eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-19 22:16:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Merge pull request #5528 from nextcloud/enh/noid/add-user-ids

Browse source 
add user-IDs to all containers
This commit is contained in:
Simon L. 2024-11-06 16:13:50 +01:00 committed by GitHub
commit 8d81f56a9f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 35 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/json-validator.yml vendored
View file

@ -21,7 +21,7 @@ jobs:
run: | run: |
sudo apt-get update sudo apt-get update
sudo apt-get install python3-pip -y --no-install-recommends sudo apt-get install python3-pip -y --no-install-recommends
sudo pip3 install json-spec sudo pip3 install json-spec --break-system-packages
if ! json validate --schema-file=php/containers-schema.json --document-file=php/containers.json; then if ! json validate --schema-file=php/containers-schema.json --document-file=php/containers.json; then
exit 1 exit 1
fi fi

2
Containers/apache/Dockerfile
View file

@ -81,7 +81,7 @@ RUN set -ex; \
\ \
echo "root:$(openssl rand -base64 12)" | chpasswd echo "root:$(openssl rand -base64 12)" | chpasswd
USER www-data USER 33
ENTRYPOINT ["/start.sh"] ENTRYPOINT ["/start.sh"]
CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]

2
Containers/clamav/Dockerfile
View file

@ -19,7 +19,7 @@ RUN set -ex; \
VOLUME /var/lib/clamav VOLUME /var/lib/clamav
USER clamav USER 100
LABEL com.centurylinklabs.watchtower.enable="false" LABEL com.centurylinklabs.watchtower.enable="false"

2
Containers/imaginary/Dockerfile
View file

@ -33,7 +33,7 @@ COPY --chmod=775 start.sh /start.sh
ENV PORT=9000 ENV PORT=9000
USER nobody USER 65534
# https://github.com/h2non/imaginary#memory-issues # https://github.com/h2non/imaginary#memory-issues
ENV MALLOC_ARENA_MAX=2 ENV MALLOC_ARENA_MAX=2

2
Containers/postgresql/Dockerfile
View file

@ -39,7 +39,7 @@ RUN set -ex; \
VOLUME /mnt/data VOLUME /mnt/data
USER postgres USER 999
ENTRYPOINT ["/start.sh"] ENTRYPOINT ["/start.sh"]
HEALTHCHECK CMD /healthcheck.sh HEALTHCHECK CMD /healthcheck.sh

2
Containers/redis/Dockerfile
View file

@ -14,7 +14,7 @@ RUN set -ex; \
# Get rid of unused binaries # Get rid of unused binaries
rm -f /usr/local/bin/gosu; rm -f /usr/local/bin/gosu;
USER redis USER 999
ENTRYPOINT ["/start.sh"] ENTRYPOINT ["/start.sh"]
HEALTHCHECK CMD redis-cli -a $REDIS_HOST_PASSWORD PING || exit 1 HEALTHCHECK CMD redis-cli -a $REDIS_HOST_PASSWORD PING || exit 1

4
Containers/talk-recording/Dockerfile
View file

@ -28,7 +28,7 @@ RUN set -ex; \
build-base \ build-base \
linux-headers \ linux-headers \
geckodriver; \ geckodriver; \
useradd -d /tmp --system recording; \ useradd -d /tmp --system recording -u 122; \
# Give root a random password # Give root a random password
echo "root:$(openssl rand -base64 12)" | chpasswd; \ echo "root:$(openssl rand -base64 12)" | chpasswd; \
git clone --recursive https://github.com/nextcloud/nextcloud-talk-recording --depth=1 --single-branch --branch "$RECORDING_VERSION" /src; \ git clone --recursive https://github.com/nextcloud/nextcloud-talk-recording --depth=1 --single-branch --branch "$RECORDING_VERSION" /src; \
@ -49,7 +49,7 @@ RUN set -ex; \
linux-headers; linux-headers;
WORKDIR /tmp WORKDIR /tmp
USER recording USER 122
ENTRYPOINT ["/start.sh"] ENTRYPOINT ["/start.sh"]
CMD ["python", "-m", "nextcloud.talk.recording", "--config", "/conf/recording.conf"] CMD ["python", "-m", "nextcloud.talk.recording", "--config", "/conf/recording.conf"]

2
Containers/talk/Dockerfile
View file

@ -99,7 +99,7 @@ RUN set -ex; \
ln -s /opt/eturnal/bin/stun /usr/local/bin/stun; \ ln -s /opt/eturnal/bin/stun /usr/local/bin/stun; \
ln -s /opt/eturnal/bin/eturnalctl /usr/local/bin/eturnalctl ln -s /opt/eturnal/bin/eturnalctl /usr/local/bin/eturnalctl
USER eturnal USER 1000
ENTRYPOINT ["/start.sh"] ENTRYPOINT ["/start.sh"]
CMD ["supervisord", "-c", "/supervisord.conf"] CMD ["supervisord", "-c", "/supervisord.conf"]

2
Containers/whiteboard/Dockerfile
View file

@ -5,7 +5,7 @@ USER root
RUN set -ex; \ RUN set -ex; \
apk upgrade --no-cache -a; \ apk upgrade --no-cache -a; \
apk add --no-cache bash apk add --no-cache bash
USER nobody USER 65534
COPY --chmod=775 start.sh /start.sh COPY --chmod=775 start.sh /start.sh

10
manual-install/latest.yml
View file

@ -20,6 +20,7 @@ services:
condition: service_started condition: service_started
required: false required: false
image: nextcloud/aio-apache:latest image: nextcloud/aio-apache:latest
user: 33
init: true init: true
ports: ports:
- ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/tcp - ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/tcp
@ -53,6 +54,7 @@ services:
nextcloud-aio-database: nextcloud-aio-database:
image: nextcloud/aio-postgresql:latest image: nextcloud/aio-postgresql:latest
user: 999
init: true init: true
expose: expose:
- "5432" - "5432"
@ -161,6 +163,7 @@ services:
nextcloud-aio-notify-push: nextcloud-aio-notify-push:
image: nextcloud/aio-notify-push:latest image: nextcloud/aio-notify-push:latest
user: 33
init: true init: true
expose: expose:
- "7867" - "7867"
@ -183,6 +186,7 @@ services:
nextcloud-aio-redis: nextcloud-aio-redis:
image: nextcloud/aio-redis:latest image: nextcloud/aio-redis:latest
user: 999
init: true init: true
expose: expose:
- "6379" - "6379"
@ -198,6 +202,7 @@ services:
nextcloud-aio-collabora: nextcloud-aio-collabora:
image: nextcloud/aio-collabora:latest image: nextcloud/aio-collabora:latest
user: 100
init: true init: true
expose: expose:
- "9980" - "9980"
@ -219,6 +224,7 @@ services:
nextcloud-aio-talk: nextcloud-aio-talk:
image: nextcloud/aio-talk:latest image: nextcloud/aio-talk:latest
user: 1000
init: true init: true
ports: ports:
- ${TALK_PORT}:${TALK_PORT}/tcp - ${TALK_PORT}:${TALK_PORT}/tcp
@ -249,6 +255,7 @@ services:
nextcloud-aio-talk-recording: nextcloud-aio-talk-recording:
image: nextcloud/aio-talk-recording:latest image: nextcloud/aio-talk-recording:latest
user: 122
init: true init: true
expose: expose:
- "1234" - "1234"
@ -270,6 +277,7 @@ services:
nextcloud-aio-clamav: nextcloud-aio-clamav:
image: nextcloud/aio-clamav:latest image: nextcloud/aio-clamav:latest
user: 100
init: false init: false
expose: expose:
- "3310" - "3310"
@ -310,6 +318,7 @@ services:
nextcloud-aio-imaginary: nextcloud-aio-imaginary:
image: nextcloud/aio-imaginary:latest image: nextcloud/aio-imaginary:latest
user: 65534
init: true init: true
expose: expose:
- "9000" - "9000"
@ -353,6 +362,7 @@ services:
nextcloud-aio-whiteboard: nextcloud-aio-whiteboard:
image: nextcloud/aio-whiteboard:latest image: nextcloud/aio-whiteboard:latest
user: 65534
init: true init: true
expose: expose:
- "3002" - "3002"

1
manual-install/update-yaml.sh
View file

@ -19,6 +19,7 @@ OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].backup_volumes)')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].nextcloud_exec_commands)')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].nextcloud_exec_commands)')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].image_tag)')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].image_tag)')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].networks)')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].networks)')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].documentation)')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-watchtower"))')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-watchtower"))')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-domaincheck"))')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-domaincheck"))')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-borgbackup"))')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-borgbackup"))')"

