From b003a8b49b60716e123f8ebeadc85dfb813f51da Mon Sep 17 00:00:00 2001 From: szaimen Date: Mon, 9 May 2022 01:47:54 +0200 Subject: [PATCH 1/4] allow to run containers without access to the docker socket Signed-off-by: szaimen --- .github/workflows/json-validator.yml | 18 +++ .github/workflows/update-yaml.yml | 33 ++++++ manual-install/latest-arm64.yml | 140 +++++++++++++++++++++++ manual-install/latest.yml | 160 +++++++++++++++++++++++++++ manual-install/sample.conf | 17 +++ manual-install/update-yaml.sh | 118 ++++++++++++++++++++ php/containers-schema.json | 79 +++++++++++++ php/containers.json | 20 ++-- 8 files changed, 575 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/json-validator.yml create mode 100644 .github/workflows/update-yaml.yml create mode 100644 manual-install/latest-arm64.yml create mode 100644 manual-install/latest.yml create mode 100644 manual-install/sample.conf create mode 100644 manual-install/update-yaml.sh create mode 100644 php/containers-schema.json diff --git a/.github/workflows/json-validator.yml b/.github/workflows/json-validator.yml new file mode 100644 index 00000000..59df04b7 --- /dev/null +++ b/.github/workflows/json-validator.yml @@ -0,0 +1,18 @@ +name: Json Validator + +on: + pull_request: + push: + +jobs: + psalm: + name: Json Validator + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Validate Json + run: | + sudo apt install python3-pip --no-install-recommends + sudo pip3 install json-spec + json validate --schema-file=php/containers-schema.json --document-file=php/containers.json diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml new file mode 100644 index 00000000..e04ef05b --- /dev/null +++ b/.github/workflows/update-yaml.yml @@ -0,0 +1,33 @@ +name: Update Yaml files + +on: + pull_request: + push: + branches: + - '**' + - '!main' + +jobs: + psalm: + name: update yaml files + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: update yaml files + run: | + sudo bash manual-install/update-yaml.sh + - name: Commit files + if: ${{ success() }} + continue-on-error: true + run: | + git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" + git config --local user.name "github-actions[bot]" + git add . + git commit -m "Update Yaml files" -a + - name: Push changes + if: ${{ success() }} + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + branch: ${{ github.ref }} diff --git a/manual-install/latest-arm64.yml b/manual-install/latest-arm64.yml new file mode 100644 index 00000000..be37af4d --- /dev/null +++ b/manual-install/latest-arm64.yml @@ -0,0 +1,140 @@ +version: "3.8" + +services: + nextcloud-aio-apache: + container_name: nextcloud-aio-apache + depends_on: + - nextcloud-aio-onlyoffice + - nextcloud-aio-collabora + - nextcloud-aio-clamav + - nextcloud-aio-talk + - nextcloud-aio-nextcloud + image: nextcloud/aio-apache:latest-arm64 + ports: + - ${APACHE_PORT}:${APACHE_PORT}/tcp + environment: + - NC_DOMAIN=${NC_DOMAIN} + - NEXTCLOUD_HOST=nextcloud-aio-nextcloud + - COLLABORA_HOST=nextcloud-aio-collabora + - TALK_HOST=nextcloud-aio-talk + - APACHE_PORT=${APACHE_PORT} + - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice + volumes: + - nextcloud_aio_nextcloud:/var/www/html:ro + - nextcloud_aio_apache:/mnt/data:rw + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-database: + container_name: nextcloud-aio-database + image: nextcloud/aio-postgresql:latest-arm64 + volumes: + - nextcloud_aio_database:/var/lib/postgresql/data:rw + - nextcloud_aio_database_dump:/mnt/data:rw + environment: + - POSTGRES_PASSWORD=${DATABASE_PASSWORD} + - POSTGRES_DB=nextcloud_database + - POSTGRES_USER=nextcloud + stop_grace_period: 1800s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-nextcloud: + container_name: nextcloud-aio-nextcloud + depends_on: + - nextcloud-aio-database + - nextcloud-aio-redis + image: nextcloud/aio-nextcloud:latest-arm64 + volumes: + - nextcloud_aio_nextcloud:/var/www/html:rw + - ${NEXTCLOUD_DATADIR}:/mnt/ncdata:rw + - ${NEXTCLOUD_MOUNT}:${NEXTCLOUD_MOUNT}:rw + environment: + - POSTGRES_HOST=nextcloud-aio-database + - POSTGRES_PASSWORD=${DATABASE_PASSWORD} + - POSTGRES_DB=nextcloud_database + - POSTGRES_USER=nextcloud + - REDIS_HOST=nextcloud-aio-redis + - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} + - AIO_TOKEN=${AIO_TOKEN} + - NC_DOMAIN=${NC_DOMAIN} + - ADMIN_USER=admin + - ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD} + - NEXTCLOUD_DATA_DIR=/mnt/ncdata + - OVERWRITEHOST=${NC_DOMAIN} + - OVERWRITEPROTOCOL=https + - TURN_SECRET=${TURN_SECRET} + - SIGNALING_SECRET=${SIGNALING_SECRET} + - AIO_URL=${AIO_URL} + - NEXTCLOUD_MOUNT=${NEXTCLOUD_MOUNT} + - CLAMAV_ENABLED=${CLAMAV_ENABLED} + - CLAMAV_HOST=nextcloud-aio-clamav + - ONLYOFFICE_ENABLED=${ONLYOFFICE_ENABLED} + - COLLABORA_ENABLED=${COLLABORA_ENABLED} + - COLLABORA_HOST=nextcloud-aio-collabora + - TALK_ENABLED=${TALK_ENABLED} + - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice + - DAILY_BACKUP_RUNNING=${DAILY_BACKUP_RUNNING} + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-redis: + container_name: nextcloud-aio-redis + image: nextcloud/aio-redis:latest-arm64 + environment: + - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-collabora: + container_name: nextcloud-aio-collabora + image: nextcloud/aio-collabora:latest-arm64 + environment: + - aliasgroup1=https://${NC_DOMAIN}:443 + - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-talk: + container_name: nextcloud-aio-talk + image: nextcloud/aio-talk:latest-arm64 + ports: + - 3478:3478/tcp + - 3478:3478/udp + environment: + - NC_DOMAIN=${NC_DOMAIN} + - TURN_SECRET=${TURN_SECRET} + - SIGNALING_SECRET=${SIGNALING_SECRET} + - JANUS_API_KEY=${JANUS_API_KEY} + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + +volumes: + nextcloud_aio_apache: + name: nextcloud_aio_apache + nextcloud_aio_clamav: + name: nextcloud_aio_clamav + nextcloud_aio_database: + name: nextcloud_aio_database + nextcloud_aio_database_dump: + name: nextcloud_aio_database_dump + nextcloud_aio_nextcloud: + name: nextcloud_aio_nextcloud + nextcloud_aio_onlyoffice: + name: nextcloud_aio_onlyoffice + nextcloud_aio_nextcloud_data: + name: nextcloud_aio_nextcloud_data + +networks: + nextcloud-aio: diff --git a/manual-install/latest.yml b/manual-install/latest.yml new file mode 100644 index 00000000..0d8bac53 --- /dev/null +++ b/manual-install/latest.yml @@ -0,0 +1,160 @@ +version: "3.8" + +services: + nextcloud-aio-apache: + container_name: nextcloud-aio-apache + depends_on: + - nextcloud-aio-onlyoffice + - nextcloud-aio-collabora + - nextcloud-aio-clamav + - nextcloud-aio-talk + - nextcloud-aio-nextcloud + image: nextcloud/aio-apache:latest + ports: + - ${APACHE_PORT}:${APACHE_PORT}/tcp + environment: + - NC_DOMAIN=${NC_DOMAIN} + - NEXTCLOUD_HOST=nextcloud-aio-nextcloud + - COLLABORA_HOST=nextcloud-aio-collabora + - TALK_HOST=nextcloud-aio-talk + - APACHE_PORT=${APACHE_PORT} + - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice + volumes: + - nextcloud_aio_nextcloud:/var/www/html:ro + - nextcloud_aio_apache:/mnt/data:rw + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-database: + container_name: nextcloud-aio-database + image: nextcloud/aio-postgresql:latest + volumes: + - nextcloud_aio_database:/var/lib/postgresql/data:rw + - nextcloud_aio_database_dump:/mnt/data:rw + environment: + - POSTGRES_PASSWORD=${DATABASE_PASSWORD} + - POSTGRES_DB=nextcloud_database + - POSTGRES_USER=nextcloud + stop_grace_period: 1800s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-nextcloud: + container_name: nextcloud-aio-nextcloud + depends_on: + - nextcloud-aio-database + - nextcloud-aio-redis + image: nextcloud/aio-nextcloud:latest + volumes: + - nextcloud_aio_nextcloud:/var/www/html:rw + - ${NEXTCLOUD_DATADIR}:/mnt/ncdata:rw + - ${NEXTCLOUD_MOUNT}:${NEXTCLOUD_MOUNT}:rw + environment: + - POSTGRES_HOST=nextcloud-aio-database + - POSTGRES_PASSWORD=${DATABASE_PASSWORD} + - POSTGRES_DB=nextcloud_database + - POSTGRES_USER=nextcloud + - REDIS_HOST=nextcloud-aio-redis + - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} + - AIO_TOKEN=${AIO_TOKEN} + - NC_DOMAIN=${NC_DOMAIN} + - ADMIN_USER=admin + - ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD} + - NEXTCLOUD_DATA_DIR=/mnt/ncdata + - OVERWRITEHOST=${NC_DOMAIN} + - OVERWRITEPROTOCOL=https + - TURN_SECRET=${TURN_SECRET} + - SIGNALING_SECRET=${SIGNALING_SECRET} + - AIO_URL=${AIO_URL} + - NEXTCLOUD_MOUNT=${NEXTCLOUD_MOUNT} + - CLAMAV_ENABLED=${CLAMAV_ENABLED} + - CLAMAV_HOST=nextcloud-aio-clamav + - ONLYOFFICE_ENABLED=${ONLYOFFICE_ENABLED} + - COLLABORA_ENABLED=${COLLABORA_ENABLED} + - COLLABORA_HOST=nextcloud-aio-collabora + - TALK_ENABLED=${TALK_ENABLED} + - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice + - DAILY_BACKUP_RUNNING=${DAILY_BACKUP_RUNNING} + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-redis: + container_name: nextcloud-aio-redis + image: nextcloud/aio-redis:latest + environment: + - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-collabora: + container_name: nextcloud-aio-collabora + image: nextcloud/aio-collabora:latest + environment: + - aliasgroup1=https://${NC_DOMAIN}:443 + - extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-talk: + container_name: nextcloud-aio-talk + image: nextcloud/aio-talk:latest + ports: + - 3478:3478/tcp + - 3478:3478/udp + environment: + - NC_DOMAIN=${NC_DOMAIN} + - TURN_SECRET=${TURN_SECRET} + - SIGNALING_SECRET=${SIGNALING_SECRET} + - JANUS_API_KEY=${JANUS_API_KEY} + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-clamav: + container_name: nextcloud-aio-clamav + image: nextcloud/aio-clamav:latest + volumes: + - nextcloud_aio_clamav:/var/lib/clamav:rw + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + + nextcloud-aio-onlyoffice: + container_name: nextcloud-aio-onlyoffice + image: nextcloud/aio-onlyoffice:latest + volumes: + - nextcloud_aio_onlyoffice:/var/lib/onlyoffice:rw + stop_grace_period: 10s + restart: unless-stopped + networks: + - nextcloud-aio + +volumes: + nextcloud_aio_apache: + name: nextcloud_aio_apache + nextcloud_aio_clamav: + name: nextcloud_aio_clamav + nextcloud_aio_database: + name: nextcloud_aio_database + nextcloud_aio_database_dump: + name: nextcloud_aio_database_dump + nextcloud_aio_nextcloud: + name: nextcloud_aio_nextcloud + nextcloud_aio_onlyoffice: + name: nextcloud_aio_onlyoffice + nextcloud_aio_nextcloud_data: + name: nextcloud_aio_nextcloud_data + +networks: + nextcloud-aio: diff --git a/manual-install/sample.conf b/manual-install/sample.conf new file mode 100644 index 00000000..f3968aee --- /dev/null +++ b/manual-install/sample.conf @@ -0,0 +1,17 @@ +AIO_TOKEN=123456 # Has no function but needs to be set! +AIO_URL=localhost # Has no function but needs to be set! +APACHE_PORT=443 # Changing this to a different value than 443 will allow you to run it behind a reverse proxy. +CLAMAV_ENABLED=no # Setting this to "yes" enables the