From 5004a46e2a251d738f57a80ef435f8efeedecc65 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 14 Mar 2025 04:43:29 +0000 Subject: [PATCH 01/29] build(deps): bump collabora/code in /Containers/collabora Bumps collabora/code from 24.04.12.4.1 to 24.04.13.2.1. --- updated-dependencies: - dependency-name: collabora/code dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Containers/collabora/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index e9ca4d01..d9c487a4 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker -FROM collabora/code:24.04.12.4.1 +FROM collabora/code:24.04.13.2.1 USER root ARG DEBIAN_FRONTEND=noninteractive From f7183b8d32b57cdd873b84c52d7c815503398e3d Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 25 Mar 2025 12:13:31 +0100 Subject: [PATCH 02/29] aio-interface: rename `isDockerHubReachable` to `isRegistryReachable` Signed-off-by: Simon L. --- php/src/Controller/DockerController.php | 6 +++--- php/src/Docker/DockerActionManager.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index ee439824..6c55b3da 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -41,12 +41,12 @@ readonly class DockerController { } } - // Check if docker hub is reachable in order to make sure that we do not try to pull an image if it is down + // Check if registry is reachable in order to make sure that we do not try to pull an image if it is down // and try to mitigate issues that are arising due to that if ($pullImage) { - if (!$this->dockerActionManager->isDockerHubReachable($container)) { + if (!$this->dockerActionManager->isRegistryReachable($container)) { $pullImage = false; - error_log('Not pulling the ' . $container->GetContainerName() . ' image for the ' . $container->GetIdentifier() . ' container because docker hub does not seem to be reachable.'); + error_log('Not pulling the ' . $container->GetContainerName() . ' image for the ' . $container->GetIdentifier() . ' container because the registry does not seem to be reachable.'); } } diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index bbcd4b77..71242d92 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -599,7 +599,7 @@ readonly class DockerActionManager { } - public function isDockerHubReachable(Container $container): bool { + public function isRegistryReachable(Container $container): bool { $tag = $container->GetImageTag(); if ($tag === '%AIO_CHANNEL%') { $tag = $this->GetCurrentChannel(); From 328a85511f1bbbfc954e27da944e5dc5d0eb321c Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 25 Mar 2025 09:08:01 +0100 Subject: [PATCH 03/29] docs: nextcloud/all-in-one moved to ghcr.io Signed-off-by: Simon L. --- community-containers/readme.md | 2 +- compose.yaml | 2 +- manual-upgrade.md | 4 ++-- multiple-instances.md | 2 +- php/README.md | 2 +- readme.md | 44 +++++++++++++++++----------------- reverse-proxy.md | 10 ++++---- 7 files changed, 33 insertions(+), 33 deletions(-) diff --git a/community-containers/readme.md b/community-containers/readme.md index 0c82d6fe..07ba7602 100644 --- a/community-containers/readme.md +++ b/community-containers/readme.md @@ -7,7 +7,7 @@ All containers that are in this directory are community maintained so the respon ## How to use this? Before adding any additional container, make sure to create a backup via the AIO interface! -Afterwards, you might want to add additional community containers to the default AIO stack. You can do so by adding `--env AIO_COMMUNITY_CONTAINERS="container1 container2"` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must match the folder names in this directory! ⚠️⚠️⚠️ Please review the folder for documentation on each of the containers before adding them! Not reviewing the documentation for each of them first might break starting the AIO containers because e.g. fail2ban only works on Linux and not on Docker Desktop! **Hint:** If the containers where running already, in order to actually start the added container, you need to click on `Stop containers` and the `Update and start containers` in order to actually start it. +Afterwards, you might want to add additional community containers to the default AIO stack. You can do so by adding `--env AIO_COMMUNITY_CONTAINERS="container1 container2"` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must match the folder names in this directory! ⚠️⚠️⚠️ Please review the folder for documentation on each of the containers before adding them! Not reviewing the documentation for each of them first might break starting the AIO containers because e.g. fail2ban only works on Linux and not on Docker Desktop! **Hint:** If the containers where running already, in order to actually start the added container, you need to click on `Stop containers` and the `Update and start containers` in order to actually start it. ## How to add containers? Simply submit a PR by creating a new folder in this directory: https://github.com/nextcloud/all-in-one/tree/main/community-containers with the name of your container. It must include a json file with the same name and with correct syntax and a readme.md with additional information. You might get inspired by caddy, fail2ban, local-ai, libretranslate, plex, pi-hole or vaultwarden (subfolders in this directory). For a full-blown example of the json file, see https://github.com/nextcloud/all-in-one/blob/main/php/containers.json. The json-schema that it validates against can be found here: https://github.com/nextcloud/all-in-one/blob/main/php/containers-schema.json. diff --git a/compose.yaml b/compose.yaml index a72fbf50..a2836446 100644 --- a/compose.yaml +++ b/compose.yaml @@ -1,6 +1,6 @@ services: nextcloud-aio-mastercontainer: - image: nextcloud/all-in-one:latest + image: ghcr.io/nextcloud-releases/all-in-one:latest init: true restart: always container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly diff --git a/manual-upgrade.md b/manual-upgrade.md index 43aaebb2..c1478953 100644 --- a/manual-upgrade.md +++ b/manual-upgrade.md @@ -41,7 +41,7 @@ The only way to fix this on your side is upgrading regularly (e.g. by enabling d - e.g. `nextcloud/aio-nextcloud:php8.0-latest` or `nextcloud/aio-nextcloud:php8.0-latest-arm64` - - However, if you are unsure check the docker hub (https://hub.docker.com/r/nextcloud/aio-nextcloud/tags) + - However, if you are unsure check the ghcr.io (https://github.com/nextcloud-releases/all-in-one/pkgs/container/aio-nextcloud/versions?filters%5Bversion_type%5D=tagged) - Using nano and the arrow keys to navigate: - `sudo nano /tmp/nextcloud-aio-nextcloud` making changes as above, then `[Ctrl]+[o]` -> `[Enter]` and `[Ctrl]+[x]` to save and exit. 6. Next, stop and remove the current container: @@ -95,7 +95,7 @@ Make **note** of the version which is compatible, rounding down to 1 digit after ##### 5. Find the correct container version In general it should be ```nextcloud/aio-nextcloud:php8.x-latest-arm64``` or `nextcloud/aio-nextcloud:php8.x-latest` replacing `x` with the version you require. -However, if you are unsure check the docker hub (https://hub.docker.com/r/nextcloud/aio-nextcloud/tags) +However, if you are unsure check the ghcr.io (https://github.com/nextcloud-releases/all-in-one/pkgs/container/aio-nextcloud/versions?filters%5Bversion_type%5D=tagged) ##### 6. Replace the container - Navigate to the ```nextcloud-aio-nextcloud``` container within portainer diff --git a/multiple-instances.md b/multiple-instances.md index f98f867a..00386e1b 100644 --- a/multiple-instances.md +++ b/multiple-instances.md @@ -149,7 +149,7 @@ apt install --no-install-recommends qemu-system qemu-utils libvirt-clients libvi --env TALK_PORT=3478 \ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ --volume /var/run/docker.sock:/var/run/docker.sock:ro \ - nextcloud/all-in-one:latest + ghcr.io/nextcloud-releases/all-in-one:latest ``` The last command may take a few minutes. When it's finished, you should see a success message, saying "Initial startup of Nextcloud All-in-One complete!". Now exit the console session with `Ctrl + [c]`. This concludes the setup for this particular VM. diff --git a/php/README.md b/php/README.md index 29ade4ae..af824818 100644 --- a/php/README.md +++ b/php/README.md @@ -34,7 +34,7 @@ docker run \ --name nextcloud-aio-mastercontainer \ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ --volume /var/run/docker.sock:/var/run/docker.sock \ -nextcloud/all-in-one:latest +ghcr.io/nextcloud-releases/all-in-one:latest ``` ### 4. Start your server diff --git a/readme.md b/readme.md index 0eb92033..6e3a215c 100644 --- a/readme.md +++ b/readme.md @@ -111,7 +111,7 @@ curl -fsSL https://get.docker.com | sudo sh --publish 8443:8443 \ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ --volume /var/run/docker.sock:/var/run/docker.sock:ro \ - nextcloud/all-in-one:latest + ghcr.io/nextcloud-releases/all-in-one:latest ```
Explanation of the command @@ -126,7 +126,7 @@ curl -fsSL https://get.docker.com | sudo sh - `--publish 8443:8443` This means that port 8443 of the container should get published on the host using port 8443. If you publish port 80 and 8443 to the public internet, you can access the AIO interface via this port with a valid certificate. It is not needed if you run AIO behind a web server or reverse proxy and can get removed in that case as you can simply use port 8080 for the AIO interface then. - `--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config` This means that the files that are created by the mastercontainer will be stored in a docker volume that is called `nextcloud_aio_mastercontainer`. This line is not allowed to be changed, since built-in backups would fail later on. - `--volume /var/run/docker.sock:/var/run/docker.sock:ro` The docker socket is mounted into the container which is used for spinning up all the other containers and for further features. It needs to be adjusted on Windows/macOS and on docker rootless. See the applicable documentation on this. If adjusting, don't forget to also set `WATCHTOWER_DOCKER_SOCKET_PATH`! If you dislike this, see https://github.com/nextcloud/all-in-one/tree/main/manual-install. - - `nextcloud/all-in-one:latest` This is the docker container image that is used. + - `ghcr.io/nextcloud-releases/all-in-one:latest` This is the docker container image that is used. - Further options can be set using environment variables, for example `--env NEXTCLOUD_DATADIR="/mnt/ncdata"` (This is an example for Linux. See [this](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) for other OS' and for an explanation of what this value does. This specific one needs to be specified upon the first startup if you want to change it to a specific path instead of the default Docker volume). To see explanations and examples for further variables (like changing the location of Nextcloud's datadir or mounting some locations as external storage into the Nextcloud container), read through this readme and look at the docker-compose file: https://github.com/nextcloud/all-in-one/blob/main/compose.yaml
@@ -331,7 +331,7 @@ Now that this is out of the way, the recommended way how to access Nextcloud loc Apart from that there is now a community container that can be added to the AIO stack: https://github.com/nextcloud/all-in-one/tree/main/community-containers/pi-hole ### How to skip the domain validation? -If you are completely sure that you've configured everything correctly and are not able to pass the domain validation, you may skip the domain validation by adding `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). +If you are completely sure that you've configured everything correctly and are not able to pass the domain validation, you may skip the domain validation by adding `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). ### How to resolve firewall problems with Fedora Linux, RHEL OS, CentOS, SUSE Linux and others? It is known that Linux distros that use [firewalld](https://firewalld.org) as their firewall daemon have problems with docker networks. In case the containers are not able to communicate with each other, you may change your firewalld to use the iptables backend by running: @@ -344,7 +344,7 @@ Afterwards it should work.
