eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-19 22:16:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

allow to run containers without access to the docker socket

Browse source 
Signed-off-by: szaimen <szaimen@e.mail.de>
This commit is contained in:
szaimen 2022-05-09 01:47:54 +02:00
parent 9a0e3eccde
commit b003a8b49b
8 changed files with 575 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

140
manual-install/latest-arm64.yml Normal file
View file

@ -0,0 +1,140 @@
version: "3.8"
services:
nextcloud-aio-apache:
container_name: nextcloud-aio-apache
depends_on:
- nextcloud-aio-onlyoffice
- nextcloud-aio-collabora
- nextcloud-aio-clamav
- nextcloud-aio-talk
- nextcloud-aio-nextcloud
image: nextcloud/aio-apache:latest-arm64
ports:
- ${APACHE_PORT}:${APACHE_PORT}/tcp
environment:
- NC_DOMAIN=${NC_DOMAIN}
- NEXTCLOUD_HOST=nextcloud-aio-nextcloud
- COLLABORA_HOST=nextcloud-aio-collabora
- TALK_HOST=nextcloud-aio-talk
- APACHE_PORT=${APACHE_PORT}
- ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
volumes:
- nextcloud_aio_nextcloud:/var/www/html:ro
- nextcloud_aio_apache:/mnt/data:rw
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-database:
container_name: nextcloud-aio-database
image: nextcloud/aio-postgresql:latest-arm64
volumes:
- nextcloud_aio_database:/var/lib/postgresql/data:rw
- nextcloud_aio_database_dump:/mnt/data:rw
environment:
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
- POSTGRES_DB=nextcloud_database
- POSTGRES_USER=nextcloud
stop_grace_period: 1800s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-nextcloud:
container_name: nextcloud-aio-nextcloud
depends_on:
- nextcloud-aio-database
- nextcloud-aio-redis
image: nextcloud/aio-nextcloud:latest-arm64
volumes:
- nextcloud_aio_nextcloud:/var/www/html:rw
- ${NEXTCLOUD_DATADIR}:/mnt/ncdata:rw
- ${NEXTCLOUD_MOUNT}:${NEXTCLOUD_MOUNT}:rw
environment:
- POSTGRES_HOST=nextcloud-aio-database
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
- POSTGRES_DB=nextcloud_database
- POSTGRES_USER=nextcloud
- REDIS_HOST=nextcloud-aio-redis
- REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
- AIO_TOKEN=${AIO_TOKEN}
- NC_DOMAIN=${NC_DOMAIN}
- ADMIN_USER=admin
- ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD}
- NEXTCLOUD_DATA_DIR=/mnt/ncdata
- OVERWRITEHOST=${NC_DOMAIN}
- OVERWRITEPROTOCOL=https
- TURN_SECRET=${TURN_SECRET}
- SIGNALING_SECRET=${SIGNALING_SECRET}
- AIO_URL=${AIO_URL}
- NEXTCLOUD_MOUNT=${NEXTCLOUD_MOUNT}
- CLAMAV_ENABLED=${CLAMAV_ENABLED}
- CLAMAV_HOST=nextcloud-aio-clamav
- ONLYOFFICE_ENABLED=${ONLYOFFICE_ENABLED}
- COLLABORA_ENABLED=${COLLABORA_ENABLED}
- COLLABORA_HOST=nextcloud-aio-collabora
- TALK_ENABLED=${TALK_ENABLED}
- ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
- DAILY_BACKUP_RUNNING=${DAILY_BACKUP_RUNNING}
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-redis:
container_name: nextcloud-aio-redis
image: nextcloud/aio-redis:latest-arm64
environment:
- REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-collabora:
container_name: nextcloud-aio-collabora
image: nextcloud/aio-collabora:latest-arm64
environment:
- aliasgroup1=https://${NC_DOMAIN}:443
- extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-talk:
container_name: nextcloud-aio-talk
image: nextcloud/aio-talk:latest-arm64
ports:
- 3478:3478/tcp
- 3478:3478/udp
environment:
- NC_DOMAIN=${NC_DOMAIN}
- TURN_SECRET=${TURN_SECRET}
- SIGNALING_SECRET=${SIGNALING_SECRET}
- JANUS_API_KEY=${JANUS_API_KEY}
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
volumes:
nextcloud_aio_apache:
name: nextcloud_aio_apache
nextcloud_aio_clamav:
name: nextcloud_aio_clamav
nextcloud_aio_database:
name: nextcloud_aio_database
nextcloud_aio_database_dump:
name: nextcloud_aio_database_dump
nextcloud_aio_nextcloud:
name: nextcloud_aio_nextcloud
nextcloud_aio_onlyoffice:
name: nextcloud_aio_onlyoffice
nextcloud_aio_nextcloud_data:
name: nextcloud_aio_nextcloud_data
networks:
nextcloud-aio:

160
manual-install/latest.yml Normal file
View file

@ -0,0 +1,160 @@
version: "3.8"
services:
nextcloud-aio-apache:
container_name: nextcloud-aio-apache
depends_on:
- nextcloud-aio-onlyoffice
- nextcloud-aio-collabora
- nextcloud-aio-clamav
- nextcloud-aio-talk
- nextcloud-aio-nextcloud
image: nextcloud/aio-apache:latest
ports:
- ${APACHE_PORT}:${APACHE_PORT}/tcp
environment:
- NC_DOMAIN=${NC_DOMAIN}
- NEXTCLOUD_HOST=nextcloud-aio-nextcloud
- COLLABORA_HOST=nextcloud-aio-collabora
- TALK_HOST=nextcloud-aio-talk
- APACHE_PORT=${APACHE_PORT}
- ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
volumes:
- nextcloud_aio_nextcloud:/var/www/html:ro
- nextcloud_aio_apache:/mnt/data:rw
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-database:
container_name: nextcloud-aio-database
image: nextcloud/aio-postgresql:latest
volumes:
- nextcloud_aio_database:/var/lib/postgresql/data:rw
- nextcloud_aio_database_dump:/mnt/data:rw
environment:
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
- POSTGRES_DB=nextcloud_database
- POSTGRES_USER=nextcloud
stop_grace_period: 1800s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-nextcloud:
container_name: nextcloud-aio-nextcloud
depends_on:
- nextcloud-aio-database
- nextcloud-aio-redis
image: nextcloud/aio-nextcloud:latest
volumes:
- nextcloud_aio_nextcloud:/var/www/html:rw
- ${NEXTCLOUD_DATADIR}:/mnt/ncdata:rw
- ${NEXTCLOUD_MOUNT}:${NEXTCLOUD_MOUNT}:rw
environment:
- POSTGRES_HOST=nextcloud-aio-database
- POSTGRES_PASSWORD=${DATABASE_PASSWORD}
- POSTGRES_DB=nextcloud_database
- POSTGRES_USER=nextcloud
- REDIS_HOST=nextcloud-aio-redis
- REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
- AIO_TOKEN=${AIO_TOKEN}
- NC_DOMAIN=${NC_DOMAIN}
- ADMIN_USER=admin
- ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD}
- NEXTCLOUD_DATA_DIR=/mnt/ncdata
- OVERWRITEHOST=${NC_DOMAIN}
- OVERWRITEPROTOCOL=https
- TURN_SECRET=${TURN_SECRET}
- SIGNALING_SECRET=${SIGNALING_SECRET}
- AIO_URL=${AIO_URL}
- NEXTCLOUD_MOUNT=${NEXTCLOUD_MOUNT}
- CLAMAV_ENABLED=${CLAMAV_ENABLED}
- CLAMAV_HOST=nextcloud-aio-clamav
- ONLYOFFICE_ENABLED=${ONLYOFFICE_ENABLED}
- COLLABORA_ENABLED=${COLLABORA_ENABLED}
- COLLABORA_HOST=nextcloud-aio-collabora
- TALK_ENABLED=${TALK_ENABLED}
- ONLYOFFICE_HOST=nextcloud-aio-onlyoffice
- DAILY_BACKUP_RUNNING=${DAILY_BACKUP_RUNNING}
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-redis:
container_name: nextcloud-aio-redis
image: nextcloud/aio-redis:latest
environment:
- REDIS_HOST_PASSWORD=${REDIS_PASSWORD}
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-collabora:
container_name: nextcloud-aio-collabora
image: nextcloud/aio-collabora:latest
environment:
- aliasgroup1=https://${NC_DOMAIN}:443
- extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.level=warning
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-talk:
container_name: nextcloud-aio-talk
image: nextcloud/aio-talk:latest
ports:
- 3478:3478/tcp
- 3478:3478/udp
environment:
- NC_DOMAIN=${NC_DOMAIN}
- TURN_SECRET=${TURN_SECRET}
- SIGNALING_SECRET=${SIGNALING_SECRET}
- JANUS_API_KEY=${JANUS_API_KEY}
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-clamav:
container_name: nextcloud-aio-clamav
image: nextcloud/aio-clamav:latest
volumes:
- nextcloud_aio_clamav:/var/lib/clamav:rw
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
nextcloud-aio-onlyoffice:
container_name: nextcloud-aio-onlyoffice
image: nextcloud/aio-onlyoffice:latest
volumes:
- nextcloud_aio_onlyoffice:/var/lib/onlyoffice:rw
stop_grace_period: 10s
restart: unless-stopped
networks:
- nextcloud-aio
volumes:
nextcloud_aio_apache:
name: nextcloud_aio_apache
nextcloud_aio_clamav:
name: nextcloud_aio_clamav
nextcloud_aio_database:
name: nextcloud_aio_database
nextcloud_aio_database_dump:
name: nextcloud_aio_database_dump
nextcloud_aio_nextcloud:
name: nextcloud_aio_nextcloud
nextcloud_aio_onlyoffice:
name: nextcloud_aio_onlyoffice
nextcloud_aio_nextcloud_data:
name: nextcloud_aio_nextcloud_data
networks:
nextcloud-aio:

17
manual-install/sample.conf Normal file
View file

@ -0,0 +1,17 @@
AIO_TOKEN=123456 # Has no function but needs to be set!
AIO_URL=localhost # Has no function but needs to be set!
APACHE_PORT=443 # Changing this to a different value than 443 will allow you to run it behind a reverse proxy.
CLAMAV_ENABLED=no # Setting this to "yes" enables the option in Nextcloud automatically.
COLLABORA_ENABLED=yes # Setting this to "yes" enables the option in Nextcloud automatically.
DAILY_BACKUP_RUNNING=no # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup.
DATABASE_PASSWORD= # TODO! This needs to be a unique and good password!
JANUS_API_KEY= # TODO! This needs to be a unique and good password!
NC_DOMAIN=yourdomain.com # TODO! Needs to be changed to the domain that you want to use for Nextcloud.
NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards!
NEXTCLOUD_MOUNT=/mnt/ # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!
NEXTCLOUD_PASSWORD= # TODO! This is the password of the initially created Nextcloud admin with username "admin".
ONLYOFFICE_ENABLED=no # Setting this to "yes" enables the option in Nextcloud automatically.
REDIS_PASSWORD= # TODO! This needs to be a unique and good password!
SIGNALING_SECRET= # TODO! This needs to be a unique and good password!
TALK_ENABLED=yes # Setting this to "yes" enables the option in Nextcloud automatically.
TURN_SECRET= # TODO! This needs to be a unique and good password!

118
manual-install/update-yaml.sh Normal file
View file

@ -0,0 +1,118 @@
#!/bin/bash
jq -c . ./php/containers.json > /tmp/containers.json
sed -i 's|","location":"|:|g' /tmp/containers.json
sed -i 's|","writeable":false|:ro"|g' /tmp/containers.json
sed -i 's|","writeable":true|:rw"|g' /tmp/containers.json
OUTPUT="$(cat /tmp/containers.json)"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[].internalPorts)')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[].secrets)')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-watchtower"))')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-domaincheck"))')"
OUTPUT="$(echo "$OUTPUT" | jq 'del(.production[] | select(.identifier == "nextcloud-aio-borgbackup"))')"
snap install yq
mkdir -p ./manual-install
echo "$OUTPUT" | yq -P > ./manual-install/containers.yml
cd manual-install || exit
sed -i "s|'||g" containers.yml
sed -i 's|production:|services:|' containers.yml
sed -i 's|- identifier:| container_name:|' containers.yml
sed -i 's|restartPolicy:|restart:|' containers.yml
sed -i 's|environmentVariables:|environment:|' containers.yml
sed -i '/displayName:/d' containers.yml
sed -i 's|maxShutdownTime:|stop_grace_period:|' containers.yml
sed -i '/stop_grace_period:/s/$/s/' containers.yml
sed -i 's|containerName:|image:|' containers.yml
sed -i '/: \[\]/d' containers.yml
sed -i 's|dependsOn:|depends_on:|' containers.yml
sed -i 's|- name: |- |' containers.yml
TCP="$(grep -oP '[%A-Z0-9_]+/tcp' containers.yml | sort -u)"
mapfile -t TCP <<< "$TCP"
for port in "${TCP[@]}"
do
solve_port="${port%%/tcp}"
sed -i "s|$port|$solve_port:$solve_port/tcp|" containers.yml
done
UDP="$(grep -oP '[%A-Z0-9_]+/udp' containers.yml | sort -u)"
mapfile -t UDP <<< "$UDP"
for port in "${UDP[@]}"
do
solve_port="${port%%/udp}"
sed -i "s|$port|$solve_port:$solve_port/udp|" containers.yml
done
rm -f sample.conf
VARIABLES="$(grep -oP '%[A-Z_a-z0-6]+%' containers.yml | sort -u)"
mapfile -t VARIABLES <<< "$VARIABLES"
for variable in "${VARIABLES[@]}"
do
# shellcheck disable=SC2001
sole_variable="$(echo "$variable" | sed 's|%||g')"
echo "$sole_variable=" >> sample.conf
sed -i "s|$variable|\${$sole_variable}|g" containers.yml
done
sed -i 's|_ENABLED=|_ENABLED=no # Setting this to "yes" enables the option in Nextcloud automatically.|' sample.conf
sed -i 's|TALK_ENABLED=no|TALK_ENABLED=yes|' sample.conf
sed -i 's|COLLABORA_ENABLED=no|COLLABORA_ENABLED=yes|' sample.conf
sed -i 's|NEXTCLOUD_DATADIR=|NEXTCLOUD_DATADIR=nextcloud_aio_nextcloud_data # You can change this to e.g. "/mnt/ncdata" to map it to a location on your host. It needs to be adjusted before the first startup and never afterwards!|' sample.conf
sed -i 's|NEXTCLOUD_MOUNT=|NEXTCLOUD_MOUNT=/mnt/ # This allows the Nextcloud container to access directories on the host. It must never be equal to the value of NEXTCLOUD_DATADIR!|' sample.conf
sed -i 's|DAILY_BACKUP_RUNNING=|DAILY_BACKUP_RUNNING=no # When setting to yes, it will automatically update all installed Nextcloud apps upon container startup.|' sample.conf
sed -i 's|APACHE_PORT=|APACHE_PORT=443 # Changing this to a different value than 443 will allow you to run it behind a reverse proxy.|' sample.conf
sed -i 's|AIO_TOKEN=|AIO_TOKEN=123456 # Has no function but needs to be set!|' sample.conf
sed -i 's|AIO_URL=|AIO_URL=localhost # Has no function but needs to be set!|' sample.conf
sed -i 's|NC_DOMAIN=|NC_DOMAIN=yourdomain.com # TODO! Needs to be changed to the domain that you want to use for Nextcloud.|' sample.conf
sed -i 's|NEXTCLOUD_PASSWORD=|NEXTCLOUD_PASSWORD= # TODO! This is the password of the initially created Nextcloud admin with username "admin".|' sample.conf
sed -i 's|=$|= # TODO! This needs to be a unique and good password!|' sample.conf
cat sample.conf
OUTPUT="$(cat containers.yml)"
NAMES="$(grep -oP "container_name:.*" containers.yml | grep -oP 'nextcloud-aio.*')"
mapfile -t NAMES <<< "$NAMES"
for name in "${NAMES[@]}"
do
OUTPUT="$(echo "$OUTPUT" | sed "/container_name.*$name/i\ \ $name:")"
if [ "$name" != "nextcloud-aio-apache" ]; then
OUTPUT="$(echo "$OUTPUT" | sed "/ $name:/i\ ")"
fi
done
OUTPUT="$(echo "$OUTPUT" | sed "/restart: /a\ \ \ \ networks:\n\ \ \ \ \ \ - nextcloud-aio")"
echo 'version: "3.8"' > containers.yml
echo "" >> containers.yml
echo "$OUTPUT" >> containers.yml
VOLUMES="$(grep -oP 'nextcloud_aio_[a-z_]+' containers.yml | sort -u)"
mapfile -t VOLUMES <<< "$VOLUMES"
echo "" >> containers.yml
echo "volumes:" >> containers.yml
for volume in "${VOLUMES[@]}" "nextcloud_aio_nextcloud_data"
do
cat << VOLUMES >> containers.yml
$volume:
name: $volume
VOLUMES
done
cat << NETWORK >> containers.yml
networks:
nextcloud-aio:
NETWORK
cat containers.yml > latest.yml
sed -i '/image:/s/$/:latest/' latest.yml
cat containers.yml > latest-arm64.yml
sed -i '/image:/s/$/:latest-arm64/' latest-arm64.yml
sed -i '/ nextcloud-aio-clamav:/,/^$/d' latest-arm64.yml
sed -i '/ nextcloud-aio-onlyoffice:/,/^$/d' latest-arm64.yml
rm containers.yml