option in Nextcloud automatically. +COLLABORA_ENABLED=yes # Setting this to "yes" enables the option in Nextcloud automatically. +DAILY_BACKUP_RUNNING=no # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup. +DATABASE_PASSWORD= # TODO! This needs to be a unique and good password! +JANUS_API_KEY= # TODO! This needs to be a unique and good password! +NC_DOMAIN=yourdomain.com # TODO! Needs to be changed to the domain that you want to use for Nextcloud. +NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards! +NEXTCLOUD_MOUNT=/mnt/ # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR! +NEXTCLOUD_PASSWORD= # TODO! This is the password of the initially created Nextcloud admin with username "admin". +ONLYOFFICE_ENABLED=no # Setting this to "yes" enables the option in Nextcloud automatically. +REDIS_PASSWORD= # TODO! This needs to be a unique and good password! +SIGNALING_SECRET= # TODO! This needs to be a unique and good password! +TALK_ENABLED=yes # Setting this to "yes" enables the option in Nextcloud automatically. +TURN_SECRET= # TODO! This needs to be a unique and good password! diff --git a/manual-install/update-yaml.sh b/manual-install/update-yaml.sh new file mode 100644 index 00000000..b0ad137a --- /dev/null +++ b/manual-install/update-yaml.sh @@ -0,0 +1,118 @@ +#!/bin/bash + +jq -c . ./php/containers.json > /tmp/containers.json +sed -i 's|","location":"|:|g' /tmp/containers.json +sed -i 's|","writeable":false|:ro"|g' /tmp/containers.json +sed -i 's|","writeable":true|:rw"|g' /tmp/containers.json +OUTPUT="$(cat /tmp/containers.json)" +OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[].internalPorts)')" +OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[].secrets)')" +OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-watchtower"))')" +OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-domaincheck"))')" +OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-borgbackup"))')" + +snap install yq +mkdir -p ./manual-install +echo "$OUTPUT" | yq -P > ./manual-install/containers.yml + +cd manual-install || exit +sed -i "s|'||g" containers.yml +sed -i 's|production:|services:|' containers.yml +sed -i 's|- identifier:| container_name:|' containers.yml +sed -i 's|restartPolicy:|restart:|' containers.yml +sed -i 's|environmentVariables:|environment:|' containers.yml +sed -i '/displayName:/d' containers.yml +sed -i 's|maxShutdownTime:|stop_grace_period:|' containers.yml +sed -i '/stop_grace_period:/s/$/s/' containers.yml +sed -i 's|containerName:|image:|' containers.yml +sed -i '/: \[\]/d' containers.yml +sed -i 's|dependsOn:|depends_on:|' containers.yml +sed -i 's|- name: |- |' containers.yml + +TCP="$(grep -oP '[%A-Z0-9_]+/tcp' containers.yml | sort -u)" +mapfile -t TCP <<< "$TCP" +for port in "${TCP[@]}" +do + solve_port="${port%%/tcp}" + sed -i "s|$port|$solve_port:$solve_port/tcp|" containers.yml +done + +UDP="$(grep -oP '[%A-Z0-9_]+/udp' containers.yml | sort -u)" +mapfile -t UDP <<< "$UDP" +for port in "${UDP[@]}" +do + solve_port="${port%%/udp}" + sed -i "s|$port|$solve_port:$solve_port/udp|" containers.yml +done + +rm -f sample.conf +VARIABLES="$(grep -oP '%[A-Z_a-z0-6]+%' containers.yml | sort -u)" +mapfile -t VARIABLES <<< "$VARIABLES" +for variable in "${VARIABLES[@]}" +do + # shellcheck disable=SC2001 + sole_variable="$(echo "$variable" | sed 's|%||g')" + echo "$sole_variable=" >> sample.conf + sed -i "s|$variable|\${$sole_variable}|g" containers.yml +done + +sed -i 's|_ENABLED=|_ENABLED=no # Setting this to "yes" enables the option in Nextcloud automatically.|' sample.conf +sed -i 's|TALK_ENABLED=no|TALK_ENABLED=yes|' sample.conf +sed -i 's|COLLABORA_ENABLED=no|COLLABORA_ENABLED=yes|' sample.conf +sed -i 's|NEXTCLOUD_DATADIR=|NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards!|' sample.conf +sed -i 's|NEXTCLOUD_MOUNT=|NEXTCLOUD_MOUNT=/mnt/ # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!|' sample.conf +sed -i 's|DAILY_BACKUP_RUNNING=|DAILY_BACKUP_RUNNING=no # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup.|' sample.conf +sed -i 's|APACHE_PORT=|APACHE_PORT=443 # Changing this to a different value than 443 will allow you to run it behind a reverse proxy.|' sample.conf +sed -i 's|AIO_TOKEN=|AIO_TOKEN=123456 # Has no function but needs to be set!|' sample.conf +sed -i 's|AIO_URL=|AIO_URL=localhost # Has no function but needs to be set!|' sample.conf +sed -i 's|NC_DOMAIN=|NC_DOMAIN=yourdomain.com # TODO! Needs to be changed to the domain that you want to use for Nextcloud.|' sample.conf +sed -i 's|NEXTCLOUD_PASSWORD=|NEXTCLOUD_PASSWORD= # TODO! This is the password of the initially created Nextcloud admin with username "admin".|' sample.conf +sed -i 's|=$|= # TODO! This needs to be a unique and good password!|' sample.conf + +cat sample.conf + +OUTPUT="$(cat containers.yml)" +NAMES="$(grep -oP "container_name:.*" containers.yml | grep -oP 'nextcloud-aio.*')" +mapfile -t NAMES <<< "$NAMES" +for name in "${NAMES[@]}" +do + OUTPUT="$(echo "$OUTPUT" | sed "/container_name.*$name/i\ \ $name:")" + if [ "$name" != "nextcloud-aio-apache" ]; then + OUTPUT="$(echo "$OUTPUT" | sed "/ $name:/i\ ")" + fi +done + +OUTPUT="$(echo "$OUTPUT" | sed "/restart: /a\ \ \ \ networks:\n\ \ \ \ \ \ - nextcloud-aio")" + +echo 'version: "3.8"' > containers.yml +echo "" >> containers.yml + +echo "$OUTPUT" >> containers.yml + +VOLUMES="$(grep -oP 'nextcloud_aio_[a-z_]+' containers.yml | sort -u)" +mapfile -t VOLUMES <<< "$VOLUMES" +echo "" >> containers.yml +echo "volumes:" >> containers.yml +for volume in "${VOLUMES[@]}" "nextcloud_aio_nextcloud_data" +do + cat << VOLUMES >> containers.yml + $volume: + name: $volume +VOLUMES +done + +cat << NETWORK >> containers.yml + +networks: + nextcloud-aio: +NETWORK + +cat containers.yml > latest.yml +sed -i '/image:/s/$/:latest/' latest.yml + +cat containers.yml > latest-arm64.yml +sed -i '/image:/s/$/:latest-arm64/' latest-arm64.yml +sed -i '/ nextcloud-aio-clamav:/,/^$/d' latest-arm64.yml +sed -i '/ nextcloud-aio-onlyoffice:/,/^$/d' latest-arm64.yml + +rm containers.yml diff --git a/php/containers-schema.json b/php/containers-schema.json new file mode 100644 index 00000000..1a668d38 --- /dev/null +++ b/php/containers-schema.json @@ -0,0 +1,79 @@ +{ + "type": "object", + "description": "AIO containers definition schema", + "additionalProperties": false, + "minProperties": 1, + "properties": { + "production": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "minProperties": 11, + "properties": { + "containerName": { + "type": "string" + }, + "dependsOn": { + "type": "array", + "items": { + "type": "string" + } + }, + "displayName": { + "type": "string" + }, + "environmentVariables": { + "type": "array", + "items": { + "type": "string" + } + }, + "identifier": { + "type": "string" + }, + "internalPorts": { + "type": "array", + "items": { + "type": "string" + } + }, + "maxShutdownTime": { + "type": "integer" + }, + "ports": { + "type": "array", + "items": { + "type": "string" + } + }, + "restartPolicy": { + "type": "string" + }, + "secrets": { + "type": "array" + }, + "volumes": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "minProperties": 3, + "properties": { + "location": { + "type": "string" + }, + "name": { + "type": "string" + }, + "writeable": { + "type": "boolean" + } + } + } + } + } + } + } + } +} \ No newline at end of file diff --git a/php/containers.json b/php/containers.json index 9aa3c060..dc689a6e 100644 --- a/php/containers.json +++ b/php/containers.json @@ -1,6 +1,7 @@ { "production": [ { + "identifier": "nextcloud-aio-apache", "dependsOn": [ "nextcloud-aio-onlyoffice", "nextcloud-aio-collabora", @@ -8,7 +9,6 @@ "nextcloud-aio-talk", "nextcloud-aio-nextcloud" ], - "identifier": "nextcloud-aio-apache", "displayName": "Apache", "containerName": "nextcloud/aio-apache", "ports": [ @@ -42,8 +42,8 @@ "restartPolicy": "unless-stopped" }, { - "dependsOn": [], "identifier": "nextcloud-aio-database", + "dependsOn": [], "displayName": "Database", "containerName": "nextcloud/aio-postgresql", "ports": [], @@ -74,11 +74,11 @@ "restartPolicy": "unless-stopped" }, { + "identifier": "nextcloud-aio-nextcloud", "dependsOn": [ "nextcloud-aio-database", "nextcloud-aio-redis" ], - "identifier": "nextcloud-aio-nextcloud", "displayName": "Nextcloud", "containerName": "nextcloud/aio-nextcloud", "ports": [], @@ -140,8 +140,8 @@ "restartPolicy": "unless-stopped" }, { - "dependsOn": [], "identifier": "nextcloud-aio-redis", + "dependsOn": [], "displayName": "Redis", "containerName": "nextcloud/aio-redis", "ports": [], @@ -159,8 +159,8 @@ "restartPolicy": "unless-stopped" }, { - "dependsOn": [], "identifier": "nextcloud-aio-collabora", + "dependsOn": [], "displayName": "Collabora", "containerName": "nextcloud/aio-collabora", "ports": [], @@ -177,8 +177,8 @@ "restartPolicy": "unless-stopped" }, { - "dependsOn": [], "identifier": "nextcloud-aio-talk", + "dependsOn": [], "displayName": "Talk", "containerName": "nextcloud/aio-talk", "ports": [ @@ -204,8 +204,8 @@ "restartPolicy": "unless-stopped" }, { - "dependsOn": [], "identifier": "nextcloud-aio-borgbackup", + "dependsOn": [], "displayName": "Borgbackup", "containerName": "nextcloud/aio-borgbackup", "ports": [], @@ -265,8 +265,8 @@ "restartPolicy": "" }, { - "dependsOn": [], "identifier": "nextcloud-aio-watchtower", + "dependsOn": [], "displayName": "Watchtower", "containerName": "nextcloud/aio-watchtower", "ports": [], @@ -306,8 +306,8 @@ "restartPolicy": "" }, { - "dependsOn": [], "identifier": "nextcloud-aio-clamav", + "dependsOn": [], "displayName": "ClamAV", "containerName": "nextcloud/aio-clamav", "ports": [], @@ -327,8 +327,8 @@ "restartPolicy": "unless-stopped" }, { - "dependsOn": [], "identifier": "nextcloud-aio-onlyoffice", + "dependsOn": [], "displayName": "OnlyOffice", "containerName": "nextcloud/aio-onlyoffice", "ports": [], From a2f99636bb715c47538ce83a5bfe7de6861d9968 Mon Sep 17 00:00:00 2001 From: szaimen Date: Wed, 11 May 2022 00:52:54 +0200 Subject: [PATCH 2/4] update only via schedule Signed-off-by: szaimen Revert "update only via schedule" This reverts commit 86bcad9c4c0047bdc45cb12ce58ede89b8c1a07b. Revert "Revert "update only via schedule"" This reverts commit 40a4236bd204ed65c25185c1d874378f094db6af. --- .github/workflows/update-yaml.yml | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml index e04ef05b..ee1b77e9 100644 --- a/.github/workflows/update-yaml.yml +++ b/.github/workflows/update-yaml.yml @@ -1,11 +1,8 @@ name: Update Yaml files on: - pull_request: - push: - branches: - - '**' - - '!main' + schedule: + - cron: '00 12 * * *' jobs: psalm: @@ -17,17 +14,13 @@ jobs: - name: update yaml files run: | sudo bash manual-install/update-yaml.sh - - name: Commit files - if: ${{ success() }} - continue-on-error: true - run: | - git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" - git config --local user.name "github-actions[bot]" - git add . - git commit -m "Update Yaml files" -a - - name: Push changes - if: ${{ success() }} - uses: ad-m/github-push-action@master + - name: Create Pull Request + uses: peter-evans/create-pull-request@v4 with: - github_token: ${{ secrets.GITHUB_TOKEN }} - branch: ${{ github.ref }} + commit-message: Yaml updates + signoff: true + title: Yaml updates + body: Automated yaml updates for the docker-compose files. Should only be merged shortly before the next latest release. + labels: dependencies + milestone: next + branch: aio-yaml-update From e4f34ef93df4b049d17f123cfa0a19cd8b86e37c Mon Sep 17 00:00:00 2001 From: szaimen Date: Wed, 11 May 2022 01:37:18 +0200 Subject: [PATCH 3/4] add a readme Signed-off-by: szaimen --- .gitignore | 3 +++ manual-install/readme.md | 41 ++++++++++++++++++++++++++++++++++++++++ reverse-proxy.md | 3 +-- 3 files changed, 45 insertions(+), 2 deletions(-) create mode 100644 manual-install/readme.md diff --git a/.gitignore b/.gitignore index db92d527..a27e8815 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,6 @@ /php/data/configuration.json /php/data/backupsecret.json /php/vendor +/manual-install/*.conf +!/manual-install/sample.conf +/manual-install/docker-compose.yml \ No newline at end of file diff --git a/manual-install/readme.md b/manual-install/readme.md new file mode 100644 index 00000000..05d4b8c7 --- /dev/null +++ b/manual-install/readme.md @@ -0,0 +1,41 @@ +# Manual installation + +You can run the containers that are build for AIO with docker-compose. This comes with a few downsides, that are discussed below. + +### Advantages +- You can run it without a container having access to the docker socket +- You can modify all values on your own + +### Disadvantages +- You loose the AIO interface +- You loose update notifications and automatic updates +- You loose all AIO backup and restore features +- You need to know what you are doing, especially when modifying the docker-compose file +- Probably more + +## How to use this? +First, install docker and docker-compose if not already done. Then simply run the following: +```bash +git clone https://github.com/nextcloud/all-in-one.git +cd all-in-one/manual-install +``` +Then copy the sample.conf to a new file, e.g. `cp sample.conf my.conf`, open the new conf file, e.g. with `nano my.conf`, edit all values that are marked with `# TODO!`, close and save the file. + +Now copy the provided yaml file to a docker-compose file by running on x64 `cp latest.yml docker-compose.yml` and on arm64 `cp latest-arm64.yml docker-compose.yml`. + +Now you should be ready to go with `sudo docker-compose up --env-file my.conf`. + +## How to update? +Since the AIO containers may change in the future, it is highly recommended to strictly follow the following procedure whenever you want to upgrade your containers. +1. Run `sudo docker-compose down --env-file my.conf` to stop all running containers +1. Back up all important files and folders +1. Run `git pull` in order to get the updated yaml files from the repository. Now bring your `docker-compose.yml` file up-to-date with the updated one from the repository. You can use `diff docker-compose.yml latest.yml` on x64 and `diff docker-compose.yml latest-arm64.yml` on arm64 for comparing. +1. Also have a look at the `sample.conf` if any variable was added or renamed and add that to your conf file as well. Here may help the diff command as well. +1. After the file update was successful, simply run `sudo docker-compose pull --env-file my.conf` to pull the new images. +1. At the end run `sudo docker-compose up --env-file my.conf` in order to start and update the containers with the new configuration. + +## FAQ +### Backup and restore? +If you leave `NEXTLOUD_DATADIR` in your conf file at the default value of `nextcloud_aio_nextcloud_data` and don't modify the yaml file, all data will be stored inside docker volumes which are on Linux by default located here: `/var/lib/docker/volumes`. Simply backing up this location should be a valid backup solution. Then you can also easily restore in case something bad happens. However if you change `NEXTLOUD_DATADIR` to a path like `/mnt/ncdata`, you obviously need to back up this location, too because the Nextcloud data will be stored there. The same applies to any change to the yaml file. + +Obviously you also need to back up the conf file and the yaml file if you modified it. diff --git a/reverse-proxy.md b/reverse-proxy.md index 0890edb9..ef713bf2 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -73,8 +73,7 @@ Unfortunately it is not possible to configure nginx-proxy in a way that works be If you really want to use AIO, we recommend you to switch to caddy. It is simply amazing!
Of course understandable if that is not possible for you. -Apart from that, there is this idea: https://github.com/nextcloud/all-in-one/issues/557
-Pull requests are very welcome! +Apart from that, there is this: [manual-install](https://github.com/nextcloud/all-in-one/tree/main/manual-install) From 668cc3694a4057cef0673ac3bf7cceda23c12920 Mon Sep 17 00:00:00 2001 From: szaimen Date: Thu, 12 May 2022 16:41:05 +0200 Subject: [PATCH 4/4] fix the commands Signed-off-by: szaimen --- manual-install/readme.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manual-install/readme.md b/manual-install/readme.md index 05d4b8c7..c104b061 100644 --- a/manual-install/readme.md +++ b/manual-install/readme.md @@ -23,16 +23,16 @@ Then copy the sample.conf to a new file, e.g. `cp sample.conf my.conf`, open the Now copy the provided yaml file to a docker-compose file by running on x64 `cp latest.yml docker-compose.yml` and on arm64 `cp latest-arm64.yml docker-compose.yml`. -Now you should be ready to go with `sudo docker-compose up --env-file my.conf`. +Now you should be ready to go with `sudo docker-compose --env-file my.conf up`. ## How to update? Since the AIO containers may change in the future, it is highly recommended to strictly follow the following procedure whenever you want to upgrade your containers. -1. Run `sudo docker-compose down --env-file my.conf` to stop all running containers +1. Run `sudo docker-compose --env-file my.conf down` to stop all running containers 1. Back up all important files and folders 1. Run `git pull` in order to get the updated yaml files from the repository. Now bring your `docker-compose.yml` file up-to-date with the updated one from the repository. You can use `diff docker-compose.yml latest.yml` on x64 and `diff docker-compose.yml latest-arm64.yml` on arm64 for comparing. 1. Also have a look at the `sample.conf` if any variable was added or renamed and add that to your conf file as well. Here may help the diff command as well. -1. After the file update was successful, simply run `sudo docker-compose pull --env-file my.conf` to pull the new images. -1. At the end run `sudo docker-compose up --env-file my.conf` in order to start and update the containers with the new configuration. +1. After the file update was successful, simply run `sudo docker-compose --env-file my.conf pull` to pull the new images. +1. At the end run `sudo docker-compose --env-file my.conf up` in order to start and update the containers with the new configuration. ## FAQ ### Backup and restore?