3
php/containers-schema.json
View file

@ -68,6 +68,9 @@
"stop_grace_period": { "stop_grace_period": {
"type": "integer" "type": "integer"
}, },
"user": {
"type": "integer"
},
"ports": { "ports": {
"type": "array", "type": "array",
"items": { "items": {

10
php/containers.json
View file

@ -13,6 +13,7 @@
], ],
"display_name": "Apache", "display_name": "Apache",
"image": "nextcloud/aio-apache", "image": "nextcloud/aio-apache",
"user": 33,
"init": true, "init": true,
"ports": [ "ports": [
{ {
@ -78,6 +79,7 @@
"image_tag": "%AIO_CHANNEL%", "image_tag": "%AIO_CHANNEL%",
"display_name": "Database", "display_name": "Database",
"image": "nextcloud/aio-postgresql", "image": "nextcloud/aio-postgresql",
"user": 999,
"init": true, "init": true,
"expose": [ "expose": [
"5432" "5432"
@ -251,6 +253,7 @@
"image_tag": "%AIO_CHANNEL%", "image_tag": "%AIO_CHANNEL%",
"display_name": "Notify Push", "display_name": "Notify Push",
"image": "nextcloud/aio-notify-push", "image": "nextcloud/aio-notify-push",
"user": 33,
"init": true, "init": true,
"expose": [ "expose": [
"7867" "7867"
@ -292,6 +295,7 @@
"image_tag": "%AIO_CHANNEL%", "image_tag": "%AIO_CHANNEL%",
"display_name": "Redis", "display_name": "Redis",
"image": "nextcloud/aio-redis", "image": "nextcloud/aio-redis",
"user": 999,
"init": true, "init": true,
"expose": [ "expose": [
"6379" "6379"
@ -328,6 +332,7 @@
"documentation": "https://github.com/nextcloud/all-in-one/discussions/1358", "documentation": "https://github.com/nextcloud/all-in-one/discussions/1358",
"display_name": "Collabora", "display_name": "Collabora",
"image": "nextcloud/aio-collabora", "image": "nextcloud/aio-collabora",
"user": 100,
"init": true, "init": true,
"expose": [ "expose": [
"9980" "9980"
@ -366,6 +371,7 @@
"documentation": "https://github.com/nextcloud/all-in-one/discussions/1358", "documentation": "https://github.com/nextcloud/all-in-one/discussions/1358",
"display_name": "Talk", "display_name": "Talk",
"image": "nextcloud/aio-talk", "image": "nextcloud/aio-talk",
"user": 1000,
"init": true, "init": true,
"ports": [ "ports": [
{ {
@ -422,6 +428,7 @@
"image_tag": "%AIO_CHANNEL%", "image_tag": "%AIO_CHANNEL%",
"display_name": "Talk Recording", "display_name": "Talk Recording",
"image": "nextcloud/aio-talk-recording", "image": "nextcloud/aio-talk-recording",
"user": 122,
"init": true, "init": true,
"expose": [ "expose": [
"1234" "1234"
@ -575,6 +582,7 @@
"image_tag": "%AIO_CHANNEL%", "image_tag": "%AIO_CHANNEL%",
"display_name": "ClamAV", "display_name": "ClamAV",
"image": "nextcloud/aio-clamav", "image": "nextcloud/aio-clamav",
"user": 100,
"init": false, "init": false,
"expose": [ "expose": [
"3310" "3310"
@ -655,6 +663,7 @@
"image_tag": "%AIO_CHANNEL%", "image_tag": "%AIO_CHANNEL%",
"display_name": "Imaginary", "display_name": "Imaginary",
"image": "nextcloud/aio-imaginary", "image": "nextcloud/aio-imaginary",
"user": 65534,
"init": true, "init": true,
"expose": [ "expose": [
"9000" "9000"
@ -760,6 +769,7 @@
"image_tag": "%AIO_CHANNEL%", "image_tag": "%AIO_CHANNEL%",
"display_name": "Whiteboard", "display_name": "Whiteboard",
"image": "nextcloud/aio-whiteboard", "image": "nextcloud/aio-whiteboard",
"user": 65534,
"init": true, "init": true,
"expose": [ "expose": [
"3002" "3002"