mirror of
https://github.com/nextcloud/all-in-one.git
synced 2026-02-16 02:30:17 +00:00
Compare commits
18 commits
91474cbb9b
...
f22b31510f
| Author | SHA1 | Date | |
|---|---|---|---|
|
f22b31510f | ||
|
|
2bde893647 | ||
|
|
1a91d6187c | ||
|
|
be1199ace1 | ||
|
|
d425bb226c | ||
|
|
edba082dce | ||
|
|
0d0d43d0cf | ||
|
|
4a7353d9e7 | ||
|
|
386a94494f | ||
|
|
d72181f754 | ||
|
|
0c0f956ea2 | ||
|
|
7634a3887f | ||
|
|
427f860ea8 | ||
|
|
095d3d9cc0 | ||
|
|
83de526051 | ||
|
|
57306c8cae | ||
|
|
cc41c3465e | ||
|
|
6b3af009e2 |
14 changed files with 88 additions and 60 deletions
|
|
@ -1,6 +1,6 @@
|
|||
# syntax=docker/dockerfile:latest
|
||||
# Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile
|
||||
FROM elasticsearch:8.19.7
|
||||
FROM elasticsearch:8.19.8
|
||||
|
||||
USER root
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# syntax=docker/dockerfile:latest
|
||||
FROM golang:1.25.4-alpine3.22 AS go
|
||||
FROM golang:1.25.5-alpine3.22 AS go
|
||||
|
||||
ENV IMAGINARY_HASH=6a274b488759a896aff02f52afee6e50b5e3a3ee
|
||||
|
||||
|
|
|
|||
|
|
@ -75,18 +75,15 @@ elif ! sudo -E -u www-data test -r /var/run/docker.sock; then
|
|||
fi
|
||||
fi
|
||||
|
||||
# Check if api version is supported
|
||||
if ! sudo -E -u www-data docker info &>/dev/null; then
|
||||
print_red "Cannot connect to the docker socket. Cannot proceed."
|
||||
echo "Did you maybe remove group read permissions for the docker socket? AIO needs them in order to access the docker socket."
|
||||
echo "If SELinux is enabled on your host, see https://github.com/nextcloud/all-in-one#are-there-known-problems-when-selinux-is-enabled"
|
||||
echo "If you are on TrueNas SCALE, see https://github.com/nextcloud/all-in-one#can-i-run-aio-on-truenas-scale"
|
||||
# Get default docker api version
|
||||
API_VERSION_FILE="$(find ./ -name DockerActionManager.php | head -1)"
|
||||
API_VERSION="$(grep -oP 'const string API_VERSION.*\;' "$API_VERSION_FILE" | grep -oP '[0-9]+.[0-9]+' | head -1)"
|
||||
if [ -z "$API_VERSION" ]; then
|
||||
print_red "Could not get API_VERSION. Something is wrong!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Docker api version check
|
||||
API_VERSION_FILE="$(find ./ -name DockerActionManager.php | head -1)"
|
||||
API_VERSION="$(grep -oP 'const string API_VERSION.*\;' "$API_VERSION_FILE" | grep -oP '[0-9]+.[0-9]+' | head -1)"
|
||||
# Check if DOCKER_API_VERSION is set globally
|
||||
if [ -n "$DOCKER_API_VERSION" ]; then
|
||||
if ! echo "$DOCKER_API_VERSION" | grep -q '^[0-9].[0-9]\+$'; then
|
||||
print_red "You've set DOCKER_API_VERSION but not to an allowed value.
|
||||
|
|
@ -98,23 +95,45 @@ It is set to '$DOCKER_API_VERSION'."
|
|||
print_red "Please note that only v$API_VERSION is officially supported and tested by the maintainers of Nextcloud AIO."
|
||||
print_red "So you run on your own risk and things might break without warning."