See https://dev.to/ozorest/fedora-32-how-to-solve-docker-internal-network-issue-22me for more details on this. This limitation is even mentioned on the official firewalld website: https://firewalld.org/#who-is-using-it ### What can I do to fix the internal or reserved ip-address error? -If you get an error during the domain validation which states that your ip-address is an internal or reserved ip-address, you can fix this by first making sure that your domain indeed has the correct public ip-address that points to the server and then adding `--add-host yourdomain.com:` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) which will allow the domain validation to work correctly. And so that you know: even if the `A` record of your domain should change over time, this is no problem since the mastercontainer will not make any attempt to access the chosen domain after the initial domain validation. +If you get an error during the domain validation which states that your ip-address is an internal or reserved ip-address, you can fix this by first making sure that your domain indeed has the correct public ip-address that points to the server and then adding `--add-host yourdomain.com:` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) which will allow the domain validation to work correctly. And so that you know: even if the `A` record of your domain should change over time, this is no problem since the mastercontainer will not make any attempt to access the chosen domain after the initial domain validation. ## Infrastructure @@ -377,7 +377,7 @@ Yes. If SELinux is enabled, you might need to add the `--security-opt label:disa > [!WARNING] > Do not set or adjust this value after the initial Nextcloud installation is done! If you still want to do it afterwards, see [this](https://github.com/nextcloud/all-in-one/discussions/890#discussioncomment-3089903) on how to do it. -You can configure the Nextcloud container to use a specific directory on your host as data directory. You can do so by adding the environmental variable `NEXTCLOUD_DATADIR` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). Allowed values for that variable are strings that start with `/` and are not equal to `/`. The chosen directory or volume will then be mounted to `/mnt/ncdata` inside the container. +You can configure the Nextcloud container to use a specific directory on your host as data directory. You can do so by adding the environmental variable `NEXTCLOUD_DATADIR` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). Allowed values for that variable are strings that start with `/` and are not equal to `/`. The chosen directory or volume will then be mounted to `/mnt/ncdata` inside the container. - An example for Linux is `--env NEXTCLOUD_DATADIR="/mnt/ncdata"`. ⚠️ Please note: If you should be using an external BTRFS drive that is mounted to `/mnt/ncdata`, make sure to choose a subfolder like e.g. `/mnt/ncdata/nextcloud` as datadir, since the root folder is not suited as datadir in that case. See https://github.com/nextcloud/all-in-one/discussions/2696. - On macOS it might be `--env NEXTCLOUD_DATADIR="/var/nextcloud-data"` @@ -408,7 +408,7 @@ You can move the whole docker library and all its files including all Nextcloud This should solve the problem. ### How to allow the Nextcloud container to access directories on the host? -By default, the Nextcloud container is confined and cannot access directories on the host OS. You might want to change this when you are planning to use local external storage in Nextcloud to store some files outside the data directory and can do so by adding the environmental variable `NEXTCLOUD_MOUNT` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). Allowed values for that variable are strings that start with `/` and are not equal to `/`. +By default, the Nextcloud container is confined and cannot access directories on the host OS. You might want to change this when you are planning to use local external storage in Nextcloud to store some files outside the data directory and can do so by adding the environmental variable `NEXTCLOUD_MOUNT` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). Allowed values for that variable are strings that start with `/` and are not equal to `/`. - Two examples for Linux are `--env NEXTCLOUD_MOUNT="/mnt/"` and `--env NEXTCLOUD_MOUNT="/media/"`. - On macOS it might be `--env NEXTCLOUD_MOUNT="/Volumes/your_drive/"` @@ -425,29 +425,29 @@ Be aware though that these locations will not be covered by the built-in backup > If you can't see the type "local storage" in the external storage admin options, a restart of the containers from the AIO interface may be required. ### How to adjust the Talk port? -By default will the talk container use port `3478/UDP` and `3478/TCP` for connections. This should be set to something higher than 1024! You can adjust the port by adding e.g. `--env TALK_PORT=3478` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and adjusting the port to your desired value. Best is to use a port over 1024, so e.g. 3479 to not run into this: https://github.com/nextcloud/all-in-one/discussions/2517 +By default will the talk container use port `3478/UDP` and `3478/TCP` for connections. This should be set to something higher than 1024! You can adjust the port by adding e.g. `--env TALK_PORT=3478` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and adjusting the port to your desired value. Best is to use a port over 1024, so e.g. 3479 to not run into this: https://github.com/nextcloud/all-in-one/discussions/2517 ### How to adjust the upload limit for Nextcloud? -By default, public uploads to Nextcloud are limited to a max of 16G (logged in users can upload much bigger files using the webinterface or the mobile/desktop clients, since chunking is used in that case). You can adjust the upload limit by providing `--env NEXTCLOUD_UPLOAD_LIMIT=16G` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must start with a number and end with `G` e.g. `16G`. +By default, public uploads to Nextcloud are limited to a max of 16G (logged in users can upload much bigger files using the webinterface or the mobile/desktop clients, since chunking is used in that case). You can adjust the upload limit by providing `--env NEXTCLOUD_UPLOAD_LIMIT=16G` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must start with a number and end with `G` e.g. `16G`. ### How to adjust the max execution time for Nextcloud? -By default, uploads to Nextcloud are limited to a max of 3600s. You can adjust the upload time limit by providing `--env NEXTCLOUD_MAX_TIME=3600` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a number e.g. `3600`. +By default, uploads to Nextcloud are limited to a max of 3600s. You can adjust the upload time limit by providing `--env NEXTCLOUD_MAX_TIME=3600` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a number e.g. `3600`. ### How to adjust the PHP memory limit for Nextcloud? -By default, each PHP process in the Nextcloud container is limited to a max of 512 MB. You can adjust the memory limit by providing `--env NEXTCLOUD_MEMORY_LIMIT=512M` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must start with a number and end with `M` e.g. `1024M`. +By default, each PHP process in the Nextcloud container is limited to a max of 512 MB. You can adjust the memory limit by providing `--env NEXTCLOUD_MEMORY_LIMIT=512M` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must start with a number and end with `M` e.g. `1024M`. ### How to change the Nextcloud apps that are installed on the first startup? -You might want to adjust the Nextcloud apps that are installed upon the first startup of the Nextcloud container. You can do so by adding `--env NEXTCLOUD_STARTUP_APPS="deck twofactor_totp tasks calendar contacts notes"` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a string with small letters a-z, 0-9, spaces and hyphens or '_'. You can disable shipped and by default enabled apps by adding a hyphen in front of the appid. E.g. `-contactsinteraction`. +You might want to adjust the Nextcloud apps that are installed upon the first startup of the Nextcloud container. You can do so by adding `--env NEXTCLOUD_STARTUP_APPS="deck twofactor_totp tasks calendar contacts notes"` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a string with small letters a-z, 0-9, spaces and hyphens or '_'. You can disable shipped and by default enabled apps by adding a hyphen in front of the appid. E.g. `-contactsinteraction`. ### How to add OS packages permanently to the Nextcloud container? Some Nextcloud apps require additional external dependencies that must be bundled within Nextcloud container in order to work correctly. As we cannot put each and every dependency for all apps into the container - as this would make the project quickly unmaintainable - there is an official way in which you can add additional dependencies into the Nextcloud container. However note that doing this is disrecommended since we do not test Nextcloud apps that require external dependencies. -You can do so by adding `--env NEXTCLOUD_ADDITIONAL_APKS="imagemagick dependency2 dependency3"` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a string with small letters a-z, digits 0-9, spaces, dots and hyphens or '_'. You can find available packages here: https://pkgs.alpinelinux.org/packages?branch=v3.21. By default `imagemagick` is added. If you want to keep it, you need to specify it as well. +You can do so by adding `--env NEXTCLOUD_ADDITIONAL_APKS="imagemagick dependency2 dependency3"` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a string with small letters a-z, digits 0-9, spaces, dots and hyphens or '_'. You can find available packages here: https://pkgs.alpinelinux.org/packages?branch=v3.21. By default `imagemagick` is added. If you want to keep it, you need to specify it as well. ### How to add PHP extensions permanently to the Nextcloud container? Some Nextcloud apps require additional php extensions that must be bundled within Nextcloud container in order to work correctly. As we cannot put each and every dependency for all apps into the container - as this would make the project quickly unmaintainable - there is an official way in which you can add additional php extensions into the Nextcloud container. However note that doing this is disrecommended since we do not test Nextcloud apps that require additional php extensions. -You can do so by adding `--env NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS="imagick extension1 extension2"` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a string with small letters a-z, digits 0-9, spaces, dots and hyphens or '_'. You can find available extensions here: https://pecl.php.net/packages.php. By default `imagick` is added. If you want to keep it, you need to specify it as well. +You can do so by adding `--env NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS="imagick extension1 extension2"` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. It must be a string with small letters a-z, digits 0-9, spaces, dots and hyphens or '_'. You can find available extensions here: https://pecl.php.net/packages.php. By default `imagick` is added. If you want to keep it, you need to specify it as well. ### What about the pdlib PHP extension for the facerecognition app? The [facerecognition app](https://apps.nextcloud.com/apps/facerecognition) requires the pdlib PHP extension to be installed. Unfortunately, it is not available on PECL nor via PHP core, so there is no way to add this into AIO currently. However you can use [this community container](https://github.com/nextcloud/all-in-one/tree/main/community-containers/facerecognition) in order to run facerecognition. @@ -464,7 +464,7 @@ A list of supported device can be fond in [MESA 3D documentation](https://docs.m This method use the [Direct Rendering Infrastructure](https://dri.freedesktop.org/wiki/) with the access to the `/dev/dri` device. -In order to use that, you need to add `--env