eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-19 22:16:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

fix set_memory for imaginary and move cap_add to containers.json

Browse source 
Signed-off-by: Simon L <szaimen@e.mail.de>
This commit is contained in:
Simon L 2023-03-06 11:36:36 +01:00
parent c54395aa4c
commit 6587530242
5 changed files with 32 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
php/containers-schema.json
View file

@ -21,6 +21,12 @@
"type": "string" "type": "string"
} }
}, },
"cap_add": {
"type": "array",
"items": {
"type": "string"
}
},
"depends_on": { "depends_on": {
"type": "array", "type": "array",
"items": { "items": {

8
php/containers.json
View file

@ -318,6 +318,9 @@
], ],
"devices": [ "devices": [
"/dev/fuse" "/dev/fuse"
],
"cap_add": [
"SYS_ADMIN"
] ]
}, },
{ {
@ -411,7 +414,10 @@
"environment": [ "environment": [
"TZ=%TIMEZONE%" "TZ=%TIMEZONE%"
], ],
"restart": "unless-stopped" "restart": "unless-stopped",
"cap_add": [
"SYS_NICE"
]
}, },
{ {
"container_name": "nextcloud-aio-fulltextsearch", "container_name": "nextcloud-aio-fulltextsearch",

8
php/src/Container/Container.php
View file

@ -23,6 +23,8 @@ class Container {
private array $secrets; private array $secrets;
/** @var string[] */ /** @var string[] */
private array $devices; private array $devices;
/** @var string[] */
private array $capAdd;
private DockerActionManager $dockerActionManager; private DockerActionManager $dockerActionManager;
public function __construct( public function __construct(
@ -38,6 +40,7 @@ class Container {
array $dependsOn, array $dependsOn,
array $secrets, array $secrets,
array $devices, array $devices,
array $capAdd,
DockerActionManager $dockerActionManager DockerActionManager $dockerActionManager
) { ) {
$this->identifier = $identifier; $this->identifier = $identifier;
@ -52,6 +55,7 @@ class Container {
$this->dependsOn = $dependsOn; $this->dependsOn = $dependsOn;
$this->secrets = $secrets; $this->secrets = $secrets;
$this->devices = $devices; $this->devices = $devices;
$this->capAdd = $capAdd;
$this->dockerActionManager = $dockerActionManager; $this->dockerActionManager = $dockerActionManager;
} }
@ -83,6 +87,10 @@ class Container {
return $this->devices; return $this->devices;
} }
public function GetCapAdds() : array {
return $this->capAdd;
}
public function GetPorts() : ContainerPorts { public function GetPorts() : ContainerPorts {
return $this->ports; return $this->ports;
} }

6
php/src/ContainerDefinitionFetcher.php
View file

@ -213,6 +213,11 @@ class ContainerDefinitionFetcher
$devices = $entry['devices']; $devices = $entry['devices'];
} }
$capAdd = [];
if (isset($entry['cap_add'])) {
$capAdd = $entry['cap_add'];
}
$containers[] = new Container( $containers[] = new Container(
$entry['container_name'], $entry['container_name'],
$displayName, $displayName,
@ -226,6 +231,7 @@ class ContainerDefinitionFetcher
$dependsOn, $dependsOn,
$secrets, $secrets,
$devices, $devices,
$capAdd,
$this->container->get(DockerActionManager::class) $this->container->get(DockerActionManager::class)
); );
} }

6
php/src/Docker/DockerActionManager.php
View file

@ -411,9 +411,13 @@ class DockerActionManager
$requestBody['HostConfig']['Devices'] = $devices; $requestBody['HostConfig']['Devices'] = $devices;
} }
$capAdds = $container->GetCapAdds();
if (count($capAdds) > 0) {
$requestBody['HostConfig']['CapAdd'] = $capAdds;
}
// Special things for the backup container which should not be exposed in the containers.json // Special things for the backup container which should not be exposed in the containers.json
if ($container->GetIdentifier() === 'nextcloud-aio-borgbackup') { if ($container->GetIdentifier() === 'nextcloud-aio-borgbackup') {
$requestBody['HostConfig']['CapAdd'] = ["SYS_ADMIN"];
$requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined"]; $requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined"];
// Additional backup directories // Additional backup directories