.1 ]] || php_ver_new=7.4 $APTINSTALL -t ${release_new} php${php_ver_new} php${php_ver_new}-curl php${php_ver_new}-gd php${php_ver_new}-fpm php${php_ver_new}-cli php${php_ver_new}-opcache \ php${php_ver_new}-mbstring php${php_ver_new}-xml php${php_ver_new}-zip php${php_ver_new}-fileinfo php${php_ver_new}-ldap \ diff --git a/bin/ncp-update b/bin/ncp-update index ca564c53..b6f7a333 100755 --- a/bin/ncp-update +++ b/bin/ncp-update @@ -4,6 +4,15 @@ [[ -z "$DBG" ]] || set -$DBG +if [[ -f /.dockerenv ]] || [[ -f /.docker-image ]] || [[ "$DOCKERBUILD" == 1 ]] +then + echo "WARNING: Docker images should be updated by replacing the container from the latest docker image" \ + "(refer to the documentation for instructions: https://docs.nextcloudpi.com)." \ + "If you are sure that you know what you are doing, you can still execute the update script by running it like this:" + echo "> ALLOW_UPDATE_SCRIPT=1 ncp-update" + [[ "$ALLOW_UPDATE_SCRIPT" == "1" ]] || exit 1 +fi + { [ "$(id -u)" -ne 0 ] && { printf "Must be run as root. Try 'sudo $0'\n"; exit 1; } diff --git a/bin/ncp-update-nc b/bin/ncp-update-nc index 8cd85b03..60e8486f 100755 --- a/bin/ncp-update-nc +++ b/bin/ncp-update-nc @@ -206,22 +206,7 @@ else apachectl -k graceful ## make sure the notify_push daemon is runnnig - cat > /etc/systemd/system/notify_push.service <<EOF -[Unit] -Description = Push daemon for Nextcloud clients -After=mysql.service -After=redis.service -Requires=redis.service - -[Service] -Environment=PORT=7867 -Environment=NEXTCLOUD_URL=https://localhost -ExecStart="/var/www/nextcloud/apps/notify_push/bin/${ARCH}/notify_push" --allow-self-signed /var/www/nextcloud/config/config.php -User=www-data - -[Install] -WantedBy = multi-user.target -EOF + install_template systemd/notify_push.service.sh /etc/systemd/system/notify_push.service start_notify_push nc_domain="$(ncc config:system:get overwrite.cli.url)" set-nc-domain "${nc_domain}" || { diff --git a/bin/ncp/CONFIG/nc-nextcloud.sh b/bin/ncp/CONFIG/nc-nextcloud.sh index 7bcaadb2..e131ac91 100644 --- a/bin/ncp/CONFIG/nc-nextcloud.sh +++ b/bin/ncp/CONFIG/nc-nextcloud.sh @@ -226,22 +226,7 @@ EOF arch="$(uname -m)" [[ "${arch}" =~ "armv7" ]] && arch="armv7" - cat > /etc/systemd/system/notify_push.service <<EOF -[Unit] -Description = Push daemon for Nextcloud clients -After=mysql.service -After=redis.service -Requires=redis.service - -[Service] -Environment=PORT=7867 -Environment=NEXTCLOUD_URL=https://localhost -ExecStart=/var/www/nextcloud/apps/notify_push/bin/"${arch}"/notify_push --allow-self-signed /var/www/nextcloud/config/config.php -User=www-data - -[Install] -WantedBy = multi-user.target -EOF + install_template systemd/notify_push.service.sh /etc/systemd/system/notify_push.service [[ -f /.docker-image ]] || systemctl enable notify_push # some added security diff --git a/build/armbian/armbian.sh b/build/armbian/armbian.sh index 231ae804..924f6f94 100644 --- a/build/armbian/armbian.sh +++ b/build/armbian/armbian.sh @@ -35,6 +35,8 @@ run_app_unsafe post-inst.sh # disable SSH by default, it can be enabled through ncp-web systemctl disable ssh +basename "$IMG" | tee /usr/local/etc/ncp-baseimage + cd - diff --git a/build/build-SD-rpi.sh b/build/build-SD-rpi.sh index 9da95db0..429133ff 100755 --- a/build/build-SD-rpi.sh +++ b/build/build-SD-rpi.sh @@ -92,7 +92,7 @@ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ rm -rf /tmp/ncp-build EOFCHROOT -basename "$IMG" > raspbian_root/usr/local/etc/ncp-baseimage +basename "$IMG" | sudo tee raspbian_root/usr/local/etc/ncp-baseimage trap '' EXIT clean_chroot_raspbian diff --git a/etc/ncp-templates/systemd/notify_push.service.sh b/etc/ncp-templates/systemd/notify_push.service.sh new file mode 100644 index 00000000..bbf4ede4 --- /dev/null +++ b/etc/ncp-templates/systemd/notify_push.service.sh @@ -0,0 +1,23 @@ +#! /bin/bash + +set -e +source /usr/local/etc/library.sh + +cat <<EOF +[Unit] +Description = Push daemon for Nextcloud clients +After=mysql.service +After=redis.service +Requires=redis.service + +[Service] +Environment=PORT=7867 +Environment=NEXTCLOUD_URL=https://localhost +ExecStart="/var/www/nextcloud/apps/notify_push/bin/${ARCH}/notify_push" --allow-self-signed /var/www/nextcloud/config/config.php +User=www-data +Restart=on-failure +RestartSec=20 + +[Install] +WantedBy = multi-user.target +EOF @@ -1,6 +1,6 @@ #!/bin/bash -# NextCloudPi additions to Raspbian +# NextCloudPi additions to Raspbian # # Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com> # GPL licensed (see end of file) * Use at your own risk! @@ -29,6 +29,8 @@ install() test -f /usr/bin/raspi-config && { sed -i '/Change User Password/i"0 NextCloudPi Configuration" "Configuration of NextCloudPi" \\' /usr/bin/raspi-config sed -i '/1\\ \*) do_change_pass ;;/i0\\ *) ncp-config ;;' /usr/bin/raspi-config + # Disable raspberry pi default user + usermod pi -s /sbin/nologin } # add the ncc shortcut @@ -202,7 +204,7 @@ EOF chmod g+w /var/run/.ncp-latest-version # Install all ncp-apps - bin/ncp-update $BRANCH || exit $? + ALLOW_UPDATE_SCRIPT=1 bin/ncp-update $BRANCH || exit $? # LIMIT LOG SIZE grep -q maxsize /etc/logrotate.d/apache2 || sed -i /weekly/amaxsize2M /etc/logrotate.d/apache2 @@ -17,6 +17,7 @@ UPDATESDIR=updates # don't make sense in a docker container EXCL_DOCKER=" +nc-autoupdate-ncp nc-automount nc-format-USB nc-datadir @@ -174,6 +175,8 @@ fi # update to the latest NC version is_active_app nc-autoupdate-nc && run_app nc-autoupdate-nc +start_notify_push + # Refresh ncp config values source /usr/local/etc/library.sh diff --git a/updates/1.50.0.sh b/updates/1.50.0.sh index b09d2568..9aa6cd78 100644 --- a/updates/1.50.0.sh +++ b/updates/1.50.0.sh @@ -6,4 +6,4 @@ source /usr/local/etc/library.sh clear_opcache -(sleep 5 && service "php${PHPVER}-fpm" restart) & +bash -c "sleep 6; service php${PHPVER}-fpm restart" &>/dev/null & diff --git a/updates/1.50.1.sh b/updates/1.50.1.sh new file mode 100644 index 00000000..a440ff07 --- /dev/null +++ b/updates/1.50.1.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +set -e +export NCPCFG=/usr/local/etc/ncp.cfg +source /usr/local/etc/library.sh + +install_template systemd/notify_push.service.sh /etc/systemd/system/notify_push.service + + +clear_opcache +bash -c "sleep 6; service php${PHPVER}-fpm restart" &>/dev/null & |