diff --git a/.github/ISSUE_TEMPLATE/Bug_report.md b/.github/ISSUE_TEMPLATE/Bug_report.md index 5d6cc059..aca2e718 100644 --- a/.github/ISSUE_TEMPLATE/Bug_report.md +++ b/.github/ISSUE_TEMPLATE/Bug_report.md @@ -37,5 +37,3 @@ labels: 0. Needs triage #### Output of `sudo docker ps -a` #### Other valuable info - -#### A picture of a cute animal diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 2bd4823a..2fff5ddb 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Check spelling uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # v2 with: diff --git a/.github/workflows/collabora.yml b/.github/workflows/collabora.yml index 8e464925..abf5d520 100644 --- a/.github/workflows/collabora.yml +++ b/.github/workflows/collabora.yml @@ -10,7 +10,7 @@ jobs: name: update collabora runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run collabora-profile-update run: | rm -f php/cool-seccomp-profile.json diff --git a/.github/workflows/community-containers.yml b/.github/workflows/community-containers.yml index 7446677f..cfe35ee0 100644 --- a/.github/workflows/community-containers.yml +++ b/.github/workflows/community-containers.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Validate structure run: | CONTAINERS="$(find ./community-containers -mindepth 1 -maxdepth 1 -type d)" diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml index 1b448139..3a40363b 100644 --- a/.github/workflows/dependency-updates.yml +++ b/.github/workflows/dependency-updates.yml @@ -10,7 +10,7 @@ jobs: name: Run dependency update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: php-version: 8.4 diff --git a/.github/workflows/docker-lint.yml b/.github/workflows/docker-lint.yml index 917df1d6..b9ce68ef 100644 --- a/.github/workflows/docker-lint.yml +++ b/.github/workflows/docker-lint.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Install hadolint run: | diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml index a4f441c2..f621f229 100644 --- a/.github/workflows/helm-release.yml +++ b/.github/workflows/helm-release.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Turnstyle uses: softprops/turnstyle@e565d2d86403c5d23533937e95980570545e5586 # v2 diff --git a/.github/workflows/imaginary-update.yml b/.github/workflows/imaginary-update.yml index 060b376e..7440a09f 100644 --- a/.github/workflows/imaginary-update.yml +++ b/.github/workflows/imaginary-update.yml @@ -10,7 +10,7 @@ jobs: name: update to latest imaginary commit on master branch runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run imaginary-update run: | # Imaginary diff --git a/.github/workflows/json-validator.yml b/.github/workflows/json-validator.yml index 4cbd28ed..4213296b 100644 --- a/.github/workflows/json-validator.yml +++ b/.github/workflows/json-validator.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Validate Json run: | sudo apt-get update diff --git a/.github/workflows/lint-helm.yml b/.github/workflows/lint-helm.yml index 7beec865..1ea877a6 100644 --- a/.github/workflows/lint-helm.yml +++ b/.github/workflows/lint-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 with: fetch-depth: 0 diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index 0c5e2c74..12cba439 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v5.0.1 + uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index 3bb1d33f..010077ca 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/nextcloud-update.yml b/.github/workflows/nextcloud-update.yml index 7fe5bbf9..b96ac2b9 100644 --- a/.github/workflows/nextcloud-update.yml +++ b/.github/workflows/nextcloud-update.yml @@ -11,7 +11,7 @@ jobs: name: Run nextcloud-update script runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run nextcloud-update script run: | # Inspired by https://github.com/nextcloud/docker/blob/master/update.sh diff --git a/.github/workflows/php-deprecation-detector.yml b/.github/workflows/php-deprecation-detector.yml index c8638683..ee35830c 100644 --- a/.github/workflows/php-deprecation-detector.yml +++ b/.github/workflows/php-deprecation-detector.yml @@ -16,7 +16,7 @@ jobs: name: PHP Deprecation Detector runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 with: diff --git a/.github/workflows/playwright-on-push.yml b/.github/workflows/playwright-on-push.yml index af8dec02..28ba7d9c 100644 --- a/.github/workflows/playwright-on-push.yml +++ b/.github/workflows/playwright-on-push.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - uses: actions/setup-node@v6 with: diff --git a/.github/workflows/playwright-on-workflow-dispatch.yml b/.github/workflows/playwright-on-workflow-dispatch.yml index 252a6510..483811f2 100644 --- a/.github/workflows/playwright-on-workflow-dispatch.yml +++ b/.github/workflows/playwright-on-workflow-dispatch.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - uses: actions/setup-node@v6 with: diff --git a/.github/workflows/psalm-update-baseline.yml b/.github/workflows/psalm-update-baseline.yml index 1bd47ac4..14715108 100644 --- a/.github/workflows/psalm-update-baseline.yml +++ b/.github/workflows/psalm-update-baseline.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Set up php uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index bdae585e..cbc77bf5 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -32,7 +32,7 @@ jobs: name: static-psalm-analysis steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v5.0.1 + uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 86954033..0ef69085 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -15,7 +15,7 @@ jobs: name: Check Shell runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run Shellcheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0 with: diff --git a/.github/workflows/talk.yml b/.github/workflows/talk.yml index f28ad9f2..c1b96d24 100644 --- a/.github/workflows/talk.yml +++ b/.github/workflows/talk.yml @@ -10,7 +10,7 @@ jobs: name: update talk runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run talk-container-update run: | # Recording diff --git a/.github/workflows/twig-lint.yml b/.github/workflows/twig-lint.yml index 7e9b5cdc..3b04704d 100644 --- a/.github/workflows/twig-lint.yml +++ b/.github/workflows/twig-lint.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: Set up php ${{ matrix.php-versions }} uses: shivammathur/setup-php@7bf05c6b704e0b9bfee22300130a31b5ea68d593 # v2 diff --git a/.github/workflows/update-copyright.yml b/.github/workflows/update-copyright.yml index f7960ead..95329d3c 100644 --- a/.github/workflows/update-copyright.yml +++ b/.github/workflows/update-copyright.yml @@ -8,4 +8,4 @@ jobs: name: update copyright runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 diff --git a/.github/workflows/update-helm.yml b/.github/workflows/update-helm.yml index ee8e4669..2f441735 100644 --- a/.github/workflows/update-helm.yml +++ b/.github/workflows/update-helm.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: update helm chart run: | set -x diff --git a/.github/workflows/update-yaml.yml b/.github/workflows/update-yaml.yml index ba92fd50..41b0adf2 100644 --- a/.github/workflows/update-yaml.yml +++ b/.github/workflows/update-yaml.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@v6.0.2 - name: update yaml files run: | sudo bash manual-install/update-yaml.sh diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml index be929285..b26cd1a4 100644 --- a/.github/workflows/watchtower-update.yml +++ b/.github/workflows/watchtower-update.yml @@ -10,7 +10,7 @@ jobs: name: update watchtower runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.1 + - uses: actions/checkout@v6.0.2 - name: Run watchtower-container-update run: | # Watchtower diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..fec85a59 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,13 @@ + +In the Nextcloud community, participants from all over the world come together to create Free Software for a free internet. This is made possible by the support, hard work and enthusiasm of thousands of people, including those who create and use Nextcloud software. + +Our code of conduct offers some guidance to ensure Nextcloud participants can cooperate effectively in a positive and inspiring atmosphere, and to explain how together we can strengthen and support each other. + +The Code of Conduct is shared by all contributors and users who engage with the Nextcloud team and its community services. It presents a summary of the shared values and “common sense” thinking in our community. + +You can find our full code of conduct on our website: https://nextcloud.com/code-of-conduct/ + +Please, keep our CoC in mind when you contribute! That way, everyone can be a part of our community in a productive, positive, creative and fun way. diff --git a/Containers/apache/Dockerfile b/Containers/apache/Dockerfile index 0948fb25..9ccadfb8 100644 --- a/Containers/apache/Dockerfile +++ b/Containers/apache/Dockerfile @@ -88,4 +88,5 @@ CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/borgbackup/Dockerfile b/Containers/borgbackup/Dockerfile index 637d035c..97d6198b 100644 --- a/Containers/borgbackup/Dockerfile +++ b/Containers/borgbackup/Dockerfile @@ -24,5 +24,6 @@ ENTRYPOINT ["/start.sh"] USER root LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" ENV BORG_RETENTION_POLICY="--keep-within=7d --keep-weekly=4 --keep-monthly=6" diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 196b109a..e81fb06e 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -33,5 +33,6 @@ VOLUME /var/lib/clamav ENTRYPOINT ["/start.sh"] CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh diff --git a/Containers/collabora-online/Dockerfile b/Containers/collabora-online/Dockerfile index 72f79928..ec8b63f0 100644 --- a/Containers/collabora-online/Dockerfile +++ b/Containers/collabora-online/Dockerfile @@ -12,4 +12,5 @@ USER 1001 HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 50b6cfef..976360cb 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -11,4 +11,5 @@ USER 1001 HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/docker-socket-proxy/Dockerfile b/Containers/docker-socket-proxy/Dockerfile index 796c855a..62590f6f 100644 --- a/Containers/docker-socket-proxy/Dockerfile +++ b/Containers/docker-socket-proxy/Dockerfile @@ -19,4 +19,5 @@ COPY --chmod=664 haproxy.cfg /haproxy.cfg ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/domaincheck/Dockerfile b/Containers/domaincheck/Dockerfile index 769c24ac..8122f315 100644 --- a/Containers/domaincheck/Dockerfile +++ b/Containers/domaincheck/Dockerfile @@ -18,4 +18,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD nc -z 127.0.0.1 $APACHE_PORT || exit 1 LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index ed0cafe9..ff1e923f 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -22,5 +22,6 @@ USER 1000:0 HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" ENV ES_JAVA_OPTS="-Xms512M -Xmx512M" diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 11250a43..650c4c67 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.5-alpine3.23 AS go +FROM golang:1.25.6-alpine3.23 AS go ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee @@ -43,4 +43,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index d2019e49..2fea59d1 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -1,12 +1,12 @@ # syntax=docker/dockerfile:latest # Docker CLI is a requirement -FROM docker:29.1.4-cli AS docker +FROM docker:29.1.5-cli AS docker # Caddy is a requirement FROM caddy:2.10.2-alpine AS caddy # From https://github.com/docker-library/php/blob/master/8.4/alpine3.23/fpm/Dockerfile -FROM php:8.4.16-fpm-alpine3.23 +FROM php:8.4.17-fpm-alpine3.23 EXPOSE 80 EXPOSE 8080 @@ -127,6 +127,7 @@ RUN set -ex; \ # hadolint ignore=DL3048 LABEL org.label-schema.vendor="Nextcloud" \ + wud.watch="false" \ com.docker.compose.project="nextcloud-aio" # hadolint ignore=DL3002 diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 9c468bbb..c6d9bf7e 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM php:8.3.29-fpm-alpine3.23 +FROM php:8.3.30-fpm-alpine3.23 ENV PHP_MEMORY_LIMIT=512M ENV PHP_UPLOAD_LIMIT=16G @@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud ENV REDIS_DB_INDEX=0 # AIO settings start # Do not remove or change this line! -ENV NEXTCLOUD_VERSION=32.0.4 +ENV NEXTCLOUD_VERSION=32.0.5 ENV AIO_TOKEN=123456 ENV AIO_URL=localhost # AIO settings end # Do not remove or change this line! @@ -264,4 +264,5 @@ CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index 43432e6d..5f47a0f4 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -894,7 +894,9 @@ if [ -d "/var/www/html/custom_apps/spreed" ]; then RECORDING_SERVERS_STRING="{\"servers\":[{\"server\":\"http://$TALK_RECORDING_HOST:1234/\",\"verify\":true}],\"secret\":\"$RECORDING_SECRET\"}" php /var/www/html/occ config:app:set spreed recording_servers --value="$RECORDING_SERVERS_STRING" else - php /var/www/html/occ config:app:delete spreed recording_servers + if [ "$REMOVE_DISABLED_APPS" = yes ]; then + php /var/www/html/occ config:app:delete spreed recording_servers + fi fi fi diff --git a/Containers/notify-push/Dockerfile b/Containers/notify-push/Dockerfile index 029c93f2..425115c4 100644 --- a/Containers/notify-push/Dockerfile +++ b/Containers/notify-push/Dockerfile @@ -23,4 +23,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/onlyoffice/Dockerfile b/Containers/onlyoffice/Dockerfile index d028ccbc..13b4d456 100644 --- a/Containers/onlyoffice/Dockerfile +++ b/Containers/onlyoffice/Dockerfile @@ -8,4 +8,5 @@ COPY --chmod=775 healthcheck.sh /healthcheck.sh HEALTHCHECK --start-period=60s --retries=9 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/postgresql/Dockerfile b/Containers/postgresql/Dockerfile index 725b8042..56090f26 100644 --- a/Containers/postgresql/Dockerfile +++ b/Containers/postgresql/Dockerfile @@ -44,4 +44,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/redis/Dockerfile b/Containers/redis/Dockerfile index 7cc1ff84..cc9181ad 100644 --- a/Containers/redis/Dockerfile +++ b/Containers/redis/Dockerfile @@ -21,4 +21,5 @@ ENTRYPOINT ["/start.sh"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index 65af7db4..8df5b89e 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -58,4 +58,5 @@ CMD ["python", "-m", "nextcloud.talk.recording", "--config", "/conf/recording.co HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/talk/Dockerfile b/Containers/talk/Dockerfile index fc5f0379..fb78f943 100644 --- a/Containers/talk/Dockerfile +++ b/Containers/talk/Dockerfile @@ -107,4 +107,5 @@ CMD ["supervisord", "-c", "/supervisord.conf"] HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile index cd5238ac..83bccc07 100644 --- a/Containers/watchtower/Dockerfile +++ b/Containers/watchtower/Dockerfile @@ -1,13 +1,13 @@ # syntax=docker/dockerfile:latest -FROM golang:1.25.5-alpine3.23 AS go +FROM golang:1.25.6-alpine3.23 AS go -ENV WATCHTOWER_COMMIT_HASH=f6a7b29c312bec5f389a4fb52259919f0678800b +ENV WATCHTOWER_COMMIT_HASH=f522ce27e1fbe4618da54833025a95be62aa838a RUN set -ex; \ apk upgrade --no-cache -a; \ apk add --no-cache \ build-base; \ - go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.13.1 + go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH # v1.14.0 FROM alpine:3.23.2 @@ -24,4 +24,5 @@ USER root ENTRYPOINT ["/start.sh"] LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index 37ba25e0..3a3c5542 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile -FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.1 +FROM ghcr.io/nextcloud-releases/whiteboard:v1.5.3 USER root RUN set -ex; \ @@ -23,4 +23,5 @@ WORKDIR /tmp ENTRYPOINT ["/start.sh"] LABEL com.centurylinklabs.watchtower.enable="false" \ + wud.watch="false" \ org.label-schema.vendor="Nextcloud" diff --git a/community-containers/nocodb/nocodb.json b/community-containers/nocodb/nocodb.json index 7ef4cc5c..e93d173c 100644 --- a/community-containers/nocodb/nocodb.json +++ b/community-containers/nocodb/nocodb.json @@ -2,7 +2,7 @@ "aio_services_v1": [ { "container_name": "nextcloud-aio-nocodb", - "display_name": "NocoDB", + "display_name": "NocoDB (deprecated)", "documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/nocodb", "image": "nocodb/nocodb", "image_tag": "latest", diff --git a/community-containers/nocodb/readme.md b/community-containers/nocodb/readme.md index 4c1281b5..fa23f8f6 100644 --- a/community-containers/nocodb/readme.md +++ b/community-containers/nocodb/readme.md @@ -1,3 +1,8 @@ +> [!CAUTION] +> NocoDB is licensed under a non-free license. +> +> And is no longer maintained. + > [!NOTE] > This container is there to compensate for the lack of functionality in Nextcloud Tables. > diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 7d990549..6288a381 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 12.4.0 +version: 12.5.0 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 6cdf8db8..e540791c 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-apache name: nextcloud-aio-apache @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-apache spec: @@ -61,7 +61,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: WHITEBOARD_HOST value: nextcloud-aio-whiteboard - image: ghcr.io/nextcloud-releases/aio-apache:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-apache:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml index 404ee626..98e33a4d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-apache name: nextcloud-aio-apache diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index d7627802..57ec7739 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-clamav name: nextcloud-aio-clamav @@ -18,7 +18,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-clamav spec: @@ -36,7 +36,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - mkdir - "-p" @@ -59,7 +59,7 @@ spec: value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-clamav:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-clamav:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml index 8dc8597d..8b236093 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-clamav name: nextcloud-aio-clamav diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 7e86c402..cd4e1368 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-collabora name: nextcloud-aio-collabora @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-collabora spec: @@ -36,9 +36,9 @@ spec: - name: server_name value: "{{ .Values.NC_DOMAIN }}" {{- if contains "--o:support_key=" (join " " (.Values.ADDITIONAL_COLLABORA_OPTIONS | default list)) }} - image: ghcr.io/nextcloud-releases/aio-collabora-online:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-collabora-online:20260122_105751 {{- else }} - image: ghcr.io/nextcloud-releases/aio-collabora:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-collabora:20260122_105751 {{- end }} readinessProbe: exec: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml index ebe7bf3f..5c81ef3e 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-collabora name: nextcloud-aio-collabora diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index 055ecd0a..be6a9c90 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-database name: nextcloud-aio-database @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-database spec: @@ -35,7 +35,7 @@ spec: {{- end }} initContainers: - name: init-subpath - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - mkdir - "-p" @@ -64,7 +64,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-postgresql:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-postgresql:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml index 9451d908..45fdce3a 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-database name: nextcloud-aio-database diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index df30e6a8..bed60a0c 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-fulltextsearch name: nextcloud-aio-fulltextsearch @@ -18,13 +18,13 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-fulltextsearch spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - chmod - "777" @@ -54,7 +54,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-fulltextsearch:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml index ae759475..efe474b3 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-fulltextsearch name: nextcloud-aio-fulltextsearch diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index d2fc1375..af15d4b3 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-imaginary name: nextcloud-aio-imaginary @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-imaginary spec: @@ -38,7 +38,7 @@ spec: value: "{{ .Values.IMAGINARY_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-imaginary:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-imaginary:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml index a5fb3266..44a57006 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-imaginary name: nextcloud-aio-imaginary diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index fe72d307..8b6e8211 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-nextcloud name: nextcloud-aio-nextcloud @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-nextcloud spec: @@ -38,7 +38,7 @@ spec: # AIO settings start # Do not remove or change this line! initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - chmod - "777" @@ -190,7 +190,7 @@ spec: value: "{{ .Values.WHITEBOARD_ENABLED }}" - name: WHITEBOARD_SECRET value: "{{ .Values.WHITEBOARD_SECRET }}" - image: ghcr.io/nextcloud-releases/aio-nextcloud:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-nextcloud:20260122_105751 {{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment! securityContext: # The items below only work in container context diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml index 18cf84d8..08ab70f2 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-nextcloud name: nextcloud-aio-nextcloud diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index 5b05336e..c8e30d05 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-notify-push name: nextcloud-aio-notify-push @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-notify-push spec: @@ -57,7 +57,7 @@ spec: value: "6379" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-notify-push:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-notify-push:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml index 2b7bfccd..986d98d4 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-notify-push name: nextcloud-aio-notify-push diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index 0e3a7fda..2bb79f19 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-onlyoffice name: nextcloud-aio-onlyoffice @@ -18,13 +18,13 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-onlyoffice spec: initContainers: - name: init-volumes - image: ghcr.io/nextcloud-releases/aio-alpine:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-alpine:20260122_105751 command: - chmod - "777" @@ -42,7 +42,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-onlyoffice:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-onlyoffice:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml index 6ff9afa1..5fc10b85 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-onlyoffice name: nextcloud-aio-onlyoffice diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 1ccebd79..28335e64 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-redis name: nextcloud-aio-redis @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-redis spec: @@ -39,7 +39,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-redis:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-redis:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml index af82a0bb..a6a9a0a5 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-redis name: nextcloud-aio-redis diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index 8635a6ce..679dd66e 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk spec: @@ -52,7 +52,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-talk:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index 2cfcaa53..8e631656 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk-recording name: nextcloud-aio-talk-recording @@ -18,7 +18,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk-recording spec: @@ -44,7 +44,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-talk-recording:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-talk-recording:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml index 4410ed72..87fe0355 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk-recording name: nextcloud-aio-talk-recording diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml index 10d17177..65388792 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk-public @@ -27,7 +27,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml index 50dfc3c4..5788cfa0 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-whiteboard name: nextcloud-aio-whiteboard @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-whiteboard spec: @@ -50,7 +50,7 @@ spec: value: redis - name: TZ value: "{{ .Values.TIMEZONE }}" - image: ghcr.io/nextcloud-releases/aio-whiteboard:20260114_114729 + image: ghcr.io/nextcloud-releases/aio-whiteboard:20260122_105751 readinessProbe: exec: command: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-service.yaml index 8c8cb5aa..299f1ec3 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-whiteboard-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.version: 1.37.0 (fb0539e64) + kompose.version: 1.38.0 (a8f5d1cbd) labels: io.kompose.service: nextcloud-aio-whiteboard name: nextcloud-aio-whiteboard diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index f39d3035..9e5aba86 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -407,7 +407,7 @@ rm latest.yml mv latest.yml.backup latest.yml # Get version of AIO -AIO_VERSION="$(grep 'Nextcloud AIO ' ../php/templates/containers.twig | grep -oP '[0-9]+.[0-9]+.[0-9]+')" +AIO_VERSION="$(grep 'Nextcloud AIO ' ../php/templates/includes/aio-version.twig | grep -oP '[0-9]+.[0-9]+.[0-9]+')" sed -i "s|^version:.*|version: $AIO_VERSION|" ../helm-chart/Chart.yaml # Conversion of sample.conf diff --git a/php/composer.lock b/php/composer.lock index ce1ae80f..75e53dfe 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -3111,20 +3111,20 @@ }, { "name": "league/uri", - "version": "7.7.0", + "version": "7.8.0", "source": { "type": "git", "url": "https://github.com/thephpleague/uri.git", - "reference": "8d587cddee53490f9b82bf203d3a9aa7ea4f9807" + "reference": "4436c6ec8d458e4244448b069cc572d088230b76" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/uri/zipball/8d587cddee53490f9b82bf203d3a9aa7ea4f9807", - "reference": "8d587cddee53490f9b82bf203d3a9aa7ea4f9807", + "url": "https://api.github.com/repos/thephpleague/uri/zipball/4436c6ec8d458e4244448b069cc572d088230b76", + "reference": "4436c6ec8d458e4244448b069cc572d088230b76", "shasum": "" }, "require": { - "league/uri-interfaces": "^7.7", + "league/uri-interfaces": "^7.8", "php": "^8.1", "psr/http-factory": "^1" }, @@ -3138,11 +3138,11 @@ "ext-gmp": "to improve IPV4 host parsing", "ext-intl": "to handle IDN host with the best performance", "ext-uri": "to use the PHP native URI class", - "jeremykendall/php-domain-parser": "to resolve Public Suffix and Top Level Domain", - "league/uri-components": "Needed to easily manipulate URI objects components", - "league/uri-polyfill": "Needed to backport the PHP URI extension for older versions of PHP", + "jeremykendall/php-domain-parser": "to further parse the URI host and resolve its Public Suffix and Top Level Domain", + "league/uri-components": "to provide additional tools to manipulate URI objects components", + "league/uri-polyfill": "to backport the PHP URI extension for older versions of PHP", "php-64bit": "to improve IPV4 host parsing", - "rowbot/url": "to handle WHATWG URL", + "rowbot/url": "to handle URLs using the WHATWG URL Living Standard specification", "symfony/polyfill-intl-idn": "to handle IDN host via the Symfony polyfill if ext-intl is not present" }, "type": "library", @@ -3197,7 +3197,7 @@ "docs": "https://uri.thephpleague.com", "forum": "https://thephpleague.slack.com", "issues": "https://github.com/thephpleague/uri-src/issues", - "source": "https://github.com/thephpleague/uri/tree/7.7.0" + "source": "https://github.com/thephpleague/uri/tree/7.8.0" }, "funding": [ { @@ -3205,20 +3205,20 @@ "type": "github" } ], - "time": "2025-12-07T16:02:06+00:00" + "time": "2026-01-14T17:24:56+00:00" }, { "name": "league/uri-interfaces", - "version": "7.7.0", + "version": "7.8.0", "source": { "type": "git", "url": "https://github.com/thephpleague/uri-interfaces.git", - "reference": "62ccc1a0435e1c54e10ee6022df28d6c04c2946c" + "reference": "c5c5cd056110fc8afaba29fa6b72a43ced42acd4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/uri-interfaces/zipball/62ccc1a0435e1c54e10ee6022df28d6c04c2946c", - "reference": "62ccc1a0435e1c54e10ee6022df28d6c04c2946c", + "url": "https://api.github.com/repos/thephpleague/uri-interfaces/zipball/c5c5cd056110fc8afaba29fa6b72a43ced42acd4", + "reference": "c5c5cd056110fc8afaba29fa6b72a43ced42acd4", "shasum": "" }, "require": { @@ -3231,7 +3231,7 @@ "ext-gmp": "to improve IPV4 host parsing", "ext-intl": "to handle IDN host with the best performance", "php-64bit": "to improve IPV4 host parsing", - "rowbot/url": "to handle WHATWG URL", + "rowbot/url": "to handle URLs using the WHATWG URL Living Standard specification", "symfony/polyfill-intl-idn": "to handle IDN host via the Symfony polyfill if ext-intl is not present" }, "type": "library", @@ -3281,7 +3281,7 @@ "docs": "https://uri.thephpleague.com", "forum": "https://thephpleague.slack.com", "issues": "https://github.com/thephpleague/uri-src/issues", - "source": "https://github.com/thephpleague/uri-interfaces/tree/7.7.0" + "source": "https://github.com/thephpleague/uri-interfaces/tree/7.8.0" }, "funding": [ { @@ -3289,7 +3289,7 @@ "type": "github" } ], - "time": "2025-12-07T16:03:21+00:00" + "time": "2026-01-15T06:54:53+00:00" }, { "name": "netresearch/jsonmapper", @@ -3455,16 +3455,16 @@ }, { "name": "phpdocumentor/reflection-docblock", - "version": "6.0.0", + "version": "6.0.1", "source": { "type": "git", "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git", - "reference": "02600c041e7d0f4b7d1fe1d260565ec525472fa9" + "reference": "2f5cbed597cb261d1ea458f3da3a9ad32e670b1e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/02600c041e7d0f4b7d1fe1d260565ec525472fa9", - "reference": "02600c041e7d0f4b7d1fe1d260565ec525472fa9", + "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/2f5cbed597cb261d1ea458f3da3a9ad32e670b1e", + "reference": "2f5cbed597cb261d1ea458f3da3a9ad32e670b1e", "shasum": "" }, "require": { @@ -3514,9 +3514,9 @@ "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.", "support": { "issues": "https://github.com/phpDocumentor/ReflectionDocBlock/issues", - "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/6.0.0" + "source": "https://github.com/phpDocumentor/ReflectionDocBlock/tree/6.0.1" }, - "time": "2026-01-07T20:22:53+00:00" + "time": "2026-01-20T15:30:42+00:00" }, { "name": "phpdocumentor/type-resolver", diff --git a/php/get-configurable-aio-variables.sh b/php/get-configurable-aio-variables.sh new file mode 100755 index 00000000..44536bd3 --- /dev/null +++ b/php/get-configurable-aio-variables.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +awk '/^ public [^f][^u][^n]/ { sub(/\$/, "", $3); print $3 }' php/src/Data/ConfigurationManager.php | sort diff --git a/php/psalm.xml b/php/psalm.xml index d7ce38c9..576d82d2 100644 --- a/php/psalm.xml +++ b/php/psalm.xml @@ -20,5 +20,10 @@ + + + + + diff --git a/php/public/index.php b/php/public/index.php index b57f65a5..47c6bb7b 100644 --- a/php/public/index.php +++ b/php/public/index.php @@ -91,10 +91,10 @@ $app->get('/containers', function (Request $request, Response $response, array $ $skip_domain_validation = isset($params['skip_domain_validation']); return $view->render($response, 'containers.twig', [ - 'domain' => $configurationManager->GetDomain(), - 'apache_port' => $configurationManager->GetApachePort(), - 'borg_backup_host_location' => $configurationManager->GetBorgBackupHostLocation(), - 'borg_remote_repo' => $configurationManager->GetBorgRemoteRepo(), + 'domain' => $configurationManager->domain, + 'apache_port' => $configurationManager->apachePort, + 'borg_backup_host_location' => $configurationManager->borgBackupHostLocation, + 'borg_remote_repo' => $configurationManager->borgRemoteRepo, 'borg_public_key' => $configurationManager->GetBorgPublicKey(), 'nextcloud_password' => $configurationManager->GetAndGenerateSecret('NEXTCLOUD_PASSWORD'), 'containers' => (new \AIO\ContainerDefinitionFetcher($container->get(\AIO\Data\ConfigurationManager::class), $container))->FetchDefinition(), @@ -103,42 +103,42 @@ $app->get('/containers', function (Request $request, Response $response, array $ 'has_backup_run_once' => $configurationManager->hasBackupRunOnce(), 'is_backup_container_running' => $dockerActionManager->isBackupContainerRunning(), 'backup_exit_code' => $dockerActionManager->GetBackupcontainerExitCode(), - 'is_instance_restore_attempt' => $configurationManager->isInstanceRestoreAttempt(), - 'borg_backup_mode' => $configurationManager->GetBackupMode(), - 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked(), + 'is_instance_restore_attempt' => $configurationManager->instanceRestoreAttempt, + 'borg_backup_mode' => $configurationManager->backupMode, + 'was_start_button_clicked' => $configurationManager->wasStartButtonClicked, 'has_update_available' => $dockerActionManager->isAnyUpdateAvailable(), 'last_backup_time' => $configurationManager->GetLastBackupTime(), 'backup_times' => $configurationManager->GetBackupTimes(), 'current_channel' => $dockerActionManager->GetCurrentChannel(), - 'is_clamav_enabled' => $configurationManager->isClamavEnabled(), - 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled(), - 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled(), - 'is_talk_enabled' => $configurationManager->isTalkEnabled(), - 'borg_restore_password' => $configurationManager->GetBorgRestorePassword(), + 'is_clamav_enabled' => $configurationManager->isClamavEnabled, + 'is_onlyoffice_enabled' => $configurationManager->isOnlyofficeEnabled, + 'is_collabora_enabled' => $configurationManager->isCollaboraEnabled, + 'is_talk_enabled' => $configurationManager->isTalkEnabled, + 'borg_restore_password' => $configurationManager->borgRestorePassword, 'daily_backup_time' => $configurationManager->GetDailyBackupTime(), 'is_daily_backup_running' => $configurationManager->isDailyBackupRunning(), - 'timezone' => $configurationManager->GetTimezone(), + 'timezone' => $configurationManager->timezone, 'skip_domain_validation' => $configurationManager->shouldDomainValidationBeSkipped($skip_domain_validation), - 'talk_port' => $configurationManager->GetTalkPort(), - 'collabora_dictionaries' => $configurationManager->GetCollaboraDictionaries(), - 'collabora_additional_options' => $configurationManager->GetAdditionalCollaboraOptions(), + 'talk_port' => $configurationManager->talkPort, + 'collabora_dictionaries' => $configurationManager->collaboraDictionaries, + 'collabora_additional_options' => $configurationManager->collaboraAdditionalOptions, 'automatic_updates' => $configurationManager->areAutomaticUpdatesEnabled(), 'is_backup_section_enabled' => $configurationManager->isBackupSectionEnabled(), - 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled(), - 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled(), + 'is_imaginary_enabled' => $configurationManager->isImaginaryEnabled, + 'is_fulltextsearch_enabled' => $configurationManager->isFulltextsearchEnabled, 'additional_backup_directories' => $configurationManager->GetAdditionalBackupDirectoriesString(), - 'nextcloud_datadir' => $configurationManager->GetNextcloudDatadirMount(), - 'nextcloud_mount' => $configurationManager->GetNextcloudMount(), - 'nextcloud_upload_limit' => $configurationManager->GetNextcloudUploadLimit(), - 'nextcloud_max_time' => $configurationManager->GetNextcloudMaxTime(), - 'nextcloud_memory_limit' => $configurationManager->GetNextcloudMemoryLimit(), + 'nextcloud_datadir' => $configurationManager->nextcloudDatadirMount, + 'nextcloud_mount' => $configurationManager->nextcloudMount, + 'nextcloud_upload_limit' => $configurationManager->nextcloudUploadLimit, + 'nextcloud_max_time' => $configurationManager->nextcloudMaxTime, + 'nextcloud_memory_limit' => $configurationManager->nextcloudMemoryLimit, 'is_dri_device_enabled' => $configurationManager->isDriDeviceEnabled(), 'is_nvidia_gpu_enabled' => $configurationManager->isNvidiaGpuEnabled(), - 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled(), - 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled(), - 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled(), + 'is_talk_recording_enabled' => $configurationManager->isTalkRecordingEnabled, + 'is_docker_socket_proxy_enabled' => $configurationManager->isDockerSocketProxyEnabled, + 'is_whiteboard_enabled' => $configurationManager->isWhiteboardEnabled, 'community_containers' => $configurationManager->listAvailableCommunityContainers(), - 'community_containers_enabled' => $configurationManager->GetEnabledCommunityContainers(), + 'community_containers_enabled' => $configurationManager->aioCommunityContainers, 'bypass_container_update' => $bypass_container_update, ]); })->setName('profile'); diff --git a/php/src/Auth/AuthManager.php b/php/src/Auth/AuthManager.php index 925ff89f..f6ab0d10 100644 --- a/php/src/Auth/AuthManager.php +++ b/php/src/Auth/AuthManager.php @@ -15,11 +15,11 @@ readonly class AuthManager { } public function CheckCredentials(string $password) : bool { - return hash_equals($this->configurationManager->GetPassword(), $password); + return hash_equals($this->configurationManager->password, $password); } public function CheckToken(string $token) : bool { - return hash_equals($this->configurationManager->GetToken(), $token); + return hash_equals($this->configurationManager->aioToken, $token); } public function SetAuthState(bool $isLoggedIn) : void { diff --git a/php/src/Container/Container.php b/php/src/Container/Container.php index baee1c00..6e5d2b54 100644 --- a/php/src/Container/Container.php +++ b/php/src/Container/Container.php @@ -5,121 +5,56 @@ namespace AIO\Container; use AIO\Data\ConfigurationManager; use AIO\Docker\DockerActionManager; use AIO\ContainerDefinitionFetcher; +use JsonException; readonly class Container { public function __construct( - private string $identifier, - private string $displayName, - private string $containerName, - private string $restartPolicy, - private int $maxShutdownTime, - private ContainerPorts $ports, - private string $internalPorts, - private ContainerVolumes $volumes, - private ContainerEnvironmentVariables $containerEnvironmentVariables, + public string $identifier, + public string $displayName, + public string $containerName, + public string $restartPolicy, + public int $maxShutdownTime, + public ContainerPorts $ports, + public string $internalPorts, + public ContainerVolumes $volumes, + public ContainerEnvironmentVariables $containerEnvironmentVariables, /** @var string[] */ - private array $dependsOn, + public array $dependsOn, private string $uiSecret, /** @var string[] */ - private array $devices, - private bool $enableNvidiaGpu, + public array $devices, + public bool $enableNvidiaGpu, /** @var string[] */ - private array $capAdd, - private int $shmSize, - private bool $apparmorUnconfined, + public array $capAdd, + public int $shmSize, + public bool $apparmorUnconfined, /** @var string[] */ - private array $backupVolumes, - private array $nextcloudExecCommands, - private bool $readOnlyRootFs, - private array $tmpfs, - private bool $init, - private string $imageTag, - private AioVariables $aioVariables, - private string $documentation, + public array $backupVolumes, + public array $nextcloudExecCommands, + public bool $readOnlyRootFs, + public array $tmpfs, + public bool $init, + public string $imageTag, + public AioVariables $aioVariables, + public string $documentation, private DockerActionManager $dockerActionManager ) { } - public function GetIdentifier() : string { - return $this->identifier; - } - - public function GetDisplayName() : string { - return $this->displayName; - } - - public function GetContainerName() : string { - return $this->containerName; - } - - public function GetRestartPolicy() : string { - return $this->restartPolicy; - } - - public function GetImageTag() : string { - return $this->imageTag; - } - - public function GetReadOnlySetting() : bool { - return $this->readOnlyRootFs; - } - - public function GetInit() : bool { - return $this->init; - } - - public function GetShmSize() : int { - return $this->shmSize; - } - - public function isApparmorUnconfined() : bool { - return $this->apparmorUnconfined; - } - - public function GetMaxShutdownTime() : int { - return $this->maxShutdownTime; - } - public function GetUiSecret() : string { return $this->dockerActionManager->GetAndGenerateSecretWrapper($this->uiSecret); } - public function GetTmpfs() : array { - return $this->tmpfs; - } - - public function GetDevices() : array { - return $this->devices; - } - - public function isNvidiaGpuEnabled() : bool { - return $this->enableNvidiaGpu; - } - - public function GetCapAdds() : array { - return $this->capAdd; - } - - public function GetBackupVolumes() : array { - return $this->backupVolumes; - } - - public function GetPorts() : ContainerPorts { - return $this->ports; - } - - public function GetInternalPort() : string { - return $this->internalPorts; - } - - public function GetVolumes() : ContainerVolumes { - return $this->volumes; - } - + /** + * @throws JsonException + */ public function GetRunningState() : ContainerState { return $this->dockerActionManager->GetContainerRunningState($this); } + /** + * @throws JsonException + */ public function GetRestartingState() : ContainerState { return $this->dockerActionManager->GetContainerRestartingState($this); } @@ -131,27 +66,4 @@ readonly class Container { public function GetStartingState() : ContainerState { return $this->dockerActionManager->GetContainerStartingState($this); } - - /** - * @return string[] - */ - public function GetDependsOn() : array { - return $this->dependsOn; - } - - public function GetNextcloudExecCommands() : array { - return $this->nextcloudExecCommands; - } - - public function GetEnvironmentVariables() : ContainerEnvironmentVariables { - return $this->containerEnvironmentVariables; - } - - public function GetAioVariables() : AioVariables { - return $this->aioVariables; - } - - public function GetDocumentation() : string { - return $this->documentation; - } } diff --git a/php/src/ContainerDefinitionFetcher.php b/php/src/ContainerDefinitionFetcher.php index 7b092e45..3bbc37e2 100644 --- a/php/src/ContainerDefinitionFetcher.php +++ b/php/src/ContainerDefinitionFetcher.php @@ -25,7 +25,7 @@ readonly class ContainerDefinitionFetcher { $containers = $this->FetchDefinition(); foreach ($containers as $container) { - if ($container->GetIdentifier() === $id) { + if ($container->identifier === $id) { return $container; } } @@ -41,7 +41,7 @@ readonly class ContainerDefinitionFetcher { $data = json_decode((string)file_get_contents(DataConst::GetContainersDefinitionPath()), true, 512, JSON_THROW_ON_ERROR); $additionalContainerNames = []; - foreach ($this->configurationManager->GetEnabledCommunityContainers() as $communityContainer) { + foreach ($this->configurationManager->aioCommunityContainers as $communityContainer) { if ($communityContainer !== '') { $path = DataConst::GetCommunityContainersDirectory() . '/' . $communityContainer . '/' . $communityContainer . '.json'; $additionalData = json_decode((string)file_get_contents($path), true, 512, JSON_THROW_ON_ERROR); @@ -56,42 +56,42 @@ readonly class ContainerDefinitionFetcher { $containers = []; foreach ($data['aio_services_v1'] as $entry) { if ($entry['container_name'] === 'nextcloud-aio-clamav') { - if (!$this->configurationManager->isClamavEnabled()) { + if (!$this->configurationManager->isClamavEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-onlyoffice') { - if (!$this->configurationManager->isOnlyofficeEnabled()) { + if (!$this->configurationManager->isOnlyofficeEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-collabora') { - if (!$this->configurationManager->isCollaboraEnabled()) { + if (!$this->configurationManager->isCollaboraEnabled) { continue; } if ($this->configurationManager->isCollaboraSubscriptionEnabled()) { $entry['image'] = 'ghcr.io/nextcloud-releases/aio-collabora-online'; } } elseif ($entry['container_name'] === 'nextcloud-aio-talk') { - if (!$this->configurationManager->isTalkEnabled()) { + if (!$this->configurationManager->isTalkEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-talk-recording') { - if (!$this->configurationManager->isTalkRecordingEnabled()) { + if (!$this->configurationManager->isTalkRecordingEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-imaginary') { - if (!$this->configurationManager->isImaginaryEnabled()) { + if (!$this->configurationManager->isImaginaryEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-fulltextsearch') { - if (!$this->configurationManager->isFulltextsearchEnabled()) { + if (!$this->configurationManager->isFulltextsearchEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-docker-socket-proxy') { - if (!$this->configurationManager->isDockerSocketProxyEnabled()) { + if (!$this->configurationManager->isDockerSocketProxyEnabled) { continue; } } elseif ($entry['container_name'] === 'nextcloud-aio-whiteboard') { - if (!$this->configurationManager->isWhiteboardEnabled()) { + if (!$this->configurationManager->isWhiteboardEnabled) { continue; } } @@ -113,18 +113,18 @@ readonly class ContainerDefinitionFetcher { if (isset($entry['volumes'])) { foreach ($entry['volumes'] as $value) { if($value['source'] === '%BORGBACKUP_HOST_LOCATION%') { - $value['source'] = $this->configurationManager->GetBorgBackupHostLocation(); + $value['source'] = $this->configurationManager->borgBackupHostLocation; if($value['source'] === '') { continue; } } if($value['source'] === '%NEXTCLOUD_MOUNT%') { - $value['source'] = $this->configurationManager->GetNextcloudMount(); + $value['source'] = $this->configurationManager->nextcloudMount; if($value['source'] === '') { continue; } } elseif ($value['source'] === '%NEXTCLOUD_DATADIR%') { - $value['source'] = $this->configurationManager->GetNextcloudDatadirMount(); + $value['source'] = $this->configurationManager->nextcloudDatadirMount; if ($value['source'] === '') { continue; } @@ -140,7 +140,7 @@ readonly class ContainerDefinitionFetcher { } } if ($value['destination'] === '%NEXTCLOUD_MOUNT%') { - $value['destination'] = $this->configurationManager->GetNextcloudMount(); + $value['destination'] = $this->configurationManager->nextcloudMount; if($value['destination'] === '') { continue; } @@ -168,39 +168,39 @@ readonly class ContainerDefinitionFetcher { } foreach ($valueDependsOn as $value) { if ($value === 'nextcloud-aio-clamav') { - if (!$this->configurationManager->isClamavEnabled()) { + if (!$this->configurationManager->isClamavEnabled) { continue; } } elseif ($value === 'nextcloud-aio-onlyoffice') { - if (!$this->configurationManager->isOnlyofficeEnabled()) { + if (!$this->configurationManager->isOnlyofficeEnabled) { continue; } } elseif ($value === 'nextcloud-aio-collabora') { - if (!$this->configurationManager->isCollaboraEnabled()) { + if (!$this->configurationManager->isCollaboraEnabled) { continue; } } elseif ($value === 'nextcloud-aio-talk') { - if (!