NEXTCLOUD_ENABLE_DRI_DEVICE=true` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) which will mount the `/dev/dri` device into the container. +In order to use that, you need to add `--env NEXTCLOUD_ENABLE_DRI_DEVICE=true` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) which will mount the `/dev/dri` device into the container. #### With proprietary drivers for Nvidia :warning: BETA @@ -476,19 +476,19 @@ In order to use that, you need to add `--env NEXTCLOUD_ENABLE_DRI_DEVICE=true` t This method use the [Nvidia Container Toolkit](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/index.html) with the nvidia runtime. -In order to use that, you need to add `--env NEXTCLOUD_ENABLE_NVIDIA_GPU=true` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) which will enable the nvidia runtime. +In order to use that, you need to add `--env NEXTCLOUD_ENABLE_NVIDIA_GPU=true` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) which will enable the nvidia runtime. If you're using WSL2 and want to use the NVIDIA runtime, please follow the instructions to [install the NVIDIA Container Toolkit meta-version in WSL](https://docs.nvidia.com/cuda/wsl-user-guide/index.html#cuda-support-for-wsl-2). ### How to keep disabled apps? -In certain situations you might want to keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed in Nextcloud. You can do so by adding `--env NEXTCLOUD_KEEP_DISABLED_APPS=true` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). +In certain situations you might want to keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed in Nextcloud. You can do so by adding `--env NEXTCLOUD_KEEP_DISABLED_APPS=true` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). > [!WARNING] > Doing this might cause unintended problems in Nextcloud if an app that requires an external dependency is still installed but the external dependency not for example. ### How to trust user-defined Certification Authorities (CA)? For some applications it might be necessary to establish a secure connection to another host/server which is using a certificate issued by a Certification Authority that is not trusted out of the box. An example could be configuring LDAPS against a domain controller (Active Directory or Samba-based) of an organization. -You can make the Nextcloud container trust any Certification Authority by providing the environmental variable `NEXTCLOUD_TRUSTED_CACERTS_DIR` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). The value of the variables should be set to the absolute paths of the directory on the host, which contains one or more Certification Authorities certificates. You should use X.509 certificates, Base64 encoded. (Other formats may work but have not been tested!) All the certificates in the directory will be trusted. +You can make the Nextcloud container trust any Certification Authority by providing the environmental variable `NEXTCLOUD_TRUSTED_CACERTS_DIR` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). The value of the variables should be set to the absolute paths of the directory on the host, which contains one or more Certification Authorities certificates. You should use X.509 certificates, Base64 encoded. (Other formats may work but have not been tested!) All the certificates in the directory will be trusted. When using `docker run`, the environmental variable can be set with `--env NEXTCLOUD_TRUSTED_CACERTS_DIR=/path/to/my/cacerts`. @@ -521,7 +521,7 @@ docker run ^ --publish 8443:8443 ^ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config ^ --volume //var/run/docker.sock:/var/run/docker.sock:ro ^ -nextcloud/all-in-one:latest +ghcr.io/nextcloud-releases/all-in-one:latest ``` Also, you may be interested in adjusting Nextcloud's Datadir to store the files on the host system. See [this documentation](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) on how to do it. @@ -530,7 +530,7 @@ Also, you may be interested in adjusting Nextcloud's Datadir to store the files > Almost all commands in this project's documentation use `sudo docker ...`. Since `sudo` is not available on Windows, you simply remove `sudo` from the commands and they should work. ### How to run AIO on Synology DSM -On Synology, there are two things different in comparison to Linux: instead of using `--volume /var/run/docker.sock:/var/run/docker.sock:ro`, you need to use `--volume /volume1/docker/docker.sock:/var/run/docker.sock:ro` to run it. You also need to add `--env WATCHTOWER_DOCKER_SOCKET_PATH="/volume1/docker/docker.sock"`to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`). Apart from that it should work and behave the same like on Linux. Obviously the Synology Docker GUI will not work with that so you will need to either use SSH or create a user-defined script task in the task scheduler as the user 'root' in order to run the command. +On Synology, there are two things different in comparison to Linux: instead of using `--volume /var/run/docker.sock:/var/run/docker.sock:ro`, you need to use `--volume /volume1/docker/docker.sock:/var/run/docker.sock:ro` to run it. You also need to add `--env WATCHTOWER_DOCKER_SOCKET_PATH="/volume1/docker/docker.sock"`to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`). Apart from that it should work and behave the same like on Linux. Obviously the Synology Docker GUI will not work with that so you will need to either use SSH or create a user-defined script task in the task scheduler as the user 'root' in order to run the command. > [!NOTE] > It is possible that the docker socket on your Synology is located in `/var/run/docker.sock` like the default on Linux. Then you can just use the Linux command without having to change anything - you will notice this when you try to start the container and it says that the bind mount failed. E.g. `docker: Error response from daemon: Bind mount failed: '/volume1/docker/docker.sock' does not exists.` @@ -576,7 +576,7 @@ See [multiple-instances.md](./multiple-instances.md) for some documentation on t Nextcloud features a built-in bruteforce protection which may get triggered and will block an ip-address or disable a user. You can unblock an ip-address by running `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ security:bruteforce:reset ` and enable a disabled user by running `sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ user:enable `. See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/occ_command.html#security for further information. ### How to switch the channel? -You can switch to a different channel like e.g. the beta channel or from the beta channel back to the latest channel by stopping the mastercontainer, removing it (no data will be lost) and recreating the container using the same command that you used initially to create the mastercontainer. You simply need to change the last line `nextcloud/all-in-one:latest` to `nextcloud/all-in-one:beta` and vice versa. +You can switch to a different channel like e.g. the beta channel or from the beta channel back to the latest channel by stopping the mastercontainer, removing it (no data will be lost) and recreating the container using the same command that you used initially to create the mastercontainer. You simply need to change the last line `ghcr.io/nextcloud-releases/all-in-one:latest` to `ghcr.io/nextcloud-releases/all-in-one:beta` and vice versa. ### How to update the containers? If we push new containers to `latest`, you will see in the AIO interface below the `containers` section that new container updates were found. In this case, just press `Stop containers` and `Start and update containers` in order to update the containers. The mastercontainer has its own update procedure though. See below. And don't forget to back up the current state of your instance using the built-in backup solution before starting the containers again! Otherwise you won't be able to restore your instance easily if something should break during the update. @@ -785,7 +785,7 @@ Be aware that this solution does not back up files and folders that are mounted Backed up will get all important data of your Nextcloud AIO instance required to restore the instance, like the database, your files and configuration files of the mastercontainer and else. Files and folders that are mounted into Nextcloud using the external storage app are not getting backed up. There is currently no way to exclude the data directory because it would require hacks like running files:scan and would make the backup solution much more unreliable (since the database and your files/folders need to stay in sync). If you still don't want your datadirectory to be backed up, see https://github.com/nextcloud/all-in-one#how-to-enable-automatic-updates-without-creating-a-backup-beforehand for options (there is a hint what needs to be backed up in which order). ### How to adjust borgs retention policy? -The built-in borg-based backup solution has by default a retention policy of `--keep-within=7d --keep-weekly=4 --keep-monthly=6`. See https://borgbackup.readthedocs.io/en/stable/usage/prune.html for what these values mean. You can adjust the retention policy by providing `--env BORG_RETENTION_POLICY="--keep-within=7d --keep-weekly=4 --keep-monthly=6"` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. ⚠️ Please make sure that this value is valid, otherwise backup pruning will bug out! +The built-in borg-based backup solution has by default a retention policy of `--keep-within=7d --keep-weekly=4 --keep-monthly=6`. See https://borgbackup.readthedocs.io/en/stable/usage/prune.html for what these values mean. You can adjust the retention policy by providing `--env BORG_RETENTION_POLICY="--keep-within=7d --keep-weekly=4 --keep-monthly=6"` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used) and customize the value to your fitting. ⚠️ Please make sure that this value is valid, otherwise backup pruning will bug out! ### How to migrate from AIO to AIO? If you have the borg backup feature enabled, you can copy it over to the new host and restore from the backup. This guide assumes the new installation data dir will be on `/mnt/datadir`, you can adjust the steps if it's elsewhere. @@ -1037,7 +1037,7 @@ One example for this would be `sudo docker exec -it --env DAILY_BACKUP=1 nextclo > None of the option returns error codes. So you need to check for the correct result yourself. ### How to disable the backup section? -If you already have a backup solution in place, you may want to hide the backup section. You can do so by adding `--env AIO_DISABLE_BACKUP_SECTION=true` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). +If you already have a backup solution in place, you may want to hide the backup section. You can do so by adding `--env AIO_DISABLE_BACKUP_SECTION=true` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). ## Addons diff --git a/reverse-proxy.md b/reverse-proxy.md index a2b00abd..5835b283 100644 --- a/reverse-proxy.md +++ b/reverse-proxy.md @@ -26,7 +26,7 @@ sudo docker run \ --env SKIP_DOMAIN_VALIDATION=false \ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ --volume /var/run/docker.sock:/var/run/docker.sock:ro \ -nextcloud/all-in-one:latest +ghcr.io/nextcloud-releases/all-in-one:latest ```
@@ -45,7 +45,7 @@ nextcloud/all-in-one:latest - `--env SKIP_DOMAIN_VALIDATION=false` This can be set to `true` if the domain validation does not work and you are sure that you configured everything correctly after you followed [the debug documentation](#6-how-to-debug-things). - `--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config` This means that the files that are created by the mastercontainer will be stored in a docker volume that is called `nextcloud_aio_mastercontainer`. This line is not allowed to be changed, since built-in backups would fail later on. - `--volume /var/run/docker.sock:/var/run/docker.sock:ro` The docker socket is mounted into the container which is used for spinning up all the other containers and for further features. It needs to be adjusted on Windows/macOS and on docker rootless. See the applicable documentation on this. If adjusting, don't forget to also set `WATCHTOWER_DOCKER_SOCKET_PATH`! If you dislike this, see https://github.com/nextcloud/all-in-one/tree/main/manual-install. -- `nextcloud/all-in-one:latest` This is the docker container image that is used. +- `ghcr.io/nextcloud-releases/all-in-one:latest` This is the docker container image that is used. - Further options can be set using environment variables, for example `--env NEXTCLOUD_DATADIR="/mnt/ncdata"` (This is an example for Linux. See [this](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) for other OS' and for an explanation of what this value does. This specific one needs to be specified upon the first startup if you want to change it to a specific path instead of the default Docker volume). To see explanations and examples for further variables (like changing the location of Nextcloud's datadir or mounting some locations as external storage into the Nextcloud container), read through this readme and look at the docker-compose file: https://github.com/nextcloud/all-in-one/blob/main/compose.yaml
@@ -231,7 +231,7 @@ You can get AIO running using the ACME DNS-challenge. Here is how to do it. You also need to adjust `` and `` to match your case. -1. Now continue with [point 2](#2-use-this-startup-command) but additionally, add `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command of the mastercontainer (but before the last line `nextcloud/all-in-one:latest`) which will disable the domain validation (because it is known that the domain validation will not work when using the DNS-challenge since no port is publicly opened). +1. Now continue with [point 2](#2-use-this-startup-command) but additionally, add `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`) which will disable the domain validation (because it is known that the domain validation will not work when using the DNS-challenge since no port is publicly opened). **Advice:** In order to make it work in your home network, you may add the internal ipv4-address of your reverse proxy as A DNS-record to your domain and disable the dns-rebind-protection in your router. Another way it to set up a local dns-server like a pi-hole and set up a custom dns-record for that domain that points to the internal ip-adddress of your reverse proxy (see https://github.com/nextcloud/all-in-one#how-can-i-access-nextcloud-locally). If both is not possible, you may add the domain to the hosts file which is needed then for any devices that shall use the server. @@ -845,7 +845,7 @@ sudo docker run \ --env SKIP_DOMAIN_VALIDATION=false \ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ --volume /var/run/docker.sock:/var/run/docker.sock:ro \ -nextcloud/all-in-one:latest +ghcr.io/nextcloud-releases/all-in-one:latest ``` Note: you may be interested in adjusting Nextcloud’s datadir to store the files in a different location than the default docker volume. See [this documentation](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) on how to do it. @@ -873,7 +873,7 @@ docker run ^ --env SKIP_DOMAIN_VALIDATION=false ^ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config ^ --volume //var/run/docker.sock:/var/run/docker.sock:ro ^ -nextcloud/all-in-one:latest +ghcr.io/nextcloud-releases/all-in-one:latest ``` Also, you may be interested in adjusting Nextcloud's Datadir to store the files on the host system. See [this documentation](https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir) on how to do it. From 23d0fd0cef46676b5351416b0f55b54ac2b2362d Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Tue, 25 Mar 2025 15:15:21 +0100 Subject: [PATCH 04/29] move szaimens community containers to ghcr.io Signed-off-by: Simon L. --- community-containers/borgbackup-viewer/borgbackup-viewer.json | 2 +- community-containers/caddy/caddy.json | 2 +- community-containers/fail2ban/fail2ban.json | 2 +- community-containers/libretranslate/libretranslate.json | 2 +- community-containers/local-ai/local-ai.json | 2 +- community-containers/scrutiny/scrutiny.json | 2 +- community-containers/smbserver/smbserver.json | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/community-containers/borgbackup-viewer/borgbackup-viewer.json b/community-containers/borgbackup-viewer/borgbackup-viewer.json index 9b5c58e5..7f9bb0a0 100644 --- a/community-containers/borgbackup-viewer/borgbackup-viewer.json +++ b/community-containers/borgbackup-viewer/borgbackup-viewer.json @@ -5,7 +5,7 @@ "image_tag": "v1", "display_name": "Borg Backup Viewer", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/borgbackup-viewer", - "image": "szaimen/aio-borgbackup-viewer", + "image": "ghcr.io/szaimen/aio-borgbackup-viewer", "internal_port": "5801", "ports": [ { diff --git a/community-containers/caddy/caddy.json b/community-containers/caddy/caddy.json index 47fef1db..d5f72cb8 100644 --- a/community-containers/caddy/caddy.json +++ b/community-containers/caddy/caddy.json @@ -4,7 +4,7 @@ "container_name": "nextcloud-aio-caddy", "display_name": "Caddy with geoblocking", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy", - "image": "szaimen/aio-caddy", + "image": "ghcr.io/szaimen/aio-caddy", "image_tag": "v2", "internal_port": "443", "restart": "unless-stopped", diff --git a/community-containers/fail2ban/fail2ban.json b/community-containers/fail2ban/fail2ban.json index dbc733d4..78bf0a85 100644 --- a/community-containers/fail2ban/fail2ban.json +++ b/community-containers/fail2ban/fail2ban.json @@ -4,7 +4,7 @@ "container_name": "nextcloud-aio-fail2ban", "display_name": "Fail2ban", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/fail2ban", - "image": "szaimen/aio-fail2ban", + "image": "ghcr.io/szaimen/aio-fail2ban", "image_tag": "v1", "internal_port": "host", "restart": "unless-stopped", diff --git a/community-containers/libretranslate/libretranslate.json b/community-containers/libretranslate/libretranslate.json index 80312a9a..98970db4 100644 --- a/community-containers/libretranslate/libretranslate.json +++ b/community-containers/libretranslate/libretranslate.json @@ -4,7 +4,7 @@ "container_name": "nextcloud-aio-libretranslate", "display_name": "LibreTranslate", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/libretranslate", - "image": "szaimen/aio-libretranslate", + "image": "ghcr.io/szaimen/aio-libretranslate", "image_tag": "v1", "internal_port": "5000", "restart": "unless-stopped", diff --git a/community-containers/local-ai/local-ai.json b/community-containers/local-ai/local-ai.json index 6242a3b9..8e2aedb3 100644 --- a/community-containers/local-ai/local-ai.json +++ b/community-containers/local-ai/local-ai.json @@ -4,7 +4,7 @@ "container_name": "nextcloud-aio-local-ai", "display_name": "Local AI", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/local-ai", - "image": "szaimen/aio-local-ai", + "image": "ghcr.io/szaimen/aio-local-ai", "image_tag": "v2", "internal_port": "8080", "restart": "unless-stopped", diff --git a/community-containers/scrutiny/scrutiny.json b/community-containers/scrutiny/scrutiny.json index 7fe369c5..4b368291 100644 --- a/community-containers/scrutiny/scrutiny.json +++ b/community-containers/scrutiny/scrutiny.json @@ -4,7 +4,7 @@ "container_name": "nextcloud-aio-scrutiny", "display_name": "Scrutiny", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/scrutiny", - "image": "szaimen/aio-scrutiny", + "image": "ghcr.io/szaimen/aio-scrutiny", "image_tag": "v1", "internal_port": "8000", "init": false, diff --git a/community-containers/smbserver/smbserver.json b/community-containers/smbserver/smbserver.json index c6269134..d095eb7a 100644 --- a/community-containers/smbserver/smbserver.json +++ b/community-containers/smbserver/smbserver.json @@ -4,7 +4,7 @@ "container_name": "nextcloud-aio-smbserver", "display_name": "SMB-server", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/smbserver", - "image": "szaimen/aio-smbserver", + "image": "ghcr.io/szaimen/aio-smbserver", "image_tag": "v1", "internal_port": "5803", "restart": "unless-stopped", From 627c2d3192feba2f4ba562cb5f62e20ad0408aaa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Mar 2025 04:38:04 +0000 Subject: [PATCH 05/29] build(deps): bump elasticsearch in /Containers/fulltextsearch Bumps elasticsearch from 8.17.3 to 8.17.4. --- updated-dependencies: - dependency-name: elasticsearch dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/fulltextsearch/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index 8cdaef6a..2299f0f5 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile -FROM elasticsearch:8.17.3 +FROM elasticsearch:8.17.4 USER root From 9e0f5b31d202930f64d7c76af40f5ceae398a700 Mon Sep 17 00:00:00 2001 From: Zoey Date: Wed, 26 Mar 2025 12:21:45 +0100 Subject: [PATCH 06/29] fix #6230 Signed-off-by: Zoey --- Containers/clamav/supervisord.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/clamav/supervisord.conf b/Containers/clamav/supervisord.conf index 8f5c81a1..8f53856a 100644 --- a/Containers/clamav/supervisord.conf +++ b/Containers/clamav/supervisord.conf @@ -13,7 +13,7 @@ stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=freshclam --foreground --stdout --daemon +command=freshclam --foreground --stdout --daemon --daemon-notify=/tmp/clamd.conf [program:clamd] stdout_logfile=/dev/stdout From ca151e86ac2b40b34abdd601ac47eff0d4b8043e Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 26 Mar 2025 18:27:44 +0100 Subject: [PATCH 07/29] watchtower: install from github repo to fix some security issues Signed-off-by: Simon L. --- Containers/watchtower/Dockerfile | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index 8bd5da34..a6940d40 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,14 +1,18 @@ # syntax=docker/dockerfile:latest -# From https://github.com/containrrr/watchtower/blob/main/dockerfiles/Dockerfile.self-contained -FROM containrrr/watchtower:1.7.1 AS watchtower +FROM golang:1.24.1-alpine3.21 AS go + +RUN set -ex; \ + apk add --no-cache \ + build-base; \ + go install github.com/containrrr/watchtower@76f9cea516593fabb8ca91ff13de55caa6aa0a8b; FROM alpine:3.21.3 RUN set -ex; \ apk upgrade --no-cache -a; \ - apk add --no-cache bash + apk add --no-cache bash ca-certificates tzdata -COPY --from=watchtower /watchtower /watchtower +COPY --from=go /go/bin/watchtower /usr/local/bin/watchtower COPY --chmod=775 start.sh /start.sh From c5a9da8bb37c131cbbd2d71529345c7fc3123663 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 26 Mar 2025 18:39:32 +0100 Subject: [PATCH 08/29] run apk upgrade everywhere Signed-off-by: Simon L. --- Containers/imaginary/Dockerfile | 3 ++- Containers/talk/Dockerfile | 1 + Containers/watchtower/Dockerfile | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 9d2fd11d..cb6dbbe5 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,9 +1,10 @@ # syntax=docker/dockerfile:latest FROM golang:1.24.1-alpine3.21 AS go -ENV IMAGINARY_HASH=1d4e251cfcd58ea66f8361f8721d7b8cc85002a3 +ENV IMAGINARY_HASH=1d4e251cfcd58ea66f8361f8721d7b8cc85002a3 RUN set -ex; \ + apk upgrade --no-cache -a; \ apk add --no-cache \ vips-dev \ vips-magick \ diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index 915b4789..00d2153f 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -7,6 +7,7 @@ FROM alpine:3.21.3 AS janus ARG JANUS_VERSION=v1.3.1 WORKDIR /src RUN set -ex; \ + apk upgrade --no-cache -a; \ apk add --no-cache \ ca-certificates \ git \ diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index a6940d40..aad4f935 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -2,6 +2,7 @@ FROM golang:1.24.1-alpine3.21 AS go RUN set -ex; \ + apk upgrade --no-cache -a; \ apk add --no-cache \ build-base; \ go install github.com/containrrr/watchtower@76f9cea516593fabb8ca91ff13de55caa6aa0a8b; From f415bba72b4e83e9c76524858d465035802c688e Mon Sep 17 00:00:00 2001 From: Zoey Date: Wed, 26 Mar 2025 21:28:05 +0100 Subject: [PATCH 09/29] link to borg logs while borg is running Not sure if mastercontainer is wanted, but I think it should link to borgs logs Signed-off-by: Zoey --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index ce8a59cb..42860e6d 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -60,7 +60,7 @@ {% endfor %} {% if is_daily_backup_running == true %} -

Daily backup currently running. (Logs)

+

Daily backup currently running. (Logs)

{% if automatic_updates == true %}

This will update your containers, the mastercontainer and, on Saturdays, your Nextcloud apps if the backup is successful.

{% if is_mastercontainer_update_available == true %} From 9a9ea694b2685d864aea5586b1d360bb72348e51 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Wed, 26 Mar 2025 23:38:00 +0100 Subject: [PATCH 10/29] helm-chart: move alpine init-container image to containers folder Signed-off-by: Simon L. --- Containers/alpine/Dockerfile | 5 +++++ nextcloud-aio-helm-chart/update-helm.sh | 8 ++++---- 2 files changed, 9 insertions(+), 4 deletions(-) create mode 100644 Containers/alpine/Dockerfile diff --git a/Containers/alpine/Dockerfile b/Containers/alpine/Dockerfile new file mode 100644 index 00000000..48f2b46a --- /dev/null +++ b/Containers/alpine/Dockerfile @@ -0,0 +1,5 @@ +# syntax=docker/dockerfile:latest +FROM alpine:3.21 + +RUN set -ex; \ + apk upgrade --no-cache -a diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index 5ac19095..02a2c17d 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -72,7 +72,7 @@ find ./ -name '*networkpolicy.yaml' -exec sed -i "s|manual-install-nextcloud-aio cat << EOL > /tmp/initcontainers initContainers: - name: init-volumes - image: "alpine:3.20" + image: "ghcr.io/nextcloud-releases/alpine:$DOCKER_TAG" command: - chmod - "777" @@ -81,7 +81,7 @@ EOL cat << EOL > /tmp/initcontainers.database initContainers: - name: init-subpath - image: "alpine:3.20" + image: "ghcr.io/nextcloud-releases/alpine:$DOCKER_TAG" command: - mkdir - "-p" @@ -94,7 +94,7 @@ EOL cat << EOL > /tmp/initcontainers.clamav initContainers: - name: init-subpath - image: "alpine:3.20" + image: "ghcr.io/nextcloud-releases/alpine:$DOCKER_TAG" command: - mkdir - "-p" @@ -108,7 +108,7 @@ cat << EOL > /tmp/initcontainers.nextcloud # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: "alpine:3.20" + image: "ghcr.io/nextcloud-releases/alpine:$DOCKER_TAG" command: - chmod - "777" From 62b03a1de20f451f940117d15599a14be0e2d718 Mon Sep 17 00:00:00 2001 From: Zoey Date: Thu, 27 Mar 2025 06:29:03 +0100 Subject: [PATCH 11/29] Apply suggestion Co-authored-by: Simon L. Signed-off-by: Zoey --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 42860e6d..66ebb121 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -60,7 +60,7 @@ {% endfor %} {% if is_daily_backup_running == true %} -

Daily backup currently running. (Logs)

+

Daily backup currently running. (Mastercontainer logs) (Borg backup container logs)

{% if automatic_updates == true %}

This will update your containers, the mastercontainer and, on Saturdays, your Nextcloud apps if the backup is successful.

{% if is_mastercontainer_update_available == true %} From 0f92f8e40cbff12043b28b6f703319f619bc165a Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 27 Mar 2025 12:03:21 +0000 Subject: [PATCH 12/29] Yaml updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- manual-install/latest.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/manual-install/latest.yml b/manual-install/latest.yml index 3d104f43..a8bdb0be 100644 --- a/manual-install/latest.yml +++ b/manual-install/latest.yml @@ -19,7 +19,7 @@ services: nextcloud-aio-whiteboard: condition: service_started required: false - image: nextcloud/aio-apache:latest + image: ghcr.io/nextcloud-releases/aio-apache:latest user: "33" init: true healthcheck: @@ -60,7 +60,7 @@ services: - NET_RAW nextcloud-aio-database: - image: nextcloud/aio-postgresql:latest + image: ghcr.io/nextcloud-releases/aio-postgresql:latest user: "999" init: true healthcheck: @@ -110,7 +110,7 @@ services: nextcloud-aio-imaginary: condition: service_started required: false - image: nextcloud/aio-nextcloud:latest + image: ghcr.io/nextcloud-releases/aio-nextcloud:latest init: true healthcheck: start_period: 0s @@ -185,7 +185,7 @@ services: - NET_RAW nextcloud-aio-notify-push: - image: nextcloud/aio-notify-push:latest + image: ghcr.io/nextcloud-releases/aio-notify-push:latest user: "33" init: true healthcheck: @@ -216,7 +216,7 @@ services: - NET_RAW nextcloud-aio-redis: - image: nextcloud/aio-redis:latest + image: ghcr.io/nextcloud-releases/aio-redis:latest user: "999" init: true healthcheck: @@ -240,7 +240,7 @@ services: nextcloud-aio-collabora: command: ${ADDITIONAL_COLLABORA_OPTIONS} - image: nextcloud/aio-collabora:latest + image: ghcr.io/nextcloud-releases/aio-collabora:latest init: true healthcheck: start_period: 60s @@ -268,7 +268,7 @@ services: - NET_RAW nextcloud-aio-talk: - image: nextcloud/aio-talk:latest + image: ghcr.io/nextcloud-releases/aio-talk:latest user: "1000" init: true healthcheck: @@ -306,7 +306,7 @@ services: - NET_RAW nextcloud-aio-talk-recording: - image: nextcloud/aio-talk-recording:latest + image: ghcr.io/nextcloud-releases/aio-talk-recording:latest user: "122" init: true healthcheck: @@ -336,7 +336,7 @@ services: - NET_RAW nextcloud-aio-clamav: - image: nextcloud/aio-clamav:latest + image: ghcr.io/nextcloud-releases/aio-clamav:latest user: "100" init: false healthcheck: @@ -367,7 +367,7 @@ services: - NET_RAW nextcloud-aio-onlyoffice: - image: nextcloud/aio-onlyoffice:latest + image: ghcr.io/nextcloud-releases/aio-onlyoffice:latest init: true healthcheck: start_period: 60s @@ -392,7 +392,7 @@ services: - NET_RAW nextcloud-aio-imaginary: - image: nextcloud/aio-imaginary:latest + image: ghcr.io/nextcloud-releases/aio-imaginary:latest user: "65534" init: true healthcheck: @@ -419,7 +419,7 @@ services: - /tmp nextcloud-aio-fulltextsearch: - image: nextcloud/aio-fulltextsearch:latest + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:latest init: false healthcheck: start_period: 60s @@ -450,7 +450,7 @@ services: - NET_RAW nextcloud-aio-whiteboard: - image: nextcloud/aio-whiteboard:latest + image: ghcr.io/nextcloud-releases/aio-whiteboard:latest user: "65534" init: true healthcheck: From 55f77ade815f524838e404d9b7a83e70a55a059b Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 27 Mar 2025 12:12:18 +0000 Subject: [PATCH 13/29] nextcloud-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/nextcloud/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 4ee8d0e2..7383256b 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -14,7 +14,7 @@ ENV AIO_URL=localhost # AIO settings end # Do not remove or change this line! # Define the commit hash for imagick as a variable -ARG IMAGICK_COMMIT_HASH=28f27044e435a2b203e32675e942eb8de620ee58 +ARG IMAGICK_COMMIT_HASH=ffa23eb0bc6796349dce12a984b3b70079e7bdd3 COPY --chmod=775 *.sh / COPY --chmod=774 upgrade.exclude /upgrade.exclude @@ -84,7 +84,7 @@ RUN set -ex; \ pecl install -o igbinary-3.2.16; \ pecl install APCu-5.1.24; \ pecl install -D 'enable-memcached-igbinary="yes"' memcached-3.3.0; \ - pecl install -oD 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"' redis-6.1.0; \ + pecl install -oD 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"' redis-6.2.0; \ # pecl install -o imagick-3.7.0; \ # Begin workaround -> # The master version on the imagick repository is compatible with PHP 8.3. However, the PECL version is not updated yet. From dbe73ab0db8bc0d6144a4bad7429cba52c57b8c0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 28 Mar 2025 04:19:42 +0000 Subject: [PATCH 14/29] build(deps): bump docker in /Containers/mastercontainer Bumps docker from 28.0.2-cli to 28.0.4-cli. --- updated-dependencies: - dependency-name: docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/mastercontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index 12e4aaa2..394359b7 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:28.0.2-cli AS docker +FROM docker:28.0.4-cli AS docker # Caddy is a requirement FROM caddy:2.9.1-alpine AS caddy From 19ab4ae3087a3e4de542b95c19c50bd7dffc889b Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Sat, 29 Mar 2025 12:02:52 +0000 Subject: [PATCH 15/29] php dependency updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- php/composer.lock | 58 +++++++++++++++++++++++------------------------ 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/php/composer.lock b/php/composer.lock index 6d56b219..8df472da 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -8,16 +8,16 @@ "packages": [ { "name": "guzzlehttp/guzzle", - "version": "7.9.2", + "version": "7.9.3", "source": { "type": "git", "url": "https://github.com/guzzle/guzzle.git", - "reference": "d281ed313b989f213357e3be1a179f02196ac99b" + "reference": "7b2f29fe81dc4da0ca0ea7d42107a0845946ea77" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/guzzle/guzzle/zipball/d281ed313b989f213357e3be1a179f02196ac99b", - "reference": "d281ed313b989f213357e3be1a179f02196ac99b", + "url": "https://api.github.com/repos/guzzle/guzzle/zipball/7b2f29fe81dc4da0ca0ea7d42107a0845946ea77", + "reference": "7b2f29fe81dc4da0ca0ea7d42107a0845946ea77", "shasum": "" }, "require": { @@ -114,7 +114,7 @@ ], "support": { "issues": "https://github.com/guzzle/guzzle/issues", - "source": "https://github.com/guzzle/guzzle/tree/7.9.2" + "source": "https://github.com/guzzle/guzzle/tree/7.9.3" }, "funding": [ { @@ -130,20 +130,20 @@ "type": "tidelift" } ], - "time": "2024-07-24T11:22:20+00:00" + "time": "2025-03-27T13:37:11+00:00" }, { "name": "guzzlehttp/promises", - "version": "2.0.4", + "version": "2.2.0", "source": { "type": "git", "url": "https://github.com/guzzle/promises.git", - "reference": "f9c436286ab2892c7db7be8c8da4ef61ccf7b455" + "reference": "7c69f28996b0a6920945dd20b3857e499d9ca96c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/guzzle/promises/zipball/f9c436286ab2892c7db7be8c8da4ef61ccf7b455", - "reference": "f9c436286ab2892c7db7be8c8da4ef61ccf7b455", + "url": "https://api.github.com/repos/guzzle/promises/zipball/7c69f28996b0a6920945dd20b3857e499d9ca96c", + "reference": "7c69f28996b0a6920945dd20b3857e499d9ca96c", "shasum": "" }, "require": { @@ -197,7 +197,7 @@ ], "support": { "issues": "https://github.com/guzzle/promises/issues", - "source": "https://github.com/guzzle/promises/tree/2.0.4" + "source": "https://github.com/guzzle/promises/tree/2.2.0" }, "funding": [ { @@ -213,20 +213,20 @@ "type": "tidelift" } ], - "time": "2024-10-17T10:06:22+00:00" + "time": "2025-03-27T13:27:01+00:00" }, { "name": "guzzlehttp/psr7", - "version": "2.7.0", + "version": "2.7.1", "source": { "type": "git", "url": "https://github.com/guzzle/psr7.git", - "reference": "a70f5c95fb43bc83f07c9c948baa0dc1829bf201" + "reference": "c2270caaabe631b3b44c85f99e5a04bbb8060d16" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/guzzle/psr7/zipball/a70f5c95fb43bc83f07c9c948baa0dc1829bf201", - "reference": "a70f5c95fb43bc83f07c9c948baa0dc1829bf201", + "url": "https://api.github.com/repos/guzzle/psr7/zipball/c2270caaabe631b3b44c85f99e5a04bbb8060d16", + "reference": "c2270caaabe631b3b44c85f99e5a04bbb8060d16", "shasum": "" }, "require": { @@ -313,7 +313,7 @@ ], "support": { "issues": "https://github.com/guzzle/psr7/issues", - "source": "https://github.com/guzzle/psr7/tree/2.7.0" + "source": "https://github.com/guzzle/psr7/tree/2.7.1" }, "funding": [ { @@ -329,7 +329,7 @@ "type": "tidelift" } ], - "time": "2024-07-18T11:15:46+00:00" + "time": "2025-03-27T12:30:47+00:00" }, { "name": "http-interop/http-factory-guzzle", @@ -391,16 +391,16 @@ }, { "name": "laravel/serializable-closure", - "version": "v2.0.3", + "version": "v2.0.4", "source": { "type": "git", "url": "https://github.com/laravel/serializable-closure.git", - "reference": "f379c13663245f7aa4512a7869f62eb14095f23f" + "reference": "b352cf0534aa1ae6b4d825d1e762e35d43f8a841" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/f379c13663245f7aa4512a7869f62eb14095f23f", - "reference": "f379c13663245f7aa4512a7869f62eb14095f23f", + "url": "https://api.github.com/repos/laravel/serializable-closure/zipball/b352cf0534aa1ae6b4d825d1e762e35d43f8a841", + "reference": "b352cf0534aa1ae6b4d825d1e762e35d43f8a841", "shasum": "" }, "require": { @@ -448,7 +448,7 @@ "issues": "https://github.com/laravel/serializable-closure/issues", "source": "https://github.com/laravel/serializable-closure" }, - "time": "2025-02-11T15:03:05+00:00" + "time": "2025-03-19T13:51:03+00:00" }, { "name": "nikic/fast-route", @@ -2939,16 +2939,16 @@ }, { "name": "symfony/console", - "version": "v6.4.17", + "version": "v6.4.20", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "799445db3f15768ecc382ac5699e6da0520a0a04" + "reference": "2e4af9c952617cc3f9559ff706aee420a8464c36" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/799445db3f15768ecc382ac5699e6da0520a0a04", - "reference": "799445db3f15768ecc382ac5699e6da0520a0a04", + "url": "https://api.github.com/repos/symfony/console/zipball/2e4af9c952617cc3f9559ff706aee420a8464c36", + "reference": "2e4af9c952617cc3f9559ff706aee420a8464c36", "shasum": "" }, "require": { @@ -3013,7 +3013,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v6.4.17" + "source": "https://github.com/symfony/console/tree/v6.4.20" }, "funding": [ { @@ -3029,7 +3029,7 @@ "type": "tidelift" } ], - "time": "2024-12-07T12:07:30+00:00" + "time": "2025-03-03T17:16:38+00:00" }, { "name": "symfony/filesystem", From 0852b00cc8bda91aa3e5cc8d0c9277e849a77342 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Sun, 30 Mar 2025 17:53:42 +0200 Subject: [PATCH 16/29] borg: exclude lost+found directory from backup Signed-off-by: Simon L. --- Containers/borgbackup/backupscript.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Containers/borgbackup/backupscript.sh b/Containers/borgbackup/backupscript.sh index 5c6ddd99..602ec586 100644 --- a/Containers/borgbackup/backupscript.sh +++ b/Containers/borgbackup/backupscript.sh @@ -191,7 +191,7 @@ if [ "$BORG_MODE" = backup ]; then fi # Exclude the nextcloud log and audit log for GDPR reasons - BORG_EXCLUDE=(--exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud/data/nextcloud.log*" --exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud/data/audit.log") + BORG_EXCLUDE=(--exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud/data/nextcloud.log*" --exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud/data/audit.log" --exclude "/nextcloud_aio_volumes/nextcloud_aio_nextcloud_data/lost+found") BORG_INCLUDE=() # Exclude datadir if .noaiobackup file was found @@ -405,6 +405,7 @@ if [ "$BORG_MODE" = restore ]; then --exclude "nextcloud_aio_mastercontainer/data/daily_backup_running" \ --exclude "nextcloud_aio_mastercontainer/data/session_date_file" \ --exclude "nextcloud_aio_mastercontainer/session/**" \ + --exclude "nextcloud_aio_nextcloud_data/lost+found" \ "${ADDITIONAL_RSYNC_EXCLUDES[@]}" \ /tmp/borg/nextcloud_aio_volumes/ /nextcloud_aio_volumes/; then RESTORE_FAILED=1 @@ -459,6 +460,7 @@ if [ "$BORG_MODE" = restore ]; then -o -path nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/daily_backup_running \ -o -path nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/session_date_file \ -o -path "nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/id_borg*" \ + -o -path "nextcloud_aio_nextcloud_data/lost+found" \ "${ADDITIONAL_FIND_EXCLUDES[@]}" \ \) \ | LC_ALL=C sort \ From 33fac7d67abc6ebec7cb37d3b7eb954c8536816d Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 10:45:29 +0200 Subject: [PATCH 17/29] fix update-helm workflow Signed-off-by: Simon L. --- .github/workflows/update-helm.yml | 2 +- nextcloud-aio-helm-chart/update-helm.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-helm.yml b/.github/workflows/update-helm.yml index 75aaceb5..acce2637 100644 --- a/.github/workflows/update-helm.yml +++ b/.github/workflows/update-helm.yml @@ -16,7 +16,7 @@ jobs: run: | set -x GHCR_TOKEN="$(curl https://ghcr.io/token?scope=repository:nextcloud-releases/nce-php-fpm-mgmt:pull | jq '.token' | sed 's|"||g')" - DOCKER_TAG="$(curl -H "Authorization: Bearer ${GHCR_TOKEN}" -L -s 'https://ghcr.io/v2/nextcloud-releases/all-in-one/tags/list?page_size=1024' | jq '.tags' | sed 's|"||g;s|[[:space:]]||g' | grep '^20[0-9_]\+' | grep -v latest | sort -r | head -1)" + DOCKER_TAG="$(curl -H "Authorization: Bearer ${GHCR_TOKEN}" -L -s 'https://ghcr.io/v2/nextcloud-releases/all-in-one/tags/list?page_size=1024' | jq '.tags' | sed 's|"||g;s|[[:space:]]||g;s|,||g' | grep '^20[0-9_]\+' | grep -v latest | sort -r | head -1)" export DOCKER_TAG set +x if [ -n "$DOCKER_TAG" ] && ! grep -q "$DOCKER_TAG" ./nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml; then diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index 5ac19095..3e546856 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -505,7 +505,7 @@ cat << EOL > /tmp/security.conf {{- end }} # AIO-config - do not change this comment! EOL # shellcheck disable=SC1083 -find ./ -name '*nextcloud-deployment.yaml*' -exec sed -i "/nextcloud\/aio-nextcloud:.*/r /tmp/security.conf" \{} \; +find ./ -name '*nextcloud-deployment.yaml*' -exec sed -i "/image: .*nextcloud.*aio-nextcloud:.*/r /tmp/security.conf" \{} \; chmod 777 -R ./ From f88b123cc3c8ccff4e9ff6964e93060bf8f32157 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Mon, 31 Mar 2025 08:46:12 +0000 Subject: [PATCH 18/29] Helm Chart updates Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../templates/nextcloud-aio-apache-deployment.yaml | 2 +- .../templates/nextcloud-aio-clamav-deployment.yaml | 2 +- .../templates/nextcloud-aio-collabora-deployment.yaml | 2 +- .../templates/nextcloud-aio-database-deployment.yaml | 2 +- .../templates/nextcloud-aio-fulltextsearch-deployment.yaml | 2 +- .../templates/nextcloud-aio-imaginary-deployment.yaml | 2 +- .../templates/nextcloud-aio-nextcloud-deployment.yaml | 4 +++- .../templates/nextcloud-aio-notify-push-deployment.yaml | 2 +- .../templates/nextcloud-aio-onlyoffice-deployment.yaml | 2 +- .../templates/nextcloud-aio-redis-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-deployment.yaml | 2 +- .../templates/nextcloud-aio-talk-recording-deployment.yaml | 2 +- .../templates/nextcloud-aio-whiteboard-deployment.yaml | 2 +- nextcloud-aio-helm-chart/values.yaml | 1 + 15 files changed, 17 insertions(+), 14 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index a9de2ae8..8fd3a53d 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 10.9.0 +version: 10.10.0 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index b4e9e01c..ea4393f7 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: nextcloud/aio-apache:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-apache:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index e1921203..9c55ce9d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-clamav:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-clamav:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 38d34bd0..4a904d2a 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -35,7 +35,7 @@ spec: value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+ - name: server_name value: "{{ .Values.NC_DOMAIN }}" - image: nextcloud/aio-collabora:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-collabora:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index 4d400202..cf138dd0 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-postgresql:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-postgresql:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index 0de772be..e081ffd5 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: nextcloud/aio-fulltextsearch:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index 5c922d36..2a53ffdb 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-imaginary:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-imaginary:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 496cfed1..f664091c 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -80,6 +80,8 @@ spec: value: "{{ .Values.SERVERINFO_TOKEN }}" - name: NEXTCLOUD_DEFAULT_QUOTA value: "{{ .Values.NEXTCLOUD_DEFAULT_QUOTA }}" + - name: NEXTCLOUD_SKELETON_DIRECTORY + value: "{{ .Values.NEXTCLOUD_SKELETON_DIRECTORY | default "" }}" - name: NEXTCLOUD_MAINTENANCE_WINDOW value: "{{ .Values.NEXTCLOUD_MAINTENANCE_WINDOW }}" - name: ADDITIONAL_APKS @@ -180,7 +182,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: nextcloud/aio-nextcloud:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20250331_082515 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index b02d5d85..fb5412fe 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -55,7 +55,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-notify-push:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-notify-push:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index 2a9db83a..483b6250 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-onlyoffice:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 439ab944..fc8eb5ed 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-redis:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-redis:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index 755a2f6a..dc61ebd5 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-talk:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-talk:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index 1967ff34..98f9e38c 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-talk-recording:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 7d51f181..a319522a 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -48,7 +48,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-whiteboard:20250325_084656 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20250331_082515 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/values.yaml b/nextcloud-aio-helm-chart/values.yaml index f0897240..5bd7e582 100755 --- a/nextcloud-aio-helm-chart/values.yaml +++ b/nextcloud-aio-helm-chart/values.yaml @@ -60,6 +60,7 @@ APPS_ALLOWLIST: # This allows to configure allowed apps that will be show ADDITIONAL_TRUSTED_PROXY: # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here. ADDITIONAL_TRUSTED_DOMAIN: # Allows to add one domain to Nextcloud's trusted domains and also generates a certificate automatically for it NEXTCLOUD_DEFAULT_QUOTA: "10 GB" # Allows to adjust the default quota that will be taken into account in Nextcloud for new users. Setting it to "unlimited" will set it to unlimited +NEXTCLOUD_SKELETON_DIRECTORY: # Allows to adjust the sekeleton dir for Nextcloud. Setting it to "empty" will set the value to an empty string "" which will turn off the setting for new users in Nextcloud. NEXTCLOUD_MAINTENANCE_WINDOW: # Allows to define the maintenance window for Nextcloud. See https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/background_jobs_configuration.html#parameters for possible values SMTP_HOST: # (empty by default): The hostname of the SMTP server. SMTP_SECURE: # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS. From 1a5efefd6258428f07bd60302dc90ff972f3e707 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 10:49:29 +0200 Subject: [PATCH 19/29] revert imagick commit hash Signed-off-by: Simon L. --- Containers/nextcloud/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 7383256b..ca56945d 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -14,7 +14,7 @@ ENV AIO_URL=localhost # AIO settings end # Do not remove or change this line! # Define the commit hash for imagick as a variable -ARG IMAGICK_COMMIT_HASH=ffa23eb0bc6796349dce12a984b3b70079e7bdd3 +ARG IMAGICK_COMMIT_HASH=28f27044e435a2b203e32675e942eb8de620ee58 COPY --chmod=775 *.sh / COPY --chmod=774 upgrade.exclude /upgrade.exclude From 242179f079232b99745e7b102643aad7a00fa8f2 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 10:58:22 +0200 Subject: [PATCH 20/29] alpine dockerfile: change tag to 3.21.2 and add dependabot Signed-off-by: Simon L. --- .github/dependabot.yml | 1 + Containers/alpine/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 38d4ad6d..0caaabfb 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -22,6 +22,7 @@ updates: - dependencies - package-ecosystem: "docker" directories: + - "/Containers/alpine" - "/Containers/apache" - "/Containers/borgbackup" - "/Containers/clamav" diff --git a/Containers/alpine/Dockerfile b/Containers/alpine/Dockerfile index 48f2b46a..86948845 100644 --- a/Containers/alpine/Dockerfile +++ b/Containers/alpine/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.21 +FROM alpine:3.21.2 RUN set -ex; \ apk upgrade --no-cache -a From 95491af7bd53955256dba7622abed51062623ae9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 09:00:37 +0000 Subject: [PATCH 21/29] build(deps): bump alpine from 3.21.2 to 3.21.3 in /Containers/alpine Bumps alpine from 3.21.2 to 3.21.3. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Containers/alpine/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/alpine/Dockerfile b/Containers/alpine/Dockerfile index 86948845..b690b530 100644 --- a/Containers/alpine/Dockerfile +++ b/Containers/alpine/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM alpine:3.21.2 +FROM alpine:3.21.3 RUN set -ex; \ apk upgrade --no-cache -a From 496365e107d26c90d22afb407fee2fa3bac28e68 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 11:01:20 +0200 Subject: [PATCH 22/29] also use ghcr image for vaultwarden Signed-off-by: Simon L. --- community-containers/vaultwarden/vaultwarden.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/community-containers/vaultwarden/vaultwarden.json b/community-containers/vaultwarden/vaultwarden.json index 15f2114d..b94996fc 100644 --- a/community-containers/vaultwarden/vaultwarden.json +++ b/community-containers/vaultwarden/vaultwarden.json @@ -4,7 +4,7 @@ "container_name": "nextcloud-aio-vaultwarden", "display_name": "Vaultwarden", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden", - "image": "vaultwarden/server", + "image": "ghcr.io/dani-garcia/vaultwarden", "image_tag": "alpine", "internal_port": "8812", "restart": "unless-stopped", From 631253ef71c7353586f79378b1fd116f0f4b1e68 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 11:03:43 +0200 Subject: [PATCH 23/29] fix detail Signed-off-by: Simon L. --- Containers/watchtower/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index aad4f935..1b83fe17 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -13,7 +13,7 @@ RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache bash ca-certificates tzdata -COPY --from=go /go/bin/watchtower /usr/local/bin/watchtower +COPY --from=go /go/bin/watchtower /watchtower COPY --chmod=775 start.sh /start.sh From c0835f49a975730e9042090032f0a4a4cd11da80 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 11:47:04 +0200 Subject: [PATCH 24/29] increase to 10.11.0 Signed-off-by: Simon L. --- php/templates/containers.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 66ebb121..a92d1e08 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,7 @@
-

Nextcloud AIO v10.10.0

+

Nextcloud AIO v10.11.0

{# Add 2nd tab warning #} From d04d7c9fab979a4ffd1a5453d0a9803f188cd64f Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Mon, 31 Mar 2025 12:03:03 +0000 Subject: [PATCH 25/29] imaginary-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/imaginary/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index cb6dbbe5..70c21702 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:latest FROM golang:1.24.1-alpine3.21 AS go -ENV IMAGINARY_HASH=1d4e251cfcd58ea66f8361f8721d7b8cc85002a3 +ENV IMAGINARY_HASH=1d4e251cfcd58ea66f8361f8721d7b8cc85002a3 RUN set -ex; \ apk upgrade --no-cache -a; \ From ae5f4b7999e4b8ca596e22218b7e9a805cfafd59 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 14:37:14 +0200 Subject: [PATCH 26/29] collabora: fix permissions for /etc/coolwsd/coolwsd.xml file Signed-off-by: Simon L. --- Containers/collabora/Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index d9c487a4..c6b65ff8 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -14,7 +14,9 @@ RUN set -ex; \ # # tzdata \ netcat-openbsd \ ; \ - rm -rf /var/lib/apt/lists/*; + rm -rf /var/lib/apt/lists/*; \ +# Fix permissions for coolwsd.xml file. See https://github.com/CollaboraOnline/online/issues/11345 + chmod +r /etc/coolwsd/coolwsd.xml COPY --chmod=775 healthcheck.sh /healthcheck.sh From d501b7cfcbe07ba627adca571a2541a572f09ff8 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 14:42:41 +0200 Subject: [PATCH 27/29] fix detail in update helm script Signed-off-by: Simon L. --- nextcloud-aio-helm-chart/update-helm.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index e9e8a476..7bf6d48a 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -72,7 +72,7 @@ find ./ -name '*networkpolicy.yaml' -exec sed -i "s|manual-install-nextcloud-aio cat << EOL > /tmp/initcontainers initContainers: - name: init-volumes - image: "ghcr.io/nextcloud-releases/alpine:$DOCKER_TAG" + image: "ghcr.io/nextcloud-releases/aio-alpine:$DOCKER_TAG" command: - chmod - "777" @@ -81,7 +81,7 @@ EOL cat << EOL > /tmp/initcontainers.database initContainers: - name: init-subpath - image: "ghcr.io/nextcloud-releases/alpine:$DOCKER_TAG" + image: "ghcr.io/nextcloud-releases/aio-alpine:$DOCKER_TAG" command: - mkdir - "-p" @@ -94,7 +94,7 @@ EOL cat << EOL > /tmp/initcontainers.clamav initContainers: - name: init-subpath - image: "ghcr.io/nextcloud-releases/alpine:$DOCKER_TAG" + image: "ghcr.io/nextcloud-releases/aio-alpine:$DOCKER_TAG" command: - mkdir - "-p" @@ -108,7 +108,7 @@ cat << EOL > /tmp/initcontainers.nextcloud # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: "ghcr.io/nextcloud-releases/alpine:$DOCKER_TAG" + image: "ghcr.io/nextcloud-releases/aio-alpine:$DOCKER_TAG" command: - chmod - "777" From f0fd6bb44599715aedbd795937197d1efeb2aceb Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 15:11:03 +0200 Subject: [PATCH 28/29] collabora: fix permissions correctly Signed-off-by: Simon L. --- Containers/collabora/Dockerfile | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index c6b65ff8..26e9aa97 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -# From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker +# From a file located probably somewhere here: https://github.com/CollaboraOnline/online/blob/master/docker/from-packages/Dockerfile FROM collabora/code:24.04.13.2.1 USER root @@ -10,17 +10,13 @@ RUN set -ex; \ \ apt-get update; \ apt-get install -y --no-install-recommends \ -# # Disable because seems to be failing currently -# # tzdata \ netcat-openbsd \ ; \ - rm -rf /var/lib/apt/lists/*; \ -# Fix permissions for coolwsd.xml file. See https://github.com/CollaboraOnline/online/issues/11345 - chmod +r /etc/coolwsd/coolwsd.xml + rm -rf /var/lib/apt/lists/*; COPY --chmod=775 healthcheck.sh /healthcheck.sh -USER 100 +USER 1001 HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" From c01148811109daa5e139229830c3348cfb45842e Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Mon, 31 Mar 2025 16:02:30 +0200 Subject: [PATCH 29/29] mastercontainer: remove check for nextcloud.com as we check for ghcr.io instead Signed-off-by: Simon L. --- Containers/mastercontainer/start.sh | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index dff289d3..f361cdcc 100644 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -272,17 +272,6 @@ It is set to '$AIO_COMMUNITY_CONTAINERS'." fi fi -# Check DNS resolution -# Prevents issues like https://github.com/nextcloud/all-in-one/discussions/565 -curl https://nextcloud.com &>/dev/null -if [ "$?" = 6 ]; then - print_red "Could not resolve the host nextcloud.com." - echo "Most likely the DNS resolving does not work." - echo "You should be able to fix this by following https://dockerlabs.collabnix.com/intermediate/networking/Configuring_DNS.html" - echo "Apart from that, there has been this: https://github.com/nextcloud/all-in-one/discussions/2065" - exit 1 -fi - # Check if ghcr.io is reachable # Solves issues like https://github.com/nextcloud/all-in-one/discussions/5268 if ! curl https://ghcr.io &>/dev/null; then