diff options
author | GitHub Workflow <workflow@github.com> | 2024-04-24 00:28:00 +0000 |
---|---|---|
committer | GitHub Workflow <workflow@github.com> | 2024-04-24 00:28:00 +0000 |
commit | f7b20139ebd35daea49138fd15232c5d812f4114 (patch) | |
tree | b706e59c958f757fbb9f43f335380e0a05f7c248 | |
parent | f23d5d3ab4af4a65ffea30d05d1d1a7a37cd4bc1 (diff) |
Runs update.shv2024.4.1
42 files changed, 2010 insertions, 1 deletions
diff --git a/29/apache/Dockerfile b/29/apache/Dockerfile new file mode 100644 index 00000000..eb44e77c --- /dev/null +++ b/29/apache/Dockerfile @@ -0,0 +1,174 @@ +# DO NOT EDIT: created by update.sh from Dockerfile-debian.template +FROM php:8.2-apache-bookworm + +# entrypoint.sh and cron.sh dependencies +RUN set -ex; \ + \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + busybox-static \ + bzip2 \ + libldap-common \ + libmagickcore-6.q16-6-extra \ + rsync \ + ; \ + rm -rf /var/lib/apt/lists/*; \ + \ + mkdir -p /var/spool/cron/crontabs; \ + echo '*/5 * * * * php -f /var/www/html/cron.php' > /var/spool/cron/crontabs/www-data + +# install the PHP extensions we need +# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html +ENV PHP_MEMORY_LIMIT 512M +ENV PHP_UPLOAD_LIMIT 512M +RUN set -ex; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + libcurl4-openssl-dev \ + libevent-dev \ + libfreetype6-dev \ + libgmp-dev \ + libicu-dev \ + libjpeg-dev \ + libldap2-dev \ + libmagickwand-dev \ + libmcrypt-dev \ + libmemcached-dev \ + libpng-dev \ + libpq-dev \ + libwebp-dev \ + libxml2-dev \ + libzip-dev \ + ; \ + \ + debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ + docker-php-ext-configure ftp --with-openssl-dir=/usr; \ + docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \ + docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \ + docker-php-ext-install -j "$(nproc)" \ + bcmath \ + exif \ + ftp \ + gd \ + gmp \ + intl \ + ldap \ + opcache \ + pcntl \ + pdo_mysql \ + pdo_pgsql \ + sysvsem \ + zip \ + ; \ + \ +# pecl will claim success even if one install fails, so we need to perform each install separately + pecl install APCu-5.1.23; \ + pecl install imagick-3.7.0; \ + pecl install memcached-3.2.0; \ + pecl install redis-6.0.2; \ + \ + docker-php-ext-enable \ + apcu \ + imagick \ + memcached \ + redis \ + ; \ + rm -r /tmp/pear; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + apt-mark manual $savedAptMark; \ + ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \ + | sort -u \ + | xargs -r dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | xargs -rt apt-mark manual; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + rm -rf /var/lib/apt/lists/* + +# set recommended PHP.ini settings +# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache +RUN { \ + echo 'opcache.enable=1'; \ + echo 'opcache.interned_strings_buffer=32'; \ + echo 'opcache.max_accelerated_files=10000'; \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.save_comments=1'; \ + echo 'opcache.revalidate_freq=60'; \ + echo 'opcache.jit=1255'; \ + echo 'opcache.jit_buffer_size=128M'; \ + } > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \ + \ + echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ + \ + { \ + echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ + echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ + echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \ + } > "${PHP_INI_DIR}/conf.d/nextcloud.ini"; \ + \ + mkdir /var/www/data; \ + mkdir -p /docker-entrypoint-hooks.d/pre-installation \ + /docker-entrypoint-hooks.d/post-installation \ + /docker-entrypoint-hooks.d/pre-upgrade \ + /docker-entrypoint-hooks.d/post-upgrade \ + /docker-entrypoint-hooks.d/before-starting; \ + chown -R www-data:root /var/www; \ + chmod -R g=u /var/www + +VOLUME /var/www/html + +RUN a2enmod headers rewrite remoteip ; \ + { \ + echo 'RemoteIPHeader X-Real-IP'; \ + echo 'RemoteIPInternalProxy 10.0.0.0/8'; \ + echo 'RemoteIPInternalProxy 172.16.0.0/12'; \ + echo 'RemoteIPInternalProxy 192.168.0.0/16'; \ + } > /etc/apache2/conf-available/remoteip.conf; \ + a2enconf remoteip + +# set apache config LimitRequestBody +ENV APACHE_BODY_LIMIT 1073741824 +RUN { \ + echo 'LimitRequestBody ${APACHE_BODY_LIMIT}'; \ + } > /etc/apache2/conf-available/apache-limits.conf; \ + a2enconf apache-limits + +ENV NEXTCLOUD_VERSION 29.0.0 + +RUN set -ex; \ + fetchDeps=" \ + gnupg \ + dirmngr \ + "; \ + apt-get update; \ + apt-get install -y --no-install-recommends $fetchDeps; \ + \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.0.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.0.tar.bz2.