diff --git a/nextcloud/Dockerfile b/nextcloud/Dockerfile new file mode 100644 index 0000000..ffbc928 --- /dev/null +++ b/nextcloud/Dockerfile @@ -0,0 +1,60 @@ +FROM ubuntu:16.04 +MAINTAINER Przemek Grondek + +ENV NEXTCLOUD_VER 12.0.0 + +ENV DEBIAN_FRONTEND noninteractive +RUN apt-get update && \ + apt-get install -y nginx mysql-server php-fpm php-mysql php-gd php-json php-curl php-intl php-mcrypt php-imagick php-zip php-xml php-mbstring php-smbclient pwgen bzip2 gosu supervisor cron && \ + apt-get clean + +# Make required catalogs +RUN mkdir -p /run/mysqld \ + /run/php + +# Setup php +RUN sed -i "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g" /etc/php/7.0/fpm/php.ini +RUN sed -i "s/;env\[HOSTNAME\] = $HOSTNAME/env\[HOSTNAME\] = $HOSTNAME/g" /etc/php/7.0/fpm/pool.d/www.conf +RUN sed -i "s/;env\[PATH\] = \/usr\/local\/bin:\/usr\/bin:\/bin/env\[PATH\] = \/usr\/local\/bin:\/usr\/bin:\/bin/g" /etc/php/7.0/fpm/pool.d/www.conf +RUN sed -i "s/;env\[TMP\] = \/tmp/env\[TMP\] = \/tmp/g" /etc/php/7.0/fpm/pool.d/www.conf +RUN sed -i "s/;env\[TMPDIR\] = \/tmp/env\[TMPDIR\] = \/tmp/g" /etc/php/7.0/fpm/pool.d/www.conf +RUN sed -i "s/;env\[TEMP\] = \/tmp/env\[TEMP\] = \/tmp/g" /etc/php/7.0/fpm/pool.d/www.conf + +# Setup nginx +RUN rm -rf /etc/nginx/sites-enabled/default +ADD nextcloud /etc/nginx/sites-available/nextcloud +RUN ln -s /etc/nginx/sites-available/nextcloud /etc/nginx/sites-enabled/nextcloud +RUN sed -i "s/\/var\/log\/nginx/\/data\/nginx-log/g" /etc/nginx/nginx.conf + +# Setup MySQL +RUN sed -i "s/\/var\/lib\/mysql/\/data\/mysql/g" /etc/mysql/mysql.conf.d/mysqld.cnf +RUN chown mysql:mysql /var/run/mysqld + +# Setup nextcloud +RUN rm -rf /var/www/* +ADD https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VER}.tar.bz2 /var/www +RUN tar xf /var/www/nextcloud-${NEXTCLOUD_VER}.tar.bz2 -C /var/www +RUN mv /var/www/nextcloud/* /var/www +RUN rm /var/www/nextcloud-${NEXTCLOUD_VER}.tar.bz2 \ + /var/www/nextcloud/.htaccess \ + /var/www/nextcloud/.user.ini +RUN rmdir /var/www/nextcloud +RUN echo "*/15 * * * * www-data php -f /var/www/cron.php" >> /etc/crontab + +# Provision data +RUN mkdir -p /provision/nextcloud +RUN cp -r /var/www/apps /provision/nextcloud +RUN cp -r /var/www/config /provision/nextcloud +RUN rm -rf /var/www/apps \ + /var/www/config +RUN ln -s /data/nextcloud/config /var/www +RUN ln -s /data/nextcloud/apps /var/www +RUN ln -s /data/nextcloud/data /var/www + +EXPOSE 80 +VOLUME ["/data"] + +COPY run.sh / +COPY supervisord.conf / + +CMD ["/run.sh"] diff --git a/nextcloud/nextcloud b/nextcloud/nextcloud new file mode 100644 index 0000000..cd81715 --- /dev/null +++ b/nextcloud/nextcloud @@ -0,0 +1,63 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + + root /var/www; + index index.php; + + # set max upload size + client_max_body_size 10G; + fastcgi_buffers 64 4K; + + # Disable gzip to avoid the removal of the ETag header + gzip off; + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + index index.php; + error_page 403 /core/templates/403.php; + error_page 404 /core/templates/404.php; + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + + try_files $uri $uri/ /index.php; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_read_timeout 300; + } + +# Optional: set long EXPIRES header on static assets + location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { + expires 30d; + # Optional: Don't log access to assets + access_log off; + } + +} + diff --git a/nextcloud/run.sh b/nextcloud/run.sh new file mode 100755 index 0000000..29dfe17 --- /dev/null +++ b/nextcloud/run.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +function first_run() { + echo FIRST RUN + + mkdir -p /data/nextcloud \ + /data/nextcloud/config \ + /data/nextcloud/data \ + /data/nginx-log + + cp -r /provision/nextcloud/apps /data/nextcloud + cp -r /provision/nextcloud/config /data/nextcloud + cp -r /var/lib/mysql /data + + chown -R www-data:www-data /data/nextcloud /var/www + chown -R mysql:mysql /data/mysql + + SQL_ROOT_PASSWORD="$(pwgen -s -1 16)" + SQL_NEXTCLOUD_PASSWORD="$(pwgen -s -1 16)" + + mysqld_safe & + + sleep 5 + + mysql -u root -e " + CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY '$SQL_NEXTCLOUD_PASSWORD'; + CREATE DATABASE nextcloud; + GRANT ALL PRIVILEGES ON nextcloud . * TO nextcloud@localhost; + FLUSH PRIVILEGES;" + mysqladmin -u root password $SQL_ROOT_PASSWORD + + cd /var/www + gosu www-data php occ maintenance:install \ + --database "mysql" --database-name "nextcloud" \ + --database-user "nextcloud" --database-pass "$SQL_NEXTCLOUD_PASSWORD" \ + --admin-user "admin" --admin-pass "password" + gosu www-data php occ background:cron + + killall mysqld + + touch /data/.provisioned + + sleep 10 +} + +if [ ! -f "/data/.provisioned" ]; +then + first_run +fi +supervisord -n -c /supervisord.conf diff --git a/nextcloud/supervisord.conf b/nextcloud/supervisord.conf new file mode 100644 index 0000000..a8e6755 --- /dev/null +++ b/nextcloud/supervisord.conf @@ -0,0 +1,15 @@ +[supervisord] +[program:mysqld] +command=mysqld_safe +#numproc=1 +#autostart=true +#autorestart=true + +[program:nginx] +command=nginx -g "daemon off;" + +[program:php-fcgi] +command=php-fpm7.0 -F + +[program:cron] +command=cron -f