mirror of
https://github.com/nextcloud/all-in-one.git
synced 2026-02-16 10:40:21 +00:00
Compare commits
5 commits
940e605eb2
...
976db132e5
| Author | SHA1 | Date | |
|---|---|---|---|
|
976db132e5 | ||
|
|
cfaf69fb58 | ||
|
|
f3104bd661 | ||
|
|
f87bd7ae45 | ||
|
|
29c093afae |
6 changed files with 17 additions and 29 deletions
|
|
@ -1,5 +1,5 @@
|
|||
# syntax=docker/dockerfile:latest
|
||||
FROM nats:2.11.8-scratch AS nats
|
||||
FROM nats:2.11.9-scratch AS nats
|
||||
FROM eturnal/eturnal:1.12.1 AS eturnal
|
||||
FROM strukturag/nextcloud-spreed-signaling:2.0.4 AS signaling
|
||||
FROM alpine:3.22.1 AS janus
|
||||
|
|
|
|||
|
|
@ -255,7 +255,7 @@ services:
|
|||
expose:
|
||||
- "9980"
|
||||
environment:
|
||||
- aliasgroup1=https://${NC_DOMAIN}:443
|
||||
- aliasgroup1=https://${NC_DOMAIN}:443,http://nextcloud-aio-apache:23973
|
||||
- extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:logging.level_startup=warning --o:home_mode.enable=true --o:remote_font_config.url=https://${NC_DOMAIN}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+
|
||||
- dictionaries=${COLLABORA_DICTIONARIES}
|
||||
- TZ=${TIMEZONE}
|
||||
|
|
|
|||
|
|
@ -19,8 +19,6 @@ readonly class Container {
|
|||
private ContainerEnvironmentVariables $containerEnvironmentVariables,
|
||||
/** @var string[] */
|
||||
private array $dependsOn,
|
||||
/** @var string[] */
|
||||
private array $secrets,
|
||||
private string $uiSecret,
|
||||
/** @var string[] */
|
||||
private array $devices,
|
||||
|
|
@ -82,10 +80,6 @@ readonly class Container {
|
|||
return $this->maxShutdownTime;
|
||||
}
|
||||
|
||||
public function GetSecrets() : array {
|
||||
return $this->secrets;
|
||||
}
|
||||
|
||||
public function GetUiSecret() : string {
|
||||
return $this->dockerActionManager->GetAndGenerateSecretWrapper($this->uiSecret);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -239,9 +239,12 @@ readonly class ContainerDefinitionFetcher {
|
|||
$internalPort = $entry['internal_port'];
|
||||
}
|
||||
|
||||
$secrets = [];
|
||||
if (isset($entry['secrets'])) {
|
||||
$secrets = $entry['secrets'];
|
||||
// All secrets are registered with the configuration when they
|
||||
// are discovered so they can be later generated at time-of-use.
|
||||
foreach ($entry['secrets'] as $secret) {
|
||||
$this->configurationManager->RegisterSecret($secret);
|
||||
}
|
||||
}
|
||||
|
||||
$uiSecret = '';
|
||||
|
|
@ -320,7 +323,6 @@ readonly class ContainerDefinitionFetcher {
|
|||
$volumes,
|
||||
$variables,
|
||||
$dependsOn,
|
||||
$secrets,
|
||||
$uiSecret,
|
||||
$devices,
|
||||
$enableNvidiaGpu,
|
||||
|
|
|
|||
|
|
@ -7,6 +7,8 @@ use AIO\Controller\DockerController;
|
|||
|
||||
class ConfigurationManager
|
||||
{
|
||||
private array $secrets = [];
|
||||
|
||||
public function GetConfig() : array
|
||||
{
|
||||
if(file_exists(DataConst::GetConfigFile()))
|
||||
|
|
@ -50,13 +52,15 @@ class ConfigurationManager
|
|||
return $config['secrets'][$secretId];
|
||||
}
|
||||
|
||||
public function GetSecret(string $secretId) : string {
|
||||
$config = $this->GetConfig();
|
||||
if(!isset($config['secrets'][$secretId])) {
|
||||
$config['secrets'][$secretId] = "";
|
||||
public function GetRegisteredSecret(string $secretId) : string {
|
||||
if ($this->secrets[$secretId]) {
|
||||
return $this->GetAndGenerateSecret($secretId);
|
||||
}
|
||||
throw new \Exception("The secret " . $secretId . " was not registered. Please check if it is defined in secrets of containers.json.");
|
||||
}
|
||||
|
||||
return $config['secrets'][$secretId];
|
||||
public function RegisterSecret(string $secretId) : void {
|
||||
$this->secrets[$secretId] = true;
|
||||
}
|
||||
|
||||
private function DoubleSafeBackupSecret(string $borgBackupPassword) : void {
|
||||
|
|
|
|||
|
|
@ -221,10 +221,6 @@ readonly class DockerActionManager {
|
|||
$requestBody['HostConfig']['Binds'] = $volumes;
|
||||
}
|
||||
|
||||
foreach ($container->GetSecrets() as $secret) {
|
||||
$this->configurationManager->GetAndGenerateSecret($secret);
|
||||
}
|
||||
|
||||
$aioVariables = $container->GetAioVariables()->GetVariables();
|
||||
foreach ($aioVariables as $variable) {
|
||||
$config = $this->configurationManager->GetConfig();
|
||||
|
|
@ -566,18 +562,10 @@ readonly class DockerActionManager {
|
|||
// Allow to get local ip-address of caddy container and add it to trusted proxies automatically
|
||||
'CADDY_IP_ADDRESS' => in_array('caddy', $this->configurationManager->GetEnabledCommunityContainers(), true) ? gethostbyname('nextcloud-aio-caddy') : '',
|
||||
'WHITEBOARD_ENABLED' => $this->configurationManager->isWhiteboardEnabled() ? 'yes' : '',
|
||||
default => $this->getSecretOrThrow($placeholder),
|
||||
default => $this->configurationManager->GetRegisteredSecret($placeholder),
|
||||
};
|
||||
}
|
||||
|
||||
private function getSecretOrThrow(string $secretName): string {
|
||||
$secret = $this->configurationManager->GetSecret($secretName);
|
||||
if ($secret === "") {
|
||||
throw new \Exception("The secret " . $secretName . " is empty. Cannot substitute its value. Please check if it is defined in secrets of containers.json.");
|
||||
}
|
||||
return $secret;
|
||||
}
|
||||
|
||||
private function isContainerUpdateAvailable(string $id): string {
|
||||
$container = $this->containerDefinitionFetcher->GetContainerById($id);
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue