eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-20 06:26:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Merge pull request #3245 from nextcloud/enh/noid/fix-securityopt

Browse source
This commit is contained in:
Simon L 2023-08-25 12:23:48 +02:00 committed by GitHub
commit 722a96828e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
php/src/Docker/DockerActionManager.php
View file

@ -511,7 +511,7 @@ class DockerActionManager
} }
// Special things for the watchtower and docker-socket-proxy container which should not be exposed in the containers.json // Special things for the watchtower and docker-socket-proxy container which should not be exposed in the containers.json
} elseif ($container->GetIdentifier() === 'nextcloud-aio-watchtower' || $container->GetIdentifier() === 'nextcloud-aio-docker-socket-proxy') { } elseif ($container->GetIdentifier() === 'nextcloud-aio-watchtower' || $container->GetIdentifier() === 'nextcloud-aio-docker-socket-proxy') {
$requestBody['HostConfig']['SecurityOpt'] = ["label=disabled"]; $requestBody['HostConfig']['SecurityOpt'] = ["label:disable"];
} }
if (count($mounts) > 0) { if (count($mounts) > 0) {

2
readme.md
View file

@ -280,7 +280,7 @@ Afterwards it should work.<br>
See https://dev.to/ozorest/fedora-32-how-to-solve-docker-internal-network-issue-22me for more details on this. This limitation is even mentioned on the official firewalld website: https://firewalld.org/#who-is-using-it See https://dev.to/ozorest/fedora-32-how-to-solve-docker-internal-network-issue-22me for more details on this. This limitation is even mentioned on the official firewalld website: https://firewalld.org/#who-is-using-it
### Are there known problems when SELinux is enabled? ### Are there known problems when SELinux is enabled?
Yes. If SELinux is enabled, you might need to add the `--security-opt label=disabled` option to the docker run command of the mastercontainer in order to allow it to access the docker socket (or `security_opt: ["label=disabled"]` in compose.yaml). See https://github.com/nextcloud/all-in-one/discussions/485 Yes. If SELinux is enabled, you might need to add the `--security-opt label:disable` option to the docker run command of the mastercontainer in order to allow it to access the docker socket (or `security_opt: ["label:disable"]` in compose.yaml). See https://github.com/nextcloud/all-in-one/discussions/485
### How to run `occ` commands? ### How to run `occ` commands?
Simply run the following: `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ your-command`. Of course `your-command` needs to be exchanged with the command that you want to run. Simply run the following: `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ your-command`. Of course `your-command` needs to be exchanged with the command that you want to run.