$this->configurationManager->isTalkEnabled()) { + if (!$this->configurationManager->isTalkEnabled) { continue; } } elseif ($value === 'nextcloud-aio-talk-recording') { - if (!$this->configurationManager->isTalkRecordingEnabled()) { + if (!$this->configurationManager->isTalkRecordingEnabled) { continue; } } elseif ($value === 'nextcloud-aio-imaginary') { - if (!$this->configurationManager->isImaginaryEnabled()) { + if (!$this->configurationManager->isImaginaryEnabled) { continue; } } elseif ($value === 'nextcloud-aio-fulltextsearch') { - if (!$this->configurationManager->isFulltextsearchEnabled()) { + if (!$this->configurationManager->isFulltextsearchEnabled) { continue; } } elseif ($value === 'nextcloud-aio-docker-socket-proxy') { - if (!$this->configurationManager->isDockerSocketProxyEnabled()) { + if (!$this->configurationManager->isDockerSocketProxyEnabled) { continue; } } elseif ($value === 'nextcloud-aio-whiteboard') { - if (!$this->configurationManager->isWhiteboardEnabled()) { + if (!$this->configurationManager->isWhiteboardEnabled) { continue; } } diff --git a/php/src/Controller/ConfigurationController.php b/php/src/Controller/ConfigurationController.php index 45586f9c..d73fd656 100644 --- a/php/src/Controller/ConfigurationController.php +++ b/php/src/Controller/ConfigurationController.php @@ -67,63 +67,27 @@ readonly class ConfigurationController { } if (isset($request->getParsedBody()['delete_timezone'])) { - $this->configurationManager->DeleteTimezone(); + $this->configurationManager->deleteTimezone(); } if (isset($request->getParsedBody()['timezone'])) { $timezone = $request->getParsedBody()['timezone'] ?? ''; - $this->configurationManager->SetTimezone($timezone); + $this->configurationManager->timezone = $timezone; } if (isset($request->getParsedBody()['options-form'])) { if (isset($request->getParsedBody()['collabora']) && isset($request->getParsedBody()['onlyoffice'])) { throw new InvalidSettingConfigurationException("Collabora and Onlyoffice are not allowed to be enabled at the same time!"); } - if (isset($request->getParsedBody()['clamav'])) { - $this->configurationManager->SetClamavEnabledState(1); - } else { - $this->configurationManager->SetClamavEnabledState(0); - } - if (isset($request->getParsedBody()['onlyoffice'])) { - $this->configurationManager->SetOnlyofficeEnabledState(1); - } else { - $this->configurationManager->SetOnlyofficeEnabledState(0); - } - if (isset($request->getParsedBody()['collabora'])) { - $this->configurationManager->SetCollaboraEnabledState(1); - } else { - $this->configurationManager->SetCollaboraEnabledState(0); - } - if (isset($request->getParsedBody()['talk'])) { - $this->configurationManager->SetTalkEnabledState(1); - } else { - $this->configurationManager->SetTalkEnabledState(0); - } - if (isset($request->getParsedBody()['talk-recording'])) { - $this->configurationManager->SetTalkRecordingEnabledState(1); - } else { - $this->configurationManager->SetTalkRecordingEnabledState(0); - } - if (isset($request->getParsedBody()['imaginary'])) { - $this->configurationManager->SetImaginaryEnabledState(1); - } else { - $this->configurationManager->SetImaginaryEnabledState(0); - } - if (isset($request->getParsedBody()['fulltextsearch'])) { - $this->configurationManager->SetFulltextsearchEnabledState(1); - } else { - $this->configurationManager->SetFulltextsearchEnabledState(0); - } - if (isset($request->getParsedBody()['docker-socket-proxy'])) { - $this->configurationManager->SetDockerSocketProxyEnabledState(1); - } else { - $this->configurationManager->SetDockerSocketProxyEnabledState(0); - } - if (isset($request->getParsedBody()['whiteboard'])) { - $this->configurationManager->SetWhiteboardEnabledState(1); - } else { - $this->configurationManager->SetWhiteboardEnabledState(0); - } + $this->configurationManager->isClamavEnabled = isset($request->getParsedBody()['clamav']); + $this->configurationManager->isOnlyofficeEnabled = isset($request->getParsedBody()['onlyoffice']); + $this->configurationManager->isCollaboraEnabled = isset($request->getParsedBody()['collabora']); + $this->configurationManager->isTalkEnabled = isset($request->getParsedBody()['talk']); + $this->configurationManager->isTalkRecordingEnabled = isset($request->getParsedBody()['talk-recording']); + $this->configurationManager->isImaginaryEnabled = isset($request->getParsedBody()['imaginary']); + $this->configurationManager->isFulltextsearchEnabled = isset($request->getParsedBody()['fulltextsearch']); + $this->configurationManager->isDockerSocketProxyEnabled = isset($request->getParsedBody()['docker-socket-proxy']); + $this->configurationManager->isWhiteboardEnabled = isset($request->getParsedBody()['whiteboard']); } if (isset($request->getParsedBody()['community-form'])) { @@ -137,7 +101,7 @@ readonly class ConfigurationController { $enabledCC[] = $item; } } - $this->configurationManager->SetEnabledCommunityContainers($enabledCC); + $this->configurationManager->aioCommunityContainers = $enabledCC; } if (isset($request->getParsedBody()['delete_collabora_dictionaries'])) { @@ -146,16 +110,16 @@ readonly class ConfigurationController { if (isset($request->getParsedBody()['collabora_dictionaries'])) { $collaboraDictionaries = $request->getParsedBody()['collabora_dictionaries'] ?? ''; - $this->configurationManager->SetCollaboraDictionaries($collaboraDictionaries); + $this->configurationManager->collaboraDictionaries = $collaboraDictionaries; } if (isset($request->getParsedBody()['delete_collabora_additional_options'])) { - $this->configurationManager->DeleteAdditionalCollaboraOptions(); + $this->configurationManager->deleteAdditionalCollaboraOptions(); } if (isset($request->getParsedBody()['collabora_additional_options'])) { $additionalCollaboraOptions = $request->getParsedBody()['collabora_additional_options'] ?? ''; - $this->configurationManager->SetAdditionalCollaboraOptions($additionalCollaboraOptions); + $this->configurationManager->collaboraAdditionalOptions = $additionalCollaboraOptions; } if (isset($request->getParsedBody()['delete_borg_backup_location_vars'])) { diff --git a/php/src/Controller/DockerController.php b/php/src/Controller/DockerController.php index 27a06bc8..81b920d0 100644 --- a/php/src/Controller/DockerController.php +++ b/php/src/Controller/DockerController.php @@ -23,7 +23,7 @@ readonly class DockerController { $container = $this->containerDefinitionFetcher->GetContainerById($id); // Start all dependencies first and then itself - foreach($container->GetDependsOn() as $dependency) { + foreach($container->dependsOn as $dependency) { $this->PerformRecursiveContainerStart($dependency, $pullImage); } @@ -46,7 +46,7 @@ readonly class DockerController { $container = $this->containerDefinitionFetcher->GetContainerById($id); // Pull all dependencies first and then itself - foreach($container->GetDependsOn() as $dependency) { + foreach($container->dependsOn as $dependency) { $this->PerformRecursiveImagePull($dependency); } @@ -89,7 +89,7 @@ readonly class DockerController { } public function startBackup(bool $forceStopNextcloud = false) : void { - $this->configurationManager->SetBackupMode('backup'); + $this->configurationManager->backupMode = 'backup'; $id = self::TOP_CONTAINER; $this->PerformRecursiveContainerStop($id, $forceStopNextcloud); @@ -109,29 +109,25 @@ readonly class DockerController { } public function checkBackup() : void { - $this->configurationManager->SetBackupMode('check'); + $this->configurationManager->backupMode = 'check'; $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); } private function listBackup() : void { - $this->configurationManager->SetBackupMode('list'); + $this->configurationManager->backupMode = 'list'; $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); } public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response { - $this->configurationManager->SetBackupMode('restore'); - $config = $this->configurationManager->GetConfig(); - $config['selected-restore-time'] = $request->getParsedBody()['selected_restore_time'] ?? ''; - if (isset($request->getParsedBody()['restore-exclude-previews'])) { - $config['restore-exclude-previews'] = 1; - } else { - $config['restore-exclude-previews'] = ''; - } - $this->configurationManager->WriteConfig($config); + $this->configurationManager->startTransaction(); + $this->configurationManager->backupMode = 'restore'; + $this->configurationManager->selectedRestoreTime = $request->getParsedBody()['selected_restore_time'] ?? ''; + $this->configurationManager->restoreExcludePreviews = isset($request->getParsedBody()['restore-exclude-previews']); + $this->configurationManager->commitTransaction(); $id = self::TOP_CONTAINER; $forceStopNextcloud = true; @@ -144,22 +140,22 @@ readonly class DockerController { } public function StartBackupContainerCheckRepair(Request $request, Response $response, array $args) : Response { - $this->configurationManager->SetBackupMode('check-repair'); + $this->configurationManager->backupMode = 'check-repair'; $id = 'nextcloud-aio-borgbackup'; $this->PerformRecursiveContainerStart($id); // Restore to backup check which is needed to make the UI logic work correctly - $this->configurationManager->SetBackupMode('check'); + $this->configurationManager->backupMode = 'check'; return $response->withStatus(201)->withHeader('Location', '.'); } public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response { - $this->configurationManager->SetBackupMode('test'); - $config = $this->configurationManager->GetConfig(); - $config['instance_restore_attempt'] = 0; - $this->configurationManager->WriteConfig($config); + $this->configurationManager->startTransaction(); + $this->configurationManager->backupMode = 'test'; + $this->configurationManager->instanceRestoreAttempt = false; + $this->configurationManager->commitTransaction(); $id = self::TOP_CONTAINER; $this->PerformRecursiveContainerStop($id); @@ -182,20 +178,19 @@ readonly class DockerController { } if (isset($request->getParsedBody()['install_latest_major'])) { - $installLatestMajor = 32; + $installLatestMajor = '32'; } else { - $installLatestMajor = ""; + $installLatestMajor = ''; } - - $config = $this->configurationManager->GetConfig(); + + $this->configurationManager->startTransaction(); + $this->configurationManager->installLatestMajor = $installLatestMajor; // set AIO_URL - $config['AIO_URL'] = $host . ':' . (string)$port . $path; + $this->configurationManager->aioUrl = $host . ':' . (string)$port . $path; // set wasStartButtonClicked - $config['wasStartButtonClicked'] = 1; - // set install_latest_major - $config['install_latest_major'] = $installLatestMajor; - $this->configurationManager->WriteConfig($config); - + $this->configurationManager->wasStartButtonClicked = true; + $this->configurationManager->commitTransaction(); + // Do not pull container images in case 'bypass_container_update' is set via url params // Needed for local testing $pullImage = !isset($request->getParsedBody()['bypass_container_update']); @@ -213,10 +208,7 @@ readonly class DockerController { } public function startTopContainer(bool $pullImage) : void { - $config = $this->configurationManager->GetConfig(); - // set AIO_TOKEN - $config['AIO_TOKEN'] = bin2hex(random_bytes(24)); - $this->configurationManager->WriteConfig($config); + $this->configurationManager->aioToken = bin2hex(random_bytes(24)); // Stop domaincheck since apache would not be able to start otherwise $this->StopDomaincheckContainer(); @@ -244,7 +236,7 @@ readonly class DockerController { // This is a hack but no better solution was found for the meantime // Stop Collabora first to make sure it force-saves // See https://github.com/nextcloud/richdocuments/issues/3799 - if ($id === self::TOP_CONTAINER && $this->configurationManager->isCollaboraEnabled()) { + if ($id === self::TOP_CONTAINER && $this->configurationManager->isCollaboraEnabled) { $this->PerformRecursiveContainerStop('nextcloud-aio-collabora'); } @@ -255,7 +247,7 @@ readonly class DockerController { // We want to stop the Nextcloud container after 10s and not wait for the configured stop_grace_period $this->dockerActionManager->StopContainer($container, $forceStopNextcloud); } - foreach($container->GetDependsOn() as $dependency) { + foreach($container->dependsOn as $dependency) { $this->PerformRecursiveContainerStop($dependency, $forceStopNextcloud); } } @@ -277,7 +269,7 @@ readonly class DockerController { public function StartDomaincheckContainer() : void { # Don't start if domain is already set - if ($this->configurationManager->GetDomain() !== '' || $this->configurationManager->wasStartButtonClicked()) { + if ($this->configurationManager->domain !== '' || $this->configurationManager->wasStartButtonClicked) { return; } diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index 320bc477..724c903f 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -9,29 +9,224 @@ class ConfigurationManager { private array $secrets = []; - public function GetConfig() : array + private array $config = []; + + private bool $noWrite = false; + + public string $aioToken { + get => $this->get('AIO_TOKEN', ''); + set { $this->set('AIO_TOKEN', $value); } + } + + public string $password { + get => $this->get('password', ''); + set { $this->set('password', $value); } + } + + public bool $isDockerSocketProxyEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isDockerSocketProxyEnabled', false); + set { $this->set('isDockerSocketProxyEnabled', $value); } + } + + public bool $isWhiteboardEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isWhiteboardEnabled', true); + set { $this->set('isWhiteboardEnabled', $value); } + } + + public bool $restoreExcludePreviews { + // Type-cast because old configs could have '1'/'' for this key. + get => (bool) $this->get('restore-exclude-previews', false); + set { $this->set('restore-exclude-previews', $value); } + } + + public string $selectedRestoreTime { + get => $this->get('selected-restore-time', ''); + set { $this->set('selected-restore-time', $value); } + } + + public string $backupMode { + get => $this->get('backup-mode', ''); + set { $this->set('backup-mode', $value); } + } + + public bool $instanceRestoreAttempt { + // Type-cast because old configs could have 1/'' for this key. + get => (bool) $this->get('instance_restore_attempt', false); + set { $this->set('instance_restore_attempt', $value); } + } + + public string $aioUrl { + get => $this->get('AIO_URL', ''); + set { $this->set('AIO_URL', $value); } + } + + public bool $wasStartButtonClicked { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('wasStartButtonClicked', false); + set { $this->set('wasStartButtonClicked', $value); } + } + + public string $installLatestMajor { + // Type-cast because old configs could have integers for this key. + get => (string) $this->get('install_latest_major', ''); + set { $this->set('install_latest_major', $value); } + } + + public bool $isClamavEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isClamavEnabled', false); + set { $this->set('isClamavEnabled', $value); } + } + + public bool $isOnlyofficeEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isOnlyofficeEnabled', false); + set { $this->set('isOnlyofficeEnabled', $value); } + } + + public bool $isCollaboraEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isCollaboraEnabled', true); + set { $this->set('isCollaboraEnabled', $value); } + } + + public bool $isTalkEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isTalkEnabled', true); + set { $this->set('isTalkEnabled', $value); } + } + + public bool $isTalkRecordingEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->isTalkEnabled && $this->get('isTalkRecordingEnabled', false); + set { $this->set('isTalkRecordingEnabled', $this->isTalkEnabled && $value); } + } + + public bool $isImaginaryEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isImaginaryEnabled', true); + set { $this->set('isImaginaryEnabled', $value); } + } + + public bool $isFulltextsearchEnabled { + // Type-cast because old configs could have 1/0 for this key. + get => (bool) $this->get('isFulltextsearchEnabled', false); + // Elasticsearch does not work on kernels without seccomp anymore. See https://github.com/nextcloud/all-in-one/discussions/5768 + set { $this->set('isFulltextsearchEnabled', ($this->isSeccompDisabled() && $value)); } + } + + public string $domain { + get => $this->get('domain', ''); + set { $this->SetDomain($value); } + } + + public string $borgBackupHostLocation { + get => $this->get('borg_backup_host_location', ''); + set { $this->set('borg_backup_host_location', $value); } + } + + public string $borgRemoteRepo { + get => $this->get('borg_remote_repo', ''); + set { $this->set('borg_remote_repo', $value); } + } + + public string $borgRestorePassword { + get => $this->get('borg_restore_password', ''); + set { $this->set('borg_restore_password', $value); } + } + + public string $apacheIpBinding { + get => $this->GetEnvironmentalVariableOrConfig('APACHE_IP_BINDING', 'apache_ip_binding', ''); + set { $this->set('apache_ip_binding', $value); } + } + + /** + * @throws InvalidSettingConfigurationException + */ + public string $timezone { + get => $this->get('timezone', ''); + set { + // This throws an exception if the validation fails. + $this->validateTimezone($value); + $this->set('timezone', $value); + } + } + + /** + * @throws InvalidSettingConfigurationException + */ + public string $collaboraDictionaries { + get => $this->get('collabora_dictionaries', ''); + set { + // This throws an exception if the validation fails. + $this->validateCollaboraDictionaries($value); + $this->set('collabora_dictionaries', $value); + } + } + + /** + * @throws InvalidSettingConfigurationException + */ + public string $collaboraAdditionalOptions { + get => $this->get('collabora_additional_options', ''); + set { + // This throws an exception if the validation fails. + $this->validateCollaboraAdditionalOptions($value); + $this->set('collabora_additional_options', $value); + } + } + + public array $aioCommunityContainers { + get => explode(' ', $this->get('aio_community_containers', '')); + set { $this->set('aio_community_containers', implode(' ', $value)); } + } + + public string $turnDomain { + get => $this->get('turn_domain', ''); + set { $this->set('turn_domain', $value); } + } + + private function GetConfig() : array { - if(file_exists(DataConst::GetConfigFile())) + if ($this->config === [] && file_exists(DataConst::GetConfigFile())) { $configContent = (string)file_get_contents(DataConst::GetConfigFile()); - return json_decode($configContent, true, 512, JSON_THROW_ON_ERROR); + $this->config = json_decode($configContent, true, 512, JSON_THROW_ON_ERROR); } - return []; + return $this->config; } - public function GetPassword() : string { - return $this->GetConfig()['password']; + private function get(string $key, mixed $fallbackValue = null) : mixed { + return $this->GetConfig()[$key] ?? $fallbackValue; } - public function GetToken() : string { - return $this->GetConfig()['AIO_TOKEN']; + private function set(string $key, mixed $value) : void { + $this->GetConfig(); + $this->config[$key] = $value; + // Only write if this isn't called in between startTransaction() and commitTransaction(). + if ($this->noWrite !== true) { + $this->WriteConfig(); + } } - public function SetPassword(string $password) : void { - $config = $this->GetConfig(); - $config['password'] = $password; - $this->WriteConfig($config); + /** + * This allows to assign multiple attributes without saving the config to disk in between. It must be + * followed by a call to commitTransaction(), which then writes all changes to disk. + */ + public function startTransaction() : void { + $this->GetConfig(); + $this->noWrite = true; + } + + /** + * This allows to assign multiple attributes without saving the config to disk in between. + */ + public function commitTransaction() : void { + $this->WriteConfig(); + $this->noWrite = false; } public function GetAndGenerateSecret(string $secretId) : string { @@ -39,17 +234,17 @@ class ConfigurationManager return ''; } - $config = $this->GetConfig(); - if(!isset($config['secrets'][$secretId])) { - $config['secrets'][$secretId] = bin2hex(random_bytes(24)); - $this->WriteConfig($config); + $secrets = $this->get('secrets', []); + if (!isset($secrets[$secretId])) { + $secrets[$secretId] = bin2hex(random_bytes(24)); + $this->set('secrets', $secrets); } if ($secretId === 'BORGBACKUP_PASSWORD' && !file_exists(DataConst::GetBackupSecretFile())) { - $this->DoubleSafeBackupSecret($config['secrets'][$secretId]); + $this->DoubleSafeBackupSecret($secrets[$secretId]); } - return $config['secrets'][$secretId]; + return $secrets[$secretId]; } public function GetRegisteredSecret(string $secretId) : string { @@ -122,14 +317,6 @@ class ConfigurationManager return $backupTimes; } - public function wasStartButtonClicked() : bool { - if (isset($this->GetConfig()['wasStartButtonClicked'])) { - return true; - } else { - return false; - } - } - private function isx64Platform() : bool { if (php_uname('m') === 'x86_64') { return true; @@ -138,155 +325,10 @@ class ConfigurationManager } } - public function isClamavEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isClamavEnabled']) && $config['isClamavEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function isDockerSocketProxyEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isDockerSocketProxyEnabled']) && $config['isDockerSocketProxyEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetDockerSocketProxyEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isDockerSocketProxyEnabled'] = $value; - $this->WriteConfig($config); - } - - public function isWhiteboardEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isWhiteboardEnabled']) && $config['isWhiteboardEnabled'] === 0) { - return false; - } else { - return true; - } - } - - public function SetWhiteboardEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isWhiteboardEnabled'] = $value; - $this->WriteConfig($config); - } - - public function SetClamavEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isClamavEnabled'] = $value; - $this->WriteConfig($config); - } - - public function isImaginaryEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isImaginaryEnabled']) && $config['isImaginaryEnabled'] === 0) { - return false; - } else { - return true; - } - } - - public function SetImaginaryEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isImaginaryEnabled'] = $value; - $this->WriteConfig($config); - } - - public function isFulltextsearchEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isFulltextsearchEnabled']) && $config['isFulltextsearchEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetFulltextsearchEnabledState(int $value) : void { - // Elasticsearch does not work on kernels without seccomp anymore. See https://github.com/nextcloud/all-in-one/discussions/5768 - if ($this->isSeccompDisabled()) { - $value = 0; - } - - $config = $this->GetConfig(); - $config['isFulltextsearchEnabled'] = $value; - $this->WriteConfig($config); - } - - public function isOnlyofficeEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isOnlyofficeEnabled']) && $config['isOnlyofficeEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetOnlyofficeEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isOnlyofficeEnabled'] = $value; - $this->WriteConfig($config); - } - - public function isCollaboraEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isCollaboraEnabled']) && $config['isCollaboraEnabled'] === 0) { - return false; - } else { - return true; - } - } - - public function SetCollaboraEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isCollaboraEnabled'] = $value; - $this->WriteConfig($config); - } - - public function isTalkEnabled() : bool { - $config = $this->GetConfig(); - if (isset($config['isTalkEnabled']) && $config['isTalkEnabled'] === 0) { - return false; - } else { - return true; - } - } - - public function SetTalkEnabledState(int $value) : void { - $config = $this->GetConfig(); - $config['isTalkEnabled'] = $value; - $this->WriteConfig($config); - } - - public function isTalkRecordingEnabled() : bool { - if (!$this->isTalkEnabled()) { - return false; - } - $config = $this->GetConfig(); - if (isset($config['isTalkRecordingEnabled']) && $config['isTalkRecordingEnabled'] === 1) { - return true; - } else { - return false; - } - } - - public function SetTalkRecordingEnabledState(int $value) : void { - if (!$this->isTalkEnabled()) { - $value = 0; - } - - $config = $this->GetConfig(); - $config['isTalkRecordingEnabled'] = $value; - $this->WriteConfig($config); - } - /** * @throws InvalidSettingConfigurationException + * + * We can't turn this into a private validation method because of the second argument. */ public function SetDomain(string $domain, bool $skipDomainValidation) : void { // Validate that at least one dot is contained @@ -336,7 +378,7 @@ class ConfigurationManager } // Get the apache port - $port = $this->GetApachePort(); + $port = $this->apachePort; if (!filter_var($dnsRecordIP, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) { if ($port === '443') { @@ -392,83 +434,33 @@ class ConfigurationManager } } + $this->startTransaction(); // Write domain - $config = $this->GetConfig(); - $config['domain'] = $domain; + // Don't set the domain via the attribute, or we create a loop. + $this->set('domain', $domain); // Reset the borg restore password when setting the domain - $config['borg_restore_password'] = ''; - $this->WriteConfig($config); - } - - public function GetDomain() : string { - $config = $this->GetConfig(); - if(!isset($config['domain'])) { - $config['domain'] = ''; - } - - return $config['domain']; + $this->borgRestorePassword = ''; + $this->startTransaction(); + $this->commitTransaction(); } public function GetBaseDN() : string { - $domain = $this->GetDomain(); + $domain = $this->domain; if ($domain === "") { return ""; } return 'dc=' . implode(',dc=', explode('.', $domain)); } - public function GetBackupMode() : string { - $config = $this->GetConfig(); - if(!isset($config['backup-mode'])) { - $config['backup-mode'] = ''; - } - - return $config['backup-mode']; - } - - public function SetBackupMode(string $mode) : void { - $config = $this->GetConfig(); - $config['backup-mode'] = $mode; - $this->WriteConfig($config); - } - - public function GetSelectedRestoreTime() : string { - $config = $this->GetConfig(); - if(!isset($config['selected-restore-time'])) { - $config['selected-restore-time'] = ''; - } - - return $config['selected-restore-time']; - } - - public function GetRestoreExcludePreviews() : string { - $config = $this->GetConfig(); - if(!isset($config['restore-exclude-previews'])) { - $config['restore-exclude-previews'] = ''; - } - - return $config['restore-exclude-previews']; - } - - public function GetAIOURL() : string { - $config = $this->GetConfig(); - if(!isset($config['AIO_URL'])) { - $config['AIO_URL'] = ''; - } - - return $config['AIO_URL']; - } - /** * @throws InvalidSettingConfigurationException */ public function SetBorgLocationVars(string $location, string $repo) : void { $this->ValidateBorgLocationVars($location, $repo); - - $config = $this->GetConfig(); - $config['borg_backup_host_location'] = $location; - $config['borg_remote_repo'] = $repo; - $this->WriteConfig($config); + $this->startTransaction(); + $this->borgBackupHostLocation = $location; + $this->borgRemoteRepo = $repo; + $this->commitTransaction(); } private function ValidateBorgLocationVars(string $location, string $repo) : void { @@ -492,8 +484,8 @@ class ConfigurationManager // Prevent backup to be contained in Nextcloud Datadir as this will delete the backup archive upon restore // See https://github.com/nextcloud/all-in-one/issues/6607 - if (str_starts_with($location . '/', rtrim($this->GetNextcloudDatadirMount(), '/') . '/')) { - throw new InvalidSettingConfigurationException("The path must not be a children of or equal to NEXTCLOUD_DATADIR, which is currently set to " . $this->GetNextcloudDatadirMount()); + if (str_starts_with($location . '/', rtrim($this->nextcloudDatadirMount, '/') . '/')) { + throw new InvalidSettingConfigurationException("The path must not be a children of or equal to NEXTCLOUD_DATADIR, which is currently set to " . $this->nextcloudDatadirMount); } } else { @@ -514,10 +506,10 @@ class ConfigurationManager public function DeleteBorgBackupLocationItems() : void { // Delete the variables - $config = $this->GetConfig(); - $config['borg_backup_host_location'] = ''; - $config['borg_remote_repo'] = ''; - $this->WriteConfig($config); + $this->startTransaction(); + $this->borgBackupHostLocation = ''; + $this->borgRemoteRepo = ''; + $this->commitTransaction(); // Also delete the borg config file to be able to start over if (file_exists(DataConst::GetBackupKeyFile())) { @@ -537,12 +529,12 @@ class ConfigurationManager throw new InvalidSettingConfigurationException("Please enter the password!"); } - $config = $this->GetConfig(); - $config['borg_backup_host_location'] = $location; - $config['borg_remote_repo'] = $repo; - $config['borg_restore_password'] = $password; - $config['instance_restore_attempt'] = 1; - $this->WriteConfig($config); + $this->startTransaction(); + $this->borgBackupHostLocation = $location; + $this->borgRemoteRepo = $repo; + $this->borgRestorePassword = $password; + $this->instanceRestoreAttempt = true; + $this->commitTransaction(); } /** @@ -553,7 +545,7 @@ class ConfigurationManager throw new InvalidSettingConfigurationException("Please enter your current password."); } - if ($currentPassword !== $this->GetPassword()) { + if ($currentPassword !== $this->password) { throw new InvalidSettingConfigurationException("The entered current password is not correct."); } @@ -570,88 +562,59 @@ class ConfigurationManager } // All checks pass so set the password - $this->SetPassword($newPassword); + $this->set('password', $newPassword); } - public function GetApachePort() : string { - $envVariableName = 'APACHE_PORT'; - $configName = 'apache_port'; - $defaultValue = '443'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $apachePort { + get => $this->GetEnvironmentalVariableOrConfig('APACHE_PORT', 'apache_port', '443'); + set { $this->set('apache_port', $value); } } - - public function GetTalkPort() : string { - $envVariableName = 'TALK_PORT'; - $configName = 'talk_port'; - $defaultValue = '3478'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - - public function GetTurnDomain() : string { - $config = $this->GetConfig(); - if(!isset($config['turn_domain'])) { - $config['turn_domain'] = ''; - } - - return $config['turn_domain']; + + public string $talkPort { + get => $this->GetEnvironmentalVariableOrConfig('TALK_PORT', 'talk_port', '3478'); + set { $this->set('talk_port', $value); } } /** * @throws InvalidSettingConfigurationException */ - public function WriteConfig(array $config) : void { + private function WriteConfig() : void { if(!is_dir(DataConst::GetDataDirectory())) { throw new InvalidSettingConfigurationException(DataConst::GetDataDirectory() . " does not exist! Something was set up falsely!"); } + // Shouldn't happen, but as a precaution we won't write an empty config to disk. + if ($this->config === []) { + return; + } $df = disk_free_space(DataConst::GetDataDirectory()); - $content = json_encode($config, JSON_UNESCAPED_SLASHES|JSON_PRETTY_PRINT|JSON_THROW_ON_ERROR); + $content = json_encode($this->config, JSON_UNESCAPED_SLASHES|JSON_PRETTY_PRINT|JSON_THROW_ON_ERROR); $size = strlen($content) + 10240; if ($df !== false && (int)$df < $size) { throw new InvalidSettingConfigurationException(DataConst::GetDataDirectory() . " does not have enough space for writing the config file! Not writing it back!"); } file_put_contents(DataConst::GetConfigFile(), $content); + $this->config = []; } private function GetEnvironmentalVariableOrConfig(string $envVariableName, string $configName, string $defaultValue) : string { $envVariableOutput = getenv($envVariableName); + $configValue = $this->get($configName, ''); if ($envVariableOutput === false) { - $config = $this->GetConfig(); - if (!isset($config[$configName]) || $config[$configName] === '') { - $config[$configName] = $defaultValue; + if ($configValue === '') { + return $defaultValue; } - return $config[$configName]; + return $configValue; } - if(file_exists(DataConst::GetConfigFile())) { - $config = $this->GetConfig(); - if (!isset($config[$configName])) { - $config[$configName] = ''; - } - if ($envVariableOutput !== $config[$configName]) { - $config[$configName] = $envVariableOutput; - $this->WriteConfig($config); + + if (file_exists(DataConst::GetConfigFile())) { + if ($envVariableOutput !== $configValue) { + $this->set($configName, $envVariableOutput); } } + return $envVariableOutput; } - public function GetBorgBackupHostLocation() : string { - $config = $this->GetConfig(); - if(!isset($config['borg_backup_host_location'])) { - $config['borg_backup_host_location'] = ''; - } - - return $config['borg_backup_host_location']; - } - - public function GetBorgRemoteRepo() : string { - $config = $this->GetConfig(); - if(!isset($config['borg_remote_repo'])) { - $config['borg_remote_repo'] = ''; - } - - return $config['borg_remote_repo']; - } - public function GetBorgPublicKey() : string { if (!file_exists(DataConst::GetBackupPublicKey())) { return ""; @@ -660,65 +623,35 @@ class ConfigurationManager return trim((string)file_get_contents(DataConst::GetBackupPublicKey())); } - public function GetBorgRestorePassword() : string { - $config = $this->GetConfig(); - if(!isset($config['borg_restore_password'])) { - $config['borg_restore_password'] = ''; - } - - return $config['borg_restore_password']; + public string $nextcloudMount { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MOUNT', 'nextcloud_mount', ''); + set { $this->set('nextcloud_mount', $value); } } - public function isInstanceRestoreAttempt() : bool { - $config = $this->GetConfig(); - if(!isset($config['instance_restore_attempt'])) { - $config['instance_restore_attempt'] = ''; - } - if ($config['instance_restore_attempt'] === 1) { - return true; - } - return false; + public string $nextcloudDatadirMount { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_DATADIR', 'nextcloud_datadir', 'nextcloud_aio_nextcloud_data'); + set { $this->set('nextcloud_datadir_mount', $value); } } - public function GetNextcloudMount() : string { - $envVariableName = 'NEXTCLOUD_MOUNT'; - $configName = 'nextcloud_mount'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $nextcloudUploadLimit { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_UPLOAD_LIMIT', 'nextcloud_upload_limit', '16G'); + set { $this->set('nextcloud_upload_limit', $value); } } - - public function GetNextcloudDatadirMount() : string { - $envVariableName = 'NEXTCLOUD_DATADIR'; - $configName = 'nextcloud_datadir'; - $defaultValue = 'nextcloud_aio_nextcloud_data'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - - public function GetNextcloudUploadLimit() : string { - $envVariableName = 'NEXTCLOUD_UPLOAD_LIMIT'; - $configName = 'nextcloud_upload_limit'; - $defaultValue = '16G'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - - public function GetNextcloudMemoryLimit() : string { - $envVariableName = 'NEXTCLOUD_MEMORY_LIMIT'; - $configName = 'nextcloud_memory_limit'; - $defaultValue = '512M'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + + public string $nextcloudMemoryLimit { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MEMORY_LIMIT', 'nextcloud_memory_limit', '512M'); + set { $this->set('nextcloud_memory_limit', $value); } } public function GetApacheMaxSize() : int { - $uploadLimit = (int)rtrim($this->GetNextcloudUploadLimit(), 'G'); + $uploadLimit = (int)rtrim($this->nextcloudUploadLimit, 'G'); return $uploadLimit * 1024 * 1024 * 1024; } - public function GetNextcloudMaxTime() : string { - $envVariableName = 'NEXTCLOUD_MAX_TIME'; - $configName = 'nextcloud_max_time'; - $defaultValue = '3600'; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); + public string $nextcloudMaxTime { + get => $this->GetEnvironmentalVariableOrConfig('NEXTCLOUD_MAX_TIME', 'nextcloud_max_time', '3600'); + set { $this->set('nextcloud_max_time', $value); } } public function GetBorgRetentionPolicy() : string { @@ -779,10 +712,7 @@ class ConfigurationManager } public function isSeccompDisabled() : bool { - if ($this->GetCollaboraSeccompDisabledState() === 'true') { - return true; - } - return false; + return $this->GetCollaboraSeccompDisabledState() === 'true'; } /** @@ -862,14 +792,6 @@ class ConfigurationManager } } - public function shouldLatestMajorGetInstalled() : bool { - $config = $this->GetConfig(); - if(!isset($config['install_latest_major'])) { - $config['install_latest_major'] = ''; - } - return $config['install_latest_major'] !== ''; - } - public function GetAdditionalBackupDirectoriesString() : string { if (!file_exists(DataConst::GetAdditionalBackupDirectoriesFile())) { return ''; @@ -885,25 +807,13 @@ class ConfigurationManager } public function isDailyBackupRunning() : bool { - if (file_exists(DataConst::GetDailyBackupBlockFile())) { - return true; - } - return false; - } - - public function GetTimezone() : string { - $config = $this->GetConfig(); - if(!isset($config['timezone'])) { - $config['timezone'] = ''; - } - - return $config['timezone']; + return file_exists(DataConst::GetDailyBackupBlockFile()); } /** * @throws InvalidSettingConfigurationException */ - public function SetTimezone(string $timezone) : void { + private function validateTimezone(string $timezone) : void { if ($timezone === "") { throw new InvalidSettingConfigurationException("The timezone must not be empty!"); } @@ -911,16 +821,13 @@ class ConfigurationManager if (!preg_match("#^[a-zA-Z0-9_\-\/\+]+$#", $timezone)) { throw new InvalidSettingConfigurationException("The entered timezone does not seem to be a valid timezone!"); } - - $config = $this->GetConfig(); - $config['timezone'] = $timezone; - $this->WriteConfig($config); } - public function DeleteTimezone() : void { - $config = $this->GetConfig(); - $config['timezone'] = ''; - $this->WriteConfig($config); + /** + * Provide an extra method since our `timezone` attribute setter prevents setting an empty timezone. + */ + public function deleteTimezone() : void { + $this->set('timezone', ''); } public function shouldDomainValidationBeSkipped(bool $skipDomainValidation) : bool { @@ -938,19 +845,10 @@ class ConfigurationManager return 'deck twofactor_totp tasks calendar contacts notes'; } - public function GetCollaboraDictionaries() : string { - $config = $this->GetConfig(); - if(!isset($config['collabora_dictionaries'])) { - $config['collabora_dictionaries'] = ''; - } - - return $config['collabora_dictionaries']; - } - /** * @throws InvalidSettingConfigurationException */ - public function SetCollaboraDictionaries(string $CollaboraDictionaries) : void { + private function validateCollaboraDictionaries(string $CollaboraDictionaries) : void { if ($CollaboraDictionaries === "") { throw new InvalidSettingConfigurationException("The dictionaries must not be empty!"); } @@ -958,22 +856,19 @@ class ConfigurationManager if (!preg_match("#^[a-zA-Z_ ]+$#", $CollaboraDictionaries)) { throw new InvalidSettingConfigurationException("The entered dictionaries do not seem to be a valid!"); } - - $config = $this->GetConfig(); - $config['collabora_dictionaries'] = $CollaboraDictionaries; - $this->WriteConfig($config); } + /** + * Provide an extra method since the corresponding attribute setter prevents setting an empty value. + */ public function DeleteCollaboraDictionaries() : void { - $config = $this->GetConfig(); - $config['collabora_dictionaries'] = ''; - $this->WriteConfig($config); + $this->set('collabora_dictionaries', ''); } /** * @throws InvalidSettingConfigurationException */ - public function SetAdditionalCollaboraOptions(string $additionalCollaboraOptions) : void { + private function validateCollaboraAdditionalOptions(string $additionalCollaboraOptions) : void { if ($additionalCollaboraOptions === "") { throw new InvalidSettingConfigurationException("The additional options must not be empty!"); } @@ -981,32 +876,17 @@ class ConfigurationManager if (!preg_match("#^--o:#", $additionalCollaboraOptions)) { throw new InvalidSettingConfigurationException("The entered options must start with '--o:'. So the config does not seem to be a valid!"); } - - $config = $this->GetConfig(); - $config['collabora_additional_options'] = $additionalCollaboraOptions; - $this->WriteConfig($config); - } - - public function GetAdditionalCollaboraOptions() : string { - $config = $this->GetConfig(); - if(!isset($config['collabora_additional_options'])) { - $config['collabora_additional_options'] = ''; - } - - return $config['collabora_additional_options']; } public function isCollaboraSubscriptionEnabled() : bool { - if (str_contains($this->GetAdditionalCollaboraOptions(), '--o:support_key=')) { - return true; - } - return false; + return str_contains($this->collaboraAdditionalOptions, '--o:support_key='); } - public function DeleteAdditionalCollaboraOptions() : void { - $config = $this->GetConfig(); - $config['collabora_additional_options'] = ''; - $this->WriteConfig($config); + /** + * Provide an extra method since the corresponding attribute setter prevents setting an empty value. + */ + public function deleteAdditionalCollaboraOptions() : void { + $this->set('collabora_additional_options', ''); } public function GetApacheAdditionalNetwork() : string { @@ -1016,13 +896,6 @@ class ConfigurationManager return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); } - public function GetApacheIPBinding() : string { - $envVariableName = 'APACHE_IP_BINDING'; - $configName = 'apache_ip_binding'; - $defaultValue = ''; - return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); - } - private function GetDisableBackupSection() : string { $envVariableName = 'AIO_DISABLE_BACKUP_SECTION'; $configName = 'disable_backup_section'; @@ -1038,16 +911,6 @@ class ConfigurationManager } } - private function GetCommunityContainers() : string { - $config = $this->GetConfig(); - if(!isset($config['aio_community_containers'])) { - $config['aio_community_containers'] = ''; - } - - return $config['aio_community_containers']; - } - - public function listAvailableCommunityContainers() : array { $cc = []; $dir = scandir(DataConst::GetCommunityContainersDirectory()); @@ -1083,17 +946,6 @@ class ConfigurationManager return $cc; } - /** @return list */ - public function GetEnabledCommunityContainers(): array { - return explode(' ', $this->GetCommunityContainers()); - } - - public function SetEnabledCommunityContainers(array $enabledCommunityContainers) : void { - $config = $this->GetConfig(); - $config['aio_community_containers'] = implode(' ', $enabledCommunityContainers); - $this->WriteConfig($config); - } - private function GetEnabledDriDevice() : string { $envVariableName = 'NEXTCLOUD_ENABLE_DRI_DEVICE'; $configName = 'nextcloud_enable_dri_device'; @@ -1134,4 +986,112 @@ class ConfigurationManager return true; } } + + private function camelize(string $input, string $delimiter = '_') : string { + return lcfirst(implode("", array_map('ucfirst', explode($delimiter, strtolower($input))))); + + } + + public function setAioVariables(array $input) : void { + if ($input === []) { + return; + } + $this->startTransaction(); + foreach ($input as $variable) { + if (!is_string($variable) || !str_contains($variable, '=')) { + error_log("Invalid input: '$variable' is not a string or does not contain an equal sign ('=')"); + continue; + } + $keyWithValue = $confManager->replaceEnvPlaceholders($variable); + // Pad the result with nulls so psalm is happy (and we don't risk to run into warnings in case + // the check for an equal sign from above gets changed). + [$key, $value] = explode('=', $keyWithValue, 2) + [null, null]; + $key = $this->camelize($key); + if ($value === null) { + error_log("Invalid input: '$keyWithValue' has no value after the equal sign"); + } else if (!property_exists($confManager, $key)) { + error_log("Error: '$key' is not a valid configuration key (in '$keyWithValue')"); + } else { + $confManager->$key = $value; + } + } + $this->commitTransaction(); + } + + // + // Replaces placeholders in $envValue with their values. + // E.g. "%NC_DOMAIN%:%APACHE_PORT" becomes "my.nextcloud.com:11000" + public function replaceEnvPlaceholders(string $envValue): string { + // $pattern breaks down as: + // % - matches a literal percent sign + // ([^%]+) - capture group that matches one or more characters that are NOT percent signs + // % - matches the closing percent sign + // + // Assumes literal percent signs are always matched and there is no + // escaping. + $pattern = '/%([^%]+)%/'; + $matchCount = preg_match_all($pattern, $envValue, $matches); + + if ($matchCount === 0) { + return $envValue; + } + + $placeholders = $matches[0]; // ["%PLACEHOLDER1%", "%PLACEHOLDER2%", ...] + $placeholderNames = $matches[1]; // ["PLACEHOLDER1", "PLACEHOLDER2", ...] + $placeholderPatterns = array_map(static fn(string $p) => '/' . preg_quote($p) . '/', $placeholders); // ["/%PLACEHOLDER1%/", ...] + $placeholderValues = array_map($this->getPlaceholderValue(...), $placeholderNames); // ["val1", "val2"] + // Guaranteed to be non-null because we found the placeholders in the preg_match_all. + return (string) preg_replace($placeholderPatterns, $placeholderValues, $envValue); + } + + private function getPlaceholderValue(string $placeholder) : string { + return match ($placeholder) { + 'NC_DOMAIN' => $this->domain, + 'NC_BASE_DN' => $this->GetBaseDN(), + 'AIO_TOKEN' => $this->aioToken, + 'BORGBACKUP_REMOTE_REPO' => $this->borgRemoteRepo, + 'BORGBACKUP_MODE' => $this->backupMode, + 'AIO_URL' => $this->aioUrl, + 'SELECTED_RESTORE_TIME' => $this->selectedRestoreTime, + 'RESTORE_EXCLUDE_PREVIEWS' => $this->restoreExcludePreviews ? '1' : '', + 'APACHE_PORT' => $this->apachePort, + 'APACHE_IP_BINDING' => $this->apacheIpBinding, + 'TALK_PORT' => $this->talkPort, + 'TURN_DOMAIN' => $this->turnDomain, + 'NEXTCLOUD_MOUNT' => $this->nextcloudMount, + 'BACKUP_RESTORE_PASSWORD' => $this->borgRestorePassword, + 'CLAMAV_ENABLED' => $this->isClamavEnabled ? 'yes' : '', + 'TALK_RECORDING_ENABLED' => $this->isTalkRecordingEnabled ? 'yes' : '', + 'ONLYOFFICE_ENABLED' => $this->isOnlyofficeEnabled ? 'yes' : '', + 'COLLABORA_ENABLED' => $this->isCollaboraEnabled ? 'yes' : '', + 'TALK_ENABLED' => $this->isTalkEnabled ? 'yes' : '', + 'UPDATE_NEXTCLOUD_APPS' => ($this->isDailyBackupRunning() && $this->areAutomaticUpdatesEnabled()) ? 'yes' : '', + 'TIMEZONE' => $this->timezone === '' ? 'Etc/UTC' : $this->timezone, + 'COLLABORA_DICTIONARIES' => $this->collaboraDictionaries === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->collaboraDictionaries, + 'IMAGINARY_ENABLED' => $this->isImaginaryEnabled ? 'yes' : '', + 'FULLTEXTSEARCH_ENABLED' => $this->isFulltextsearchEnabled ? 'yes' : '', + 'DOCKER_SOCKET_PROXY_ENABLED' => $this->isDockerSocketProxyEnabled ? 'yes' : '', + 'NEXTCLOUD_UPLOAD_LIMIT' => $this->nextcloudUploadLimit, + 'NEXTCLOUD_MEMORY_LIMIT' => $this->nextcloudMemoryLimit, + 'NEXTCLOUD_MAX_TIME' => $this->nextcloudMaxTime, + 'BORG_RETENTION_POLICY' => $this->GetBorgRetentionPolicy(), + 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->GetFulltextsearchJavaOptions(), + 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->GetTrustedCacertsDir(), + 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', + 'BORGBACKUP_HOST_LOCATION' => $this->borgBackupHostLocation, + 'APACHE_MAX_SIZE' => (string)($this->GetApacheMaxSize()), + 'COLLABORA_SECCOMP_POLICY' => $this->GetCollaboraSeccompPolicy(), + 'NEXTCLOUD_STARTUP_APPS' => $this->GetNextcloudStartupApps(), + 'NEXTCLOUD_ADDITIONAL_APKS' => $this->GetNextcloudAdditionalApks(), + 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->GetNextcloudAdditionalPhpExtensions(), + 'INSTALL_LATEST_MAJOR' => $this->installLatestMajor, + 'REMOVE_DISABLED_APPS' => $this->shouldDisabledAppsGetRemoved() ? 'yes' : '', + // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) + 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), + // Allow to get local ip-address of caddy container and add it to trusted proxies automatically + 'CADDY_IP_ADDRESS' => in_array('caddy', $this->aioCommunityContainers, true) ? gethostbyname('nextcloud-aio-caddy') : '', + 'WHITEBOARD_ENABLED' => $this->isWhiteboardEnabled ? 'yes' : '', + default => $this->GetRegisteredSecret($placeholder), + }; + } } diff --git a/php/src/Data/Setup.php b/php/src/Data/Setup.php index f8f43e4b..e409eef8 100644 --- a/php/src/Data/Setup.php +++ b/php/src/Data/Setup.php @@ -17,7 +17,7 @@ readonly class Setup { } $password = $this->passwordGenerator->GeneratePassword(8); - $this->configurationManager->SetPassword($password); + $this->configurationManager->password = $password; return $password; } diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 9e8a8ff2..82dc3653 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -36,15 +36,15 @@ readonly class DockerActionManager { } private function BuildImageName(Container $container): string { - $tag = $container->GetImageTag(); + $tag = $container->imageTag; if ($tag === '%AIO_CHANNEL%') { $tag = $this->GetCurrentChannel(); } - return $container->GetContainerName() . ':' . $tag; + return $container->containerName . ':' . $tag; } public function GetContainerRunningState(Container $container): ContainerState { - $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->GetIdentifier()))); + $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->identifier))); try { $response = $this->guzzleClient->get($url); } catch (RequestException $e) { @@ -64,7 +64,7 @@ readonly class DockerActionManager { } public function GetContainerRestartingState(Container $container): ContainerState { - $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->GetIdentifier()))); + $url = $this->BuildApiUrl(sprintf('containers/%s/json', urlencode($container->identifier))); try { $response = $this->guzzleClient->get($url); } catch (RequestException $e) { @@ -84,16 +84,16 @@ readonly class DockerActionManager { } public function GetContainerUpdateState(Container $container): VersionState { - $tag = $container->GetImageTag(); + $tag = $container->imageTag; if ($tag === '%AIO_CHANNEL%') { $tag = $this->GetCurrentChannel(); } - $runningDigests = $this->GetRepoDigestsOfContainer($container->GetIdentifier()); + $runningDigests = $this->GetRepoDigestsOfContainer($container->identifier); if ($runningDigests === null) { return VersionState::Different; } - $remoteDigest = $this->GetLatestDigestOfTag($container->GetContainerName(), $tag); + $remoteDigest = $this->GetLatestDigestOfTag($container->containerName, $tag); if ($remoteDigest === null) { return VersionState::Equal; } @@ -112,12 +112,12 @@ readonly class DockerActionManager { return $runningState; } - $containerName = $container->GetIdentifier(); - $internalPort = $container->GetInternalPort(); + $containerName = $container->identifier; + $internalPort = $container->internalPorts; if ($internalPort === '%APACHE_PORT%') { - $internalPort = $this->configurationManager->GetApachePort(); + $internalPort = $this->configurationManager->apachePort; } elseif ($internalPort === '%TALK_PORT%') { - $internalPort = $this->configurationManager->GetTalkPort(); + $internalPort = $this->configurationManager->talkPort; } if ($internalPort !== "" && $internalPort !== 'host') { @@ -134,7 +134,7 @@ readonly class DockerActionManager { } public function DeleteContainer(Container $container): void { - $url = $this->BuildApiUrl(sprintf('containers/%s?v=true', urlencode($container->GetIdentifier()))); + $url = $this->BuildApiUrl(sprintf('containers/%s?v=true', urlencode($container->identifier))); try { $this->guzzleClient->delete($url); } catch (RequestException $e) { @@ -166,17 +166,17 @@ readonly class DockerActionManager { } public function StartContainer(Container $container): void { - $url = $this->BuildApiUrl(sprintf('containers/%s/start', urlencode($container->GetIdentifier()))); + $url = $this->BuildApiUrl(sprintf('containers/%s/start', urlencode($container->identifier))); try { $this->guzzleClient->post($url); } catch (RequestException $e) { - throw new \Exception("Could not start container " . $container->GetIdentifier() . ": " . $e->getResponse()?->getBody()->getContents()); + throw new \Exception("Could not start container " . $container->identifier . ": " . $e->getResponse()?->getBody()->getContents()); } } public function CreateVolumes(Container $container): void { $url = $this->BuildApiUrl('volumes/create'); - foreach ($container->GetVolumes()->GetVolumes() as $volume) { + foreach ($container->volumes->GetVolumes() as $volume) { $forbiddenChars = [ '/', ]; @@ -202,10 +202,10 @@ readonly class DockerActionManager { public function CreateContainer(Container $container): void { $volumes = []; - foreach ($container->GetVolumes()->GetVolumes() as $volume) { + foreach ($container->volumes->GetVolumes() as $volume) { // // NEXTCLOUD_MOUNT gets added via bind-mount later on - // if ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') { - // if ($volume->name === $this->configurationManager->GetNextcloudMount()) { + // if ($container->identifier === 'nextcloud-aio-nextcloud') { + // if ($volume->name === $this->configurationManager->nextcloudMount) { // continue; // } // } @@ -228,46 +228,38 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Binds'] = $volumes; } - $aioVariables = $container->GetAioVariables()->GetVariables(); - foreach ($aioVariables as $variable) { - $config = $this->configurationManager->GetConfig(); - $variable = $this->replaceEnvPlaceholders($variable); - $variableArray = explode('=', $variable); - $config[$variableArray[0]] = $variableArray[1]; - $this->configurationManager->WriteConfig($config); - sleep(1); - } + $this->configurationManager->setAioVariables($container->aioVariables->GetVariables()); - $envs = $container->GetEnvironmentVariables()->GetVariables(); + $envs = $container->containerEnvironmentVariables->GetVariables(); // Special thing for the nextcloud container - if ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') { + if ($container->identifier === 'nextcloud-aio-nextcloud') { $envs[] = $this->GetAllNextcloudExecCommands(); } foreach ($envs as $key => $env) { - $envs[$key] = $this->replaceEnvPlaceholders($env); + $envs[$key] = $this->configurationManager->replaceEnvPlaceholders($env); } if (count($envs) > 0) { $requestBody['Env'] = $envs; } - $requestBody['HostConfig']['RestartPolicy']['Name'] = $container->GetRestartPolicy(); + $requestBody['HostConfig']['RestartPolicy']['Name'] = $container->restartPolicy; - $requestBody['HostConfig']['ReadonlyRootfs'] = $container->GetReadOnlySetting(); + $requestBody['HostConfig']['ReadonlyRootfs'] = $container->readOnlyRootFs; $exposedPorts = []; - if ($container->GetInternalPort() !== 'host') { - foreach ($container->GetPorts()->GetPorts() as $value) { + if ($container->internalPorts !== 'host') { + foreach ($container->ports->GetPorts() as $value) { $port = $value->port; $protocol = $value->protocol; if ($port === '%APACHE_PORT%') { - $port = $this->configurationManager->GetApachePort(); + $port = $this->configurationManager->apachePort; // Do not expose udp if AIO is in reverse proxy mode if ($port !== '443' && $protocol === 'udp') { continue; } } else if ($port === '%TALK_PORT%') { - $port = $this->configurationManager->GetTalkPort(); + $port = $this->configurationManager->talkPort; } $portWithProtocol = $port . '/' . $protocol; $exposedPorts[$portWithProtocol] = null; @@ -279,17 +271,17 @@ readonly class DockerActionManager { if (count($exposedPorts) > 0) { $requestBody['ExposedPorts'] = $exposedPorts; - foreach ($container->GetPorts()->GetPorts() as $value) { + foreach ($container->ports->GetPorts() as $value) { $port = $value->port; $protocol = $value->protocol; if ($port === '%APACHE_PORT%') { - $port = $this->configurationManager->GetApachePort(); + $port = $this->configurationManager->apachePort; // Do not expose udp if AIO is in reverse proxy mode if ($port !== '443' && $protocol === 'udp') { continue; } } else if ($port === '%TALK_PORT%') { - $port = $this->configurationManager->GetTalkPort(); + $port = $this->configurationManager->talkPort; // Skip publishing talk tcp port if it is set to 443 if ($port === '443' && $protocol === 'tcp') { continue; @@ -297,7 +289,7 @@ readonly class DockerActionManager { } $ipBinding = $value->ipBinding; if ($ipBinding === '%APACHE_IP_BINDING%') { - $ipBinding = $this->configurationManager->GetApacheIPBinding(); + $ipBinding = $this->configurationManager->apacheIpBinding; // Do not expose if AIO is in internal network mode if ($ipBinding === '@INTERNAL') { continue; @@ -314,7 +306,7 @@ readonly class DockerActionManager { } $devices = []; - foreach ($container->GetDevices() as $device) { + foreach ($container->devices as $device) { if ($device === '/dev/dri' && !$this->configurationManager->isDriDeviceEnabled()) { continue; } @@ -325,7 +317,7 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Devices'] = $devices; } - if ($container->isNvidiaGpuEnabled() && $this->configurationManager->isNvidiaGpuEnabled()) { + if ($container->enableNvidiaGpu && $this->configurationManager->isNvidiaGpuEnabled()) { $requestBody['HostConfig']['Runtime'] = 'nvidia'; $requestBody['HostConfig']['DeviceRequests'] = [ [ @@ -336,13 +328,13 @@ readonly class DockerActionManager { ]; } - $shmSize = $container->GetShmSize(); + $shmSize = $container->shmSize; if ($shmSize > 0) { $requestBody['HostConfig']['ShmSize'] = $shmSize; } $tmpfs = []; - foreach ($container->GetTmpfs() as $tmp) { + foreach ($container->tmpfs as $tmp) { $mode = ""; if (str_contains($tmp, ':')) { $mode = explode(':', $tmp)[1]; @@ -354,9 +346,14 @@ readonly class DockerActionManager { $requestBody['HostConfig']['Tmpfs'] = $tmpfs; } - $requestBody['HostConfig']['Init'] = $container->GetInit(); + $requestBody['HostConfig']['Init'] = $container->init; - $capAdds = $container->GetCapAdds(); + $maxShutDownTime = $container->maxShutdownTime; + if ($maxShutDownTime > 0) { + $requestBody['StopTimeout'] = $maxShutDownTime; + } + + $capAdds = $container->capAdd; if (count($capAdds) > 0) { $requestBody['HostConfig']['CapAdd'] = $capAdds; } @@ -368,14 +365,14 @@ readonly class DockerActionManager { // Disable SELinux for AIO containers so that it does not break them $requestBody['HostConfig']['SecurityOpt'] = ["label:disable"]; - if ($container->isApparmorUnconfined()) { + if ($container->apparmorUnconfined) { $requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined", "label:disable"]; } $mounts = []; // Special things for the backup container which should not be exposed in the containers.json - if (str_starts_with($container->GetIdentifier(), 'nextcloud-aio-borgbackup')) { + if (str_starts_with($container->identifier, 'nextcloud-aio-borgbackup')) { // Additional backup directories foreach ($this->getAllBackupVolumes() as $additionalBackupVolumes) { if ($additionalBackupVolumes !== '') { @@ -384,7 +381,7 @@ readonly class DockerActionManager { } // Make volumes read only in case of borgbackup container. The viewer makes them writeable - $isReadOnly = $container->GetIdentifier() === 'nextcloud-aio-borgbackup'; + $isReadOnly = $container->identifier === 'nextcloud-aio-borgbackup'; foreach ($this->configurationManager->GetAdditionalBackupDirectoriesArray() as $additionalBackupDirectories) { if ($additionalBackupDirectories !== '') { @@ -397,24 +394,34 @@ readonly class DockerActionManager { } // Special things for the talk container which should not be exposed in the containers.json - } elseif ($container->GetIdentifier() === 'nextcloud-aio-talk') { + } elseif ($container->identifier === 'nextcloud-aio-talk') { // This is needed due to a bug in libwebsockets used in Janus which cannot handle unlimited ulimits $requestBody['HostConfig']['Ulimits'] = [["Name" => "nofile", "Hard" => 200000, "Soft" => 200000]]; // // Special things for the nextcloud container which should not be exposed in the containers.json +<<<<<<< HEAD + // } elseif ($container->identifier === 'nextcloud-aio-nextcloud') { + // foreach ($container->volumes->GetVolumes() as $volume) { + // if ($volume->name !== $this->configurationManager->nextcloud_mount) { +||||||| parent of e6528742 (Camelize property nextcloud_mount => nextcloudMount) // } elseif ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') { // foreach ($container->GetVolumes()->GetVolumes() as $volume) { - // if ($volume->name !== $this->configurationManager->GetNextcloudMount()) { + // if ($volume->name !== $this->configurationManager->nextcloud_mount) { +======= + // } elseif ($container->GetIdentifier() === 'nextcloud-aio-nextcloud') { + // foreach ($container->GetVolumes()->GetVolumes() as $volume) { + // if ($volume->name !== $this->configurationManager->nextcloudMount) { +>>>>>>> e6528742 (Camelize property nextcloud_mount => nextcloudMount) // continue; // } // $mounts[] = ["Type" => "bind", "Source" => $volume->name, "Target" => $volume->mountPoint, "ReadOnly" => !$volume->isWritable, "BindOptions" => [ "Propagation" => "rshared"]]; // } // Special things for the caddy community container - } elseif ($container->GetIdentifier() === 'nextcloud-aio-caddy') { + } elseif ($container->identifier === 'nextcloud-aio-caddy') { $requestBody['HostConfig']['ExtraHosts'] = ['host.docker.internal:host-gateway']; // Special things for the collabora container which should not be exposed in the containers.json - } elseif ($container->GetIdentifier() === 'nextcloud-aio-collabora') { + } elseif ($container->identifier === 'nextcloud-aio-collabora') { if (!$this->configurationManager->isSeccompDisabled()) { // Load reference seccomp profile for collabora $seccompProfile = (string)file_get_contents(DataConst::GetCollaboraSeccompProfilePath()); @@ -422,8 +429,8 @@ readonly class DockerActionManager { } // Additional Collabora options - if ($this->configurationManager->GetAdditionalCollaboraOptions() !== '') { - $requestBody['Cmd'] = [$this->configurationManager->GetAdditionalCollaboraOptions()]; + if ($this->configurationManager->collaboraAdditionalOptions !== '') { + $requestBody['Cmd'] = [$this->configurationManager->collaboraAdditionalOptions]; } } @@ -434,12 +441,12 @@ readonly class DockerActionManager { // All AIO-managed containers should not be updated externally via watchtower but gracefully by AIO's backup and update feature. // Also DIUN should not send update notifications. See https://crazymax.dev/diun/providers/docker/#docker-labels // Additionally set a default org.label-schema.vendor and com.docker.compose.project - $requestBody['Labels'] = ["com.centurylinklabs.watchtower.enable" => "false", "diun.enable" => "false", "org.label-schema.vendor" => "Nextcloud", "com.docker.compose.project" => "nextcloud-aio"]; + $requestBody['Labels'] = ["com.centurylinklabs.watchtower.enable" => "false", "wud.watch" => "false", "diun.enable" => "false", "org.label-schema.vendor" => "Nextcloud", "com.docker.compose.project" => "nextcloud-aio"]; // Containers should have a fixed host name. See https://github.com/nextcloud/all-in-one/discussions/6589 - $requestBody['Hostname'] = $container->GetIdentifier(); + $requestBody['Hostname'] = $container->identifier; - $url = $this->BuildApiUrl('containers/create?name=' . $container->GetIdentifier()); + $url = $this->BuildApiUrl('containers/create?name=' . $container->identifier); try { $this->guzzleClient->request( 'POST', @@ -449,18 +456,18 @@ readonly class DockerActionManager { ] ); } catch (RequestException $e) { - throw new \Exception("Could not create container " . $container->GetIdentifier() . ": " . $e->getResponse()?->getBody()->getContents()); + throw new \Exception("Could not create container " . $container->identifier . ": " . $e->getResponse()?->getBody()->getContents()); } } public function isRegistryReachable(Container $container): bool { - $tag = $container->GetImageTag(); + $tag = $container->imageTag; if ($tag === '%AIO_CHANNEL%') { $tag = $this->GetCurrentChannel(); } - $remoteDigest = $this->GetLatestDigestOfTag($container->GetContainerName(), $tag); + $remoteDigest = $this->GetLatestDigestOfTag($container->containerName, $tag); if ($remoteDigest === null) { return false; @@ -472,7 +479,7 @@ readonly class DockerActionManager { public function PullImage(Container $container, bool $pullImage = true): void { // Skip database image pull if the last shutdown was not clean - if ($container->GetIdentifier() === 'nextcloud-aio-database') { + if ($container->identifier === 'nextcloud-aio-database') { if ($this->GetDatabasecontainerExitCode() > 0) { $pullImage = false; error_log('Not pulling the latest database image because the container was not correctly shut down.'); @@ -484,7 +491,7 @@ readonly class DockerActionManager { if ($pullImage) { if (!$this->isRegistryReachable($container)) { $pullImage = false; - error_log('Not pulling the ' . $container->GetContainerName() . ' image for the ' . $container->GetIdentifier() . ' container because the registry does not seem to be reachable.'); + error_log('Not pulling the ' . $container->containerName . ' image for the ' . $container->identifier . ' container because the registry does not seem to be reachable.'); } } @@ -503,94 +510,28 @@ readonly class DockerActionManager { } catch (\Throwable $e) { $imageIsThere = false; } - try { - $this->guzzleClient->post($url); - } catch (RequestException $e) { - $message = "Could not pull image " . $imageName . ": " . $e->getResponse()?->getBody()->getContents(); - if ($imageIsThere === false) { - throw new \Exception($message); - } else { - error_log($message); + + $maxRetries = 3; + for ($attempt = 1; $attempt <= $maxRetries; $attempt++) { + try { + $this->guzzleClient->post($url); + break; + } catch (RequestException $e) { + $message = "Could not pull image " . $imageName . " (attempt $attempt/$maxRetries): " . $e->getResponse()?->getBody()->getContents(); + if ($attempt === $maxRetries) { + if ($imageIsThere === false) { + throw new \Exception($message); + } else { + error_log($message); + } + } else { + error_log($message . ' Retrying...'); + sleep(1); + } } } } - // Replaces placeholders in $envValue with their values. - // E.g. "%NC_DOMAIN%:%APACHE_PORT" becomes "my.nextcloud.com:11000" - private function replaceEnvPlaceholders(string $envValue): string { - // $pattern breaks down as: - // % - matches a literal percent sign - // ([^%]+) - capture group that matches one or more characters that are NOT percent signs - // % - matches the closing percent sign - // - // Assumes literal percent signs are always matched and there is no - // escaping. - $pattern = '/%([^%]+)%/'; - $matchCount = preg_match_all($pattern, $envValue, $matches); - - if ($matchCount === 0) { - return $envValue; - } - - $placeholders = $matches[0]; // ["%PLACEHOLDER1%", "%PLACEHOLDER2%", ...] - $placeholderNames = $matches[1]; // ["PLACEHOLDER1", "PLACEHOLDER2", ...] - $placeholderPatterns = array_map(static fn(string $p) => '/' . preg_quote($p) . '/', $placeholders); // ["/%PLACEHOLDER1%/", ...] - $placeholderValues = array_map($this->getPlaceholderValue(...), $placeholderNames); // ["val1", "val2"] - // Guaranteed to be non-null because we found the placeholders in the preg_match_all. - return (string) preg_replace($placeholderPatterns, $placeholderValues, $envValue); - } - - private function getPlaceholderValue(string $placeholder) : string { - return match ($placeholder) { - 'NC_DOMAIN' => $this->configurationManager->GetDomain(), - 'NC_BASE_DN' => $this->configurationManager->GetBaseDN(), - 'AIO_TOKEN' => $this->configurationManager->GetToken(), - 'BORGBACKUP_REMOTE_REPO' => $this->configurationManager->GetBorgRemoteRepo(), - 'BORGBACKUP_MODE' => $this->configurationManager->GetBackupMode(), - 'AIO_URL' => $this->configurationManager->GetAIOURL(), - 'SELECTED_RESTORE_TIME' => $this->configurationManager->GetSelectedRestoreTime(), - 'RESTORE_EXCLUDE_PREVIEWS' => $this->configurationManager->GetRestoreExcludePreviews(), - 'APACHE_PORT' => $this->configurationManager->GetApachePort(), - 'APACHE_IP_BINDING' => $this->configurationManager->GetApacheIPBinding(), - 'TALK_PORT' => $this->configurationManager->GetTalkPort(), - 'TURN_DOMAIN' => $this->configurationManager->GetTurnDomain(), - 'NEXTCLOUD_MOUNT' => $this->configurationManager->GetNextcloudMount(), - 'BACKUP_RESTORE_PASSWORD' => $this->configurationManager->GetBorgRestorePassword(), - 'CLAMAV_ENABLED' => $this->configurationManager->isClamavEnabled() ? 'yes' : '', - 'TALK_RECORDING_ENABLED' => $this->configurationManager->isTalkRecordingEnabled() ? 'yes' : '', - 'ONLYOFFICE_ENABLED' => $this->configurationManager->isOnlyofficeEnabled() ? 'yes' : '', - 'COLLABORA_ENABLED' => $this->configurationManager->isCollaboraEnabled() ? 'yes' : '', - 'TALK_ENABLED' => $this->configurationManager->isTalkEnabled() ? 'yes' : '', - 'UPDATE_NEXTCLOUD_APPS' => ($this->configurationManager->isDailyBackupRunning() && $this->configurationManager->areAutomaticUpdatesEnabled()) ? 'yes' : '', - 'TIMEZONE' => $this->configurationManager->GetTimezone() === '' ? 'Etc/UTC' : $this->configurationManager->GetTimezone(), - 'COLLABORA_DICTIONARIES' => $this->configurationManager->GetCollaboraDictionaries() === '' ? 'de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru' : $this->configurationManager->GetCollaboraDictionaries(), - 'IMAGINARY_ENABLED' => $this->configurationManager->isImaginaryEnabled() ? 'yes' : '', - 'FULLTEXTSEARCH_ENABLED' => $this->configurationManager->isFulltextsearchEnabled() ? 'yes' : '', - 'DOCKER_SOCKET_PROXY_ENABLED' => $this->configurationManager->isDockerSocketProxyEnabled() ? 'yes' : '', - 'NEXTCLOUD_UPLOAD_LIMIT' => $this->configurationManager->GetNextcloudUploadLimit(), - 'NEXTCLOUD_MEMORY_LIMIT' => $this->configurationManager->GetNextcloudMemoryLimit(), - 'NEXTCLOUD_MAX_TIME' => $this->configurationManager->GetNextcloudMaxTime(), - 'BORG_RETENTION_POLICY' => $this->configurationManager->GetBorgRetentionPolicy(), - 'FULLTEXTSEARCH_JAVA_OPTIONS' => $this->configurationManager->GetFulltextsearchJavaOptions(), - 'NEXTCLOUD_TRUSTED_CACERTS_DIR' => $this->configurationManager->GetTrustedCacertsDir(), - 'ADDITIONAL_DIRECTORIES_BACKUP' => $this->configurationManager->GetAdditionalBackupDirectoriesString() !== '' ? 'yes' : '', - 'BORGBACKUP_HOST_LOCATION' => $this->configurationManager->GetBorgBackupHostLocation(), - 'APACHE_MAX_SIZE' => (string)($this->configurationManager->GetApacheMaxSize()), - 'COLLABORA_SECCOMP_POLICY' => $this->configurationManager->GetCollaboraSeccompPolicy(), - 'NEXTCLOUD_STARTUP_APPS' => $this->configurationManager->GetNextcloudStartupApps(), - 'NEXTCLOUD_ADDITIONAL_APKS' => $this->configurationManager->GetNextcloudAdditionalApks(), - 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' => $this->configurationManager->GetNextcloudAdditionalPhpExtensions(), - 'INSTALL_LATEST_MAJOR' => $this->configurationManager->shouldLatestMajorGetInstalled() ? 'yes' : '', - 'REMOVE_DISABLED_APPS' => $this->configurationManager->shouldDisabledAppsGetRemoved() ? 'yes' : '', - // Allow to get local ip-address of database container which allows to talk to it even in host mode (the container that requires this needs to be started first then) - 'AIO_DATABASE_HOST' => gethostbyname('nextcloud-aio-database'), - // Allow to get local ip-address of caddy container and add it to trusted proxies automatically - 'CADDY_IP_ADDRESS' => in_array('caddy', $this->configurationManager->GetEnabledCommunityContainers(), true) ? gethostbyname('nextcloud-aio-caddy') : '', - 'WHITEBOARD_ENABLED' => $this->configurationManager->isWhiteboardEnabled() ? 'yes' : '', - default => $this->configurationManager->GetRegisteredSecret($placeholder), - }; - } - private function isContainerUpdateAvailable(string $id): string { $container = $this->containerDefinitionFetcher->GetContainerById($id); @@ -598,7 +539,7 @@ readonly class DockerActionManager { if ($container->GetUpdateState() === VersionState::Different) { $updateAvailable = '1'; } - foreach ($container->GetDependsOn() as $dependency) { + foreach ($container->dependsOn as $dependency) { $updateAvailable .= $this->isContainerUpdateAvailable($dependency); } return $updateAvailable; @@ -606,7 +547,7 @@ readonly class DockerActionManager { public function isAnyUpdateAvailable(): bool { // return early if instance is not installed - if (!$this->configurationManager->wasStartButtonClicked()) { + if (!$this->configurationManager->wasStartButtonClicked) { return false; } $id = 'nextcloud-aio-apache'; @@ -622,10 +563,10 @@ readonly class DockerActionManager { $container = $this->containerDefinitionFetcher->GetContainerById($id); $backupVolumes = ''; - foreach ($container->GetBackupVolumes() as $backupVolume) { + foreach ($container->backupVolumes as $backupVolume) { $backupVolumes .= $backupVolume . ' '; } - foreach ($container->GetDependsOn() as $dependency) { + foreach ($container->dependsOn as $dependency) { $backupVolumes .= $this->getBackupVolumes($dependency); } return $backupVolumes; @@ -641,10 +582,10 @@ readonly class DockerActionManager { $container = $this->containerDefinitionFetcher->GetContainerById($id); $nextcloudExecCommands = ''; - foreach ($container->GetNextcloudExecCommands() as $execCommand) { + foreach ($container->nextcloudExecCommands as $execCommand) { $nextcloudExecCommands .= $execCommand . PHP_EOL; } - foreach ($container->GetDependsOn() as $dependency) { + foreach ($container->dependsOn as $dependency) { $nextcloudExecCommands .= $this->GetNextcloudExecCommands($dependency); } return $nextcloudExecCommands; @@ -776,7 +717,7 @@ readonly class DockerActionManager { public function sendNotification(Container $container, string $subject, string $message, string $file = '/notify.sh'): void { if ($this->GetContainerStartingState($container) === ContainerState::Running) { - $containerName = $container->GetIdentifier(); + $containerName = $container->identifier; // schedule the exec $url = $this->BuildApiUrl(sprintf('containers/%s/exec', urlencode($containerName))); @@ -901,14 +842,14 @@ readonly class DockerActionManager { // Add a secondary alias for domaincheck container, to keep it as similar to actual apache controller as possible. // If a reverse-proxy is relying on container name as hostname this allows it to operate as usual and still validate the domain // The domaincheck container and apache container are never supposed to be active at the same time because they use the same APACHE_PORT anyway, so this doesn't add any new constraints. - $alias = ($container->GetIdentifier() === 'nextcloud-aio-domaincheck') ? 'nextcloud-aio-apache' : ''; + $alias = ($container->identifier === 'nextcloud-aio-domaincheck') ? 'nextcloud-aio-apache' : ''; - $this->ConnectContainerIdToNetwork($container->GetIdentifier(), $container->GetInternalPort(), alias: $alias); + $this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, alias: $alias); - if ($container->GetIdentifier() === 'nextcloud-aio-apache' || $container->GetIdentifier() === 'nextcloud-aio-domaincheck') { + if ($container->identifier === 'nextcloud-aio-apache' || $container->identifier === 'nextcloud-aio-domaincheck') { $apacheAdditionalNetwork = $this->configurationManager->GetApacheAdditionalNetwork(); if ($apacheAdditionalNetwork !== '') { - $this->ConnectContainerIdToNetwork($container->GetIdentifier(), $container->GetInternalPort(), $apacheAdditionalNetwork, false, $alias); + $this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, $apacheAdditionalNetwork, false, $alias); } } } @@ -917,9 +858,9 @@ readonly class DockerActionManager { if ($forceStopContainer) { $maxShutDownTime = 10; } else { - $maxShutDownTime = $container->GetMaxShutdownTime(); + $maxShutDownTime = $container->maxShutdownTime; } - $url = $this->BuildApiUrl(sprintf('containers/%s/stop?t=%s', urlencode($container->GetIdentifier()), $maxShutDownTime)); + $url = $this->BuildApiUrl(sprintf('containers/%s/stop?t=%s', urlencode($container->identifier), $maxShutDownTime)); try { $this->guzzleClient->post($url); } catch (RequestException $e) { diff --git a/php/templates/components/container-state.twig b/php/templates/components/container-state.twig index 8375d033..07580e66 100644 --- a/php/templates/components/container-state.twig +++ b/php/templates/components/container-state.twig @@ -3,24 +3,24 @@ {% if c.GetStartingState().value == 'starting' %} - {{ c.GetDisplayName() }} - (Starting) + {{ c.displayName }} + (Starting) {% elseif c.GetRunningState().value == 'running' %} - {{ c.GetDisplayName() }} - (Running) + {{ c.displayName }} + (Running) {% else %} - {{ c.GetDisplayName() }} - (Stopped) + {{ c.displayName }} + (Stopped) {% endif %} - {% if c.GetDocumentation() != '' %} - (docs) + {% if c.documentation != '' %} + (docs) {% endif %} {% if c.GetUiSecret() != '' %}
- Show password for {{ c.GetDisplayName() }} + Show password for {{ c.displayName }}
{% endif %} diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 9c55350e..2f722768 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -17,7 +17,8 @@
-

Nextcloud AIO v12.5.0

+ {% set aio_version = include('includes/aio-version.twig') %} +

Nextcloud AIO v{{ aio_version }}

{# Add 2nd tab warning #} @@ -45,19 +46,19 @@ {% endif %} {% for container in containers %} - {% if container.GetDisplayName() != '' and container.GetRunningState().value == 'running' %} + {% if container.displayName != '' and container.GetRunningState().value == 'running' %} {% set isAnyRunning = true %} {% endif %} - {% if container.GetDisplayName() != '' and container.GetRestartingState().value == 'restarting' %} + {% if container.displayName != '' and container.GetRestartingState().value == 'restarting' %} {% set isAnyRestarting = true %} {% endif %} - {% if container.GetIdentifier() == 'nextcloud-aio-watchtower' and container.GetRunningState().value == 'running' %} + {% if container.identifier == 'nextcloud-aio-watchtower' and container.GetRunningState().value == 'running' %} {% set isWatchtowerRunning = true %} {% endif %} - {% if container.GetIdentifier() == 'nextcloud-aio-domaincheck' and container.GetRunningState().value == 'running' %} + {% if container.identifier == 'nextcloud-aio-domaincheck' and container.GetRunningState().value == 'running' %} {% set isDomaincheckRunning = true %} {% endif %} - {% if container.GetIdentifier() == 'nextcloud-aio-apache' and container.GetStartingState().value == 'starting' %} + {% if container.identifier == 'nextcloud-aio-apache' and container.GetStartingState().value == 'starting' %} {% set isApacheStarting = true %} {% endif %} {% endfor %} @@ -280,7 +281,7 @@
    {# @var containers \AIO\Container\Container[] #} {% for container in containers %} - {% if container.GetDisplayName() != '' %} + {% if container.displayName != '' %} {% include 'components/container-state.twig' with {'c': container} only %} {% endif %} {% endfor %} diff --git a/php/templates/includes/aio-version.twig b/php/templates/includes/aio-version.twig new file mode 100644 index 00000000..b7d7205d --- /dev/null +++ b/php/templates/includes/aio-version.twig @@ -0,0 +1 @@ +12.5.0