|
||||
else
|
||||
# shellcheck disable=SC2001
|
||||
API_VERSION_NUMB="$(echo "$API_VERSION" | sed 's/\.//')"
|
||||
LOCAL_API_VERSION_NUMB="$(sudo -E -u www-data docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')"
|
||||
if [ -n "$LOCAL_API_VERSION_NUMB" ] && [ -n "$API_VERSION_NUMB" ]; then
|
||||
if ! [ "$LOCAL_API_VERSION_NUMB" -ge "$API_VERSION_NUMB" ]; then
|
||||
print_red "Docker API v$API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO!"
|
||||
echo "Alternatively, set the DOCKER_API_VERSION environmental variable to a compatible version."
|
||||
echo "However please note that only v$API_VERSION is officially supported and tested by the maintainers of Nextcloud AIO."
|
||||
echo "See https://github.com/nextcloud/all-in-one#how-to-adjust-the-internally-used-docker-api-version"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "LOCAL_API_VERSION_NUMB or API_VERSION_NUMB are not set correctly. Cannot check if the API version is supported."
|
||||
sleep 10
|
||||
# Export docker api version to use it everywhere
|
||||
export DOCKER_API_VERSION="$API_VERSION"
|
||||
fi
|
||||
|
||||
# Set a fallback docker api version. Needed for api version check.
|
||||
# The check will not work otherwise on old docker versions
|
||||
FALLBACK_DOCKER_API_VERSION="1.41"
|
||||
|
||||
# Check if docker info can be used
|
||||
if ! sudo -E -u www-data docker info &>/dev/null; then
|
||||
if ! sudo -E -u www-data DOCKER_API_VERSION="$FALLBACK_DOCKER_API_VERSION" docker info &>/dev/null; then
|
||||
print_red "Cannot connect to the docker socket. Cannot proceed."
|
||||
echo "Did you maybe remove group read permissions for the docker socket? AIO needs them in order to access the docker socket."
|
||||
echo "If SELinux is enabled on your host, see https://github.com/nextcloud/all-in-one#are-there-known-problems-when-selinux-is-enabled"
|
||||
echo "If you are on TrueNas SCALE, see https://github.com/nextcloud/all-in-one#can-i-run-aio-on-truenas-scale"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# Docker api version check
|
||||
# shellcheck disable=SC2001
|
||||
API_VERSION_NUMB="$(echo "$API_VERSION" | sed 's/\.//')"
|
||||
LOCAL_API_VERSION_NUMB="$(sudo -E -u www-data docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')"
|
||||
if [ -z "$LOCAL_API_VERSION_NUMB" ]; then
|
||||
LOCAL_API_VERSION_NUMB="$(sudo -E -u www-data DOCKER_API_VERSION="$FALLBACK_DOCKER_API_VERSION" docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//')"
|
||||
fi
|
||||
if [ -n "$LOCAL_API_VERSION_NUMB" ] && [ -n "$API_VERSION_NUMB" ]; then
|
||||
if ! [ "$LOCAL_API_VERSION_NUMB" -ge "$API_VERSION_NUMB" ]; then
|
||||
print_red "Docker API v$API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO!"
|
||||
echo "Alternatively, set the DOCKER_API_VERSION environmental variable to a compatible version."
|
||||
echo "However please note that only v$API_VERSION is officially supported and tested by the maintainers of Nextcloud AIO."
|
||||
echo "See https://github.com/nextcloud/all-in-one#how-to-adjust-the-internally-used-docker-api-version"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "LOCAL_API_VERSION_NUMB or API_VERSION_NUMB are not set correctly. Cannot check if the API version is supported."
|
||||
sleep 10
|
||||
fi
|
||||
|
||||
# Check Storage drivers
|
||||
STORAGE_DRIVER="$(sudo -E -u www-data docker info | grep "Storage Driver")"
|
||||
# Check if vfs is used: https://github.com/nextcloud/all-in-one/discussions/1467
|
||||
|
|
|
|||
|
|
@ -7,3 +7,11 @@ if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES')) {
|
|||
),
|
||||
);
|
||||
}
|
||||
if (getenv('NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL')) {
|
||||
$CONFIG = array(
|
||||
'dbdriveroptions' => array(
|
||||
'PDO::MYSQL_ATTR_SSL_CA' => '/var/www/html/data/certificates/MYSQL',
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -283,6 +283,10 @@ EOF
|
|||
if [ -n "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" ]; then
|
||||
mkdir /var/www/html/data/certificates
|
||||
echo "$NEXTCLOUD_TRUSTED_CERTIFICATES_POSTGRES" > "/var/www/html/data/certificates/POSTGRES"
|
||||
# Write out mysql root cert
|
||||
elif [ -n "$NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL" ]; then
|
||||
mkdir /var/www/html/data/certificates
|
||||
echo "$NEXTCLOUD_TRUSTED_CERTIFICATES_MYSQL" > "/var/www/html/data/certificates/MYSQL"
|
||||
fi
|
||||
|
||||
echo "Installing with $DATABASE_TYPE database"
|
||||
|
|
|
|||
|
|
@ -68,11 +68,14 @@ fi
|
|||
|
||||
# Postgres root cert
|
||||
if [ -f "/nextcloud/data/certificates/POSTGRES" ]; then
|
||||
POSTGRES_CERT="?sslmode=verify-ca&sslrootcert=/nextcloud/data/certificates/POSTGRES"
|
||||
CERT_OPTIONS="?sslmode=verify-ca&sslrootcert=/nextcloud/data/certificates/POSTGRES"
|
||||
# Mysql root cert
|
||||
elif [ -f "/nextcloud/data/certificates/MYSQL" ]; then
|
||||
CERT_OPTIONS="?sslmode=verify-ca&ssl-ca=/nextcloud/data/certificates/MYSQL"
|
||||
fi
|
||||
|
||||
# Set sensitive values as env
|
||||
export DATABASE_URL="$DATABASE_TYPE://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB$POSTGRES_CERT"
|
||||
export DATABASE_URL="$DATABASE_TYPE://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB$CERT_OPTIONS"
|
||||
export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST/$REDIS_DB_INDEX"
|
||||
|
||||
# Run it
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# syntax=docker/dockerfile:latest
|
||||
FROM golang:1.25.4-alpine3.22 AS go
|
||||
FROM golang:1.25.5-alpine3.22 AS go
|
||||
|
||||
ENV WATCHTOWER_COMMIT_HASH=6c5a1b0bea65cea1d4cc1de5196789a01617957a
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ This container bundles caddy and auto-configures it for you. It also covers [vau
|
|||
|
||||
### Notes
|
||||
- This container is incompatible with the [npmplus](https://github.com/nextcloud/all-in-one/tree/main/community-containers/npmplus) community container. So make sure that you do not enable both at the same time!
|
||||
- Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO.
|
||||
- Make sure that no other service is using port 443/tcp on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO.
|
||||
- Starting with AIO v12, the Talk port that was usually exposed on port 3478 is now set to port 443 udp and tcp and reachable via `your-nc-domain.com`. For the changes to become activated, you need to go to `https://your-nc-domain.com/settings/admin/talk` and delete all turn and stun servers. Then restart the containers and the new config should become active.
|
||||
- Starting with AIO v12, you can also limit vaultwarden, stalwart and lldap to certain ip-addresses. You can do so by creating a `allowed-IPs-vaultwarden.txt`, `allowed-IPs-stalwart.txt`, or `allowed-IPs-lldap.txt` file in the `nextcloud-aio-caddy` directory of your admin user and adding the ip-addresses in these files.
|
||||
- The container also supports the proxy protocol inside caddy. That means that you can run a supported web server in front of port 443/tcp and use the proxy protocol. You can enable this by configuring the `APACHE_IP_BINDING` environmental variable for the mastercontainer and set it to an ip-address from which the protocol shall be accepted. ⚠️ Note that the initial domain validation will not work correctly if you want to use the proxy protocol. So make sure to skip the domain validation in that case. See the [documentation](https://github.com/nextcloud/all-in-one#how-to-skip-the-domain-validation).