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ +# gpg key from https://nextcloud.com/nextcloud.asc + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ + gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2; \ + tar -xjf nextcloud.tar.bz2 -C /usr/src/; \ + gpgconf --kill all; \ + rm nextcloud.tar.bz2.asc nextcloud.tar.bz2; \ + rm -rf "$GNUPGHOME" /usr/src/nextcloud/updater; \ + mkdir -p /usr/src/nextcloud/data; \ + mkdir -p /usr/src/nextcloud/custom_apps; \ + chmod +x /usr/src/nextcloud/occ; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \ + rm -rf /var/lib/apt/lists/* + +COPY *.sh upgrade.exclude / +COPY config/* /usr/src/nextcloud/config/ + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["apache2-foreground"] diff --git a/29/apache/config/apache-pretty-urls.config.php b/29/apache/config/apache-pretty-urls.config.php new file mode 100644 index 00000000..72da1d8c --- /dev/null +++ b/29/apache/config/apache-pretty-urls.config.php @@ -0,0 +1,4 @@ +<?php +$CONFIG = array ( + 'htaccess.RewriteBase' => '/', +); diff --git a/29/apache/config/apcu.config.php b/29/apache/config/apcu.config.php new file mode 100644 index 00000000..69fed876 --- /dev/null +++ b/29/apache/config/apcu.config.php @@ -0,0 +1,4 @@ +<?php +$CONFIG = array ( + 'memcache.local' => '\OC\Memcache\APCu', +); diff --git a/29/apache/config/apps.config.php b/29/apache/config/apps.config.php new file mode 100644 index 00000000..4c37f72a --- /dev/null +++ b/29/apache/config/apps.config.php @@ -0,0 +1,15 @@ +<?php +$CONFIG = array ( + 'apps_paths' => array ( + 0 => array ( + 'path' => OC::$SERVERROOT.'/apps', + 'url' => '/apps', + 'writable' => false, + ), + 1 => array ( + 'path' => OC::$SERVERROOT.'/custom_apps', + 'url' => '/custom_apps', + 'writable' => true, + ), + ), +); diff --git a/29/apache/config/autoconfig.php b/29/apache/config/autoconfig.php new file mode 100644 index 00000000..92ad2a1c --- /dev/null +++ b/29/apache/config/autoconfig.php @@ -0,0 +1,41 @@ +<?php + +$autoconfig_enabled = false; + +if (getenv('SQLITE_DATABASE')) { + $AUTOCONFIG['dbtype'] = 'sqlite'; + $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); + $autoconfig_enabled = true; +} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { + $AUTOCONFIG['dbtype'] = 'mysql'; + $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); + $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); + $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); + $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); + $autoconfig_enabled = true; +} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { + $AUTOCONFIG['dbtype'] = 'mysql'; + $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); + $AUTOCONFIG['dbuser'] = getenv('MYSQL_USER'); + $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); + $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); + $autoconfig_enabled = true; +} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { + $AUTOCONFIG['dbtype'] = 'pgsql'; + $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); + $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); + $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); + $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); + $autoconfig_enabled = true; +} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { + $AUTOCONFIG['dbtype'] = 'pgsql'; + $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); + $AUTOCONFIG['dbuser'] = getenv('POSTGRES_USER'); + $AUTOCONFIG['dbpass'] = getenv('POSTGRES_PASSWORD'); + $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); + $autoconfig_enabled = true; +} + +if ($autoconfig_enabled) { + $AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data'; +} diff --git a/29/apache/config/redis.config.php b/29/apache/config/redis.config.php new file mode 100644 index 00000000..a5fde3c7 --- /dev/null +++ b/29/apache/config/redis.config.php @@ -0,0 +1,17 @@ +<?php +if (getenv('REDIS_HOST')) { + $CONFIG = array( + 'memcache.distributed' => '\OC\Memcache\Redis', + 'memcache.locking' => '\OC\Memcache\Redis', + 'redis' => array( + 'host' => getenv('REDIS_HOST'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), + ), + ); + + if (getenv('REDIS_HOST_PORT') !== false) { + $CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT'); + } elseif (getenv('REDIS_HOST')[0] != '/') { + $CONFIG['redis']['port'] = 6379; + } +} diff --git a/29/apache/config/reverse-proxy.config.php b/29/apache/config/reverse-proxy.config.php new file mode 100644 index 00000000..7df0415e --- /dev/null +++ b/29/apache/config/reverse-proxy.config.php @@ -0,0 +1,30 @@ +<?php +$overwriteHost = getenv('OVERWRITEHOST'); +if ($overwriteHost) { + $CONFIG['overwritehost'] = $overwriteHost; +} + +$overwriteProtocol = getenv('OVERWRITEPROTOCOL'); +if ($overwriteProtocol) { + $CONFIG['overwriteprotocol'] = $overwriteProtocol; +} + +$overwriteCliUrl = getenv('OVERWRITECLIURL'); +if ($overwriteCliUrl) { + $CONFIG['overwrite.cli.url'] = $overwriteCliUrl; +} + +$overwriteWebRoot = getenv('OVERWRITEWEBROOT'); +if ($overwriteWebRoot) { + $CONFIG['overwritewebroot'] = $overwriteWebRoot; +} + +$overwriteCondAddr = getenv('OVERWRITECONDADDR'); +if ($overwriteCondAddr) { + $CONFIG['overwritecondaddr'] = $overwriteCondAddr; +} + +$trustedProxies = getenv('TRUSTED_PROXIES'); +if ($trustedProxies) { + $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); +} diff --git a/29/apache/config/s3.config.php b/29/apache/config/s3.config.php new file mode 100644 index 00000000..374cba2d --- /dev/null +++ b/29/apache/config/s3.config.php @@ -0,0 +1,48 @@ +<?php +if (getenv('OBJECTSTORE_S3_BUCKET')) { + $use_ssl = getenv('OBJECTSTORE_S3_SSL'); + $use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE'); + $use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH'); + $autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE'); + $CONFIG = array( + 'objectstore' => array( + 'class' => '\OC\Files\ObjectStore\S3', + 'arguments' => array( + 'bucket' => getenv('OBJECTSTORE_S3_BUCKET'), + 'region' => getenv('OBJECTSTORE_S3_REGION') ?: '', + 'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '', + 'port' => getenv('OBJECTSTORE_S3_PORT') ?: '', + 'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '', + 'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:", + 'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true, + 'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true, + // required for some non Amazon S3 implementations + 'use_path_style' => $use_path == true && strtolower($use_path) !== 'false', + // required for older protocol versions + 'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false' + ) + ) + ); + + if (getenv('OBJECTSTORE_S3_KEY_FILE') && file_exists(getenv('OBJECTSTORE_S3_KEY_FILE'))) { + $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); + } elseif (getenv('OBJECTSTORE_S3_KEY')) { + $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); + } else { + $CONFIG['objectstore']['arguments']['key'] = ''; + } + + if (getenv('OBJECTSTORE_S3_SECRET_FILE') && file_exists(getenv('OBJECTSTORE_S3_SECRET_FILE'))) { + $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); + } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); + } else { + $CONFIG['objectstore']['arguments']['secret'] = ''; + } + + if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE') && file_exists(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))) { + $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); + } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); + } +} diff --git a/29/apache/config/smtp.config.php b/29/apache/config/smtp.config.php new file mode 100644 index 00000000..5006fe47 --- /dev/null +++ b/29/apache/config/smtp.config.php @@ -0,0 +1,22 @@ +<?php +if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) { + $CONFIG = array ( + 'mail_smtpmode' => 'smtp', + 'mail_smtphost' => getenv('SMTP_HOST'), + 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), + 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', + 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || (getenv('SMTP_PASSWORD_FILE') && file_exists(getenv('SMTP_PASSWORD_FILE')))), + 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', + 'mail_smtpname' => getenv('SMTP_NAME') ?: '', + 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), + 'mail_domain' => getenv('MAIL_DOMAIN'), + ); + + if (getenv('SMTP_PASSWORD_FILE') && file_exists(getenv('SMTP_PASSWORD_FILE'))) { + $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); + } elseif (getenv('SMTP_PASSWORD')) { + $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); + } else { + $CONFIG['mail_smtppassword'] = ''; + } +} diff --git a/29/apache/config/swift.config.php b/29/apache/config/swift.config.php new file mode 100644 index 00000000..47ada566 --- /dev/null +++ b/29/apache/config/swift.config.php @@ -0,0 +1,31 @@ +<?php +if (getenv('OBJECTSTORE_SWIFT_URL')) { + $autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE'); + $CONFIG = array( + 'objectstore' => [ + 'class' => 'OC\\Files\\ObjectStore\\Swift', + 'arguments' => [ + 'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false', + 'user' => [ + 'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'), + 'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'), + 'domain' => [ + 'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default', + ], + ], + 'scope' => [ + 'project' => [ + 'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'), + 'domain' => [ + 'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default', + ], + ], + ], + 'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift', + 'region' => getenv('OBJECTSTORE_SWIFT_REGION'), + 'url' => getenv('OBJECTSTORE_SWIFT_URL'), + 'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'), + ] + ] + ); +} diff --git a/29/apache/config/upgrade-disable-web.config.php b/29/apache/config/upgrade-disable-web.config.php new file mode 100644 index 00000000..cb00b436 --- /dev/null +++ b/29/apache/config/upgrade-disable-web.config.php @@ -0,0 +1,4 @@ +<?php +$CONFIG = array ( + 'upgrade.disable-web' => true, +); diff --git a/29/apache/cron.sh b/29/apache/cron.sh new file mode 100755 index 00000000..b4cd9af6 --- /dev/null +++ b/29/apache/cron.sh @@ -0,0 +1,4 @@ +#!/bin/sh +set -eu + +exec busybox crond -f -L /dev/stdout diff --git a/29/apache/entrypoint.sh b/29/apache