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@ This container bundles an SMB-server and allows to configure it via a graphical
|
|||
|
||||
### Notes
|
||||
- This container should only be run in home networks
|
||||
- This container currently only works on amd64. See https://github.com/szaimen/aio-smbserver/issues/3
|
||||
- After adding and starting the container, you need to visit `https://internal.ip.of.server:5803` in order to log in with the `smbserver` user and the password that you can see next to the container in the AIO interface. (The web page uses a self-signed certificate, so you need to accept the warning). Then type in `bash /smbserver.sh` and you will see a graphical UI for configuring the smb-server interactively.
|
||||
- The config data of SMB-server will be automatically included in AIOs backup solution!
|
||||
- See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack
|
||||
|
|
|
|||
|
|
@ -438,7 +438,7 @@ services:
|
|||
environment:
|
||||
- TZ=${TIMEZONE}
|
||||
- ES_JAVA_OPTS=${FULLTEXTSEARCH_JAVA_OPTIONS}
|
||||
- bootstrap.memory_lock=true
|
||||
- bootstrap.memory_lock=false
|
||||
- cluster.name=nextcloud-aio
|
||||
- discovery.type=single-node
|
||||
- logger.level=WARN
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ $app->get('/containers', function (Request $request, Response $response, array $
|
|||
'is_backup_container_running' => $dockerActionManger->isBackupContainerRunning(),
|
||||
'backup_exit_code' => $dockerActionManger->GetBackupcontainerExitCode(),
|
||||
'is_instance_restore_attempt' => $configurationManager->isInstanceRestoreAttempt(),
|
||||
'borg_backup_mode' => $configurationManager->GetBorgBackupMode(),
|
||||
'borg_backup_mode' => $configurationManager->GetBackupMode(),
|
||||
'was_start_button_clicked' => $configurationManager->wasStartButtonClicked(),
|
||||
'has_update_available' => $dockerActionManger->isAnyUpdateAvailable(),
|
||||
'last_backup_time' => $configurationManager->GetLastBackupTime(),
|
||||
|
|
|
|||
|
|
@ -159,7 +159,7 @@ readonly class ConfigurationController {
|
|||
}
|
||||
|
||||
if (isset($request->getParsedBody()['delete_borg_backup_location_vars'])) {
|
||||
$this->configurationManager->DeleteBorgBackupLocationVars();
|
||||
$this->configurationManager->DeleteBorgBackupLocationItems();
|
||||
}
|
||||
|
||||
return $response->withStatus(201)->withHeader('Location', '.');
|
||||
|
|
|
|||
|
|
@ -89,9 +89,7 @@ readonly class DockerController {
|
|||
}
|
||||
|
||||
public function startBackup(bool $forceStopNextcloud = false) : void {
|
||||
$config = $this->configurationManager->GetConfig();
|
||||
$config['backup-mode'] = 'backup';
|
||||
$this->configurationManager->WriteConfig($config);
|
||||
$this->configurationManager->SetBackupMode('backup');
|
||||
|
||||
$id = self::TOP_CONTAINER;
|
||||
$this->PerformRecursiveContainerStop($id, $forceStopNextcloud);
|
||||
|
|
@ -111,26 +109,22 @@ readonly class DockerController {
|
|||
}
|
||||
|
||||
public function checkBackup() : void {
|
||||
$config = $this->configurationManager->GetConfig();
|
||||
$config['backup-mode'] = 'check';
|
||||
$this->configurationManager->WriteConfig($config);
|
||||
$this->configurationManager->SetBackupMode('check');
|
||||
|
||||
$id = 'nextcloud-aio-borgbackup';
|
||||
$this->PerformRecursiveContainerStart($id);
|
||||
}
|
||||
|
||||
private function listBackup() : void {
|
||||
$config = $this->configurationManager->GetConfig();
|
||||
$config['backup-mode'] = 'list';
|
||||
$this->configurationManager->WriteConfig($config);
|
||||
$this->configurationManager->SetBackupMode('list');
|
||||
|
||||
$id = 'nextcloud-aio-borgbackup';
|
||||
$this->PerformRecursiveContainerStart($id);
|
||||
}
|
||||
|
||||
public function StartBackupContainerRestore(Request $request, Response $response, array $args) : Response {
|
||||
$this->configurationManager->SetBackupMode('restore');
|
||||
$config = $this->configurationManager->GetConfig();
|
||||
$config['backup-mode'] = 'restore';
|
||||
$config['selected-restore-time'] = $request->getParsedBody()['selected_restore_time'] ?? '';
|
||||
if (isset($request->getParsedBody()['restore-exclude-previews'])) {
|
||||
$config['restore-exclude-previews'] = 1;
|
||||
|
|
@ -150,24 +144,20 @@ readonly class DockerController {
|
|||
}
|
||||
|
||||
public function StartBackupContainerCheckRepair(Request $request, Response $response, array $args) : Response {
|
||||
$config = $this->configurationManager->GetConfig();
|
||||
$config['backup-mode'] = 'check-repair';
|
||||
$this->configurationManager->WriteConfig($config);
|
||||
$this->configurationManager->SetBackupMode('check-repair');
|
||||
|
||||
$id = 'nextcloud-aio-borgbackup';
|
||||
$this->PerformRecursiveContainerStart($id);
|
||||
|
||||
// Restore to backup check which is needed to make the UI logic work correctly
|
||||
$config = $this->configurationManager->GetConfig();
|
||||
$config['backup-mode'] = 'check';
|
||||
$this->configurationManager->WriteConfig($config);
|
||||
$this->configurationManager->SetBackupMode('check');
|
||||
|
||||
return $response->withStatus(201)->withHeader('Location', '.');
|
||||
}
|
||||
|
||||
public function StartBackupContainerTest(Request $request, Response $response, array $args) : Response {
|
||||
$this->configurationManager->SetBackupMode('test');
|
||||
$config = $this->configurationManager->GetConfig();
|
||||
$config['backup-mode'] = 'test';
|
||||
$config['instance_restore_attempt'] = 0;
|
||||
$this->configurationManager->WriteConfig($config);
|
||||
|
||||
|
|
|
|||
|
|
@ -426,6 +426,12 @@ class ConfigurationManager
|
|||
return $config['backup-mode'];
|
||||
}
|
||||
|
||||
public function SetBackupMode(string $mode) : void {
|
||||
$config = $this->GetConfig();
|
||||
$config['backup-mode'] = $mode;
|
||||
$this->WriteConfig($config);
|
||||
}
|
||||
|
||||
public function GetSelectedRestoreTime() : string {
|
||||
$config = $this->GetConfig();
|
||||
if(!isset($config['selected-restore-time'])) {
|
||||
|
|
@ -506,11 +512,19 @@ class ConfigurationManager
|
|||
}
|
||||
}
|
||||
|
||||
public function DeleteBorgBackupLocationVars() : void {
|
||||
public function DeleteBorgBackupLocationItems() : void {
|
||||
// Delete the variables
|
||||
$config = $this->GetConfig();
|
||||
$config['borg_backup_host_location'] = '';
|
||||
$config['borg_remote_repo'] = '';
|
||||
$this->WriteConfig($config);
|
||||
|
||||
// Also delete the borg config file to be able to start over
|
||||
if (file_exists(DataConst::GetBackupKeyFile())) {
|
||||
if (unlink(DataConst::GetBackupKeyFile())) {
|
||||
error_log('borg.config file deleted to be able to start over.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -667,15 +681,6 @@ class ConfigurationManager
|
|||
return false;
|
||||
}
|
||||
|
||||
public function GetBorgBackupMode() : string {
|
||||
$config = $this->GetConfig();
|
||||
if(!isset($config['backup-mode'])) {
|
||||
$config['backup-mode'] = '';
|
||||
}
|
||||
|
||||
return $config['backup-mode'];
|
||||
}
|
||||
|
||||
public function GetNextcloudMount() : string {
|
||||
$envVariableName = 'NEXTCLOUD_MOUNT';
|
||||
$configName = 'nextcloud_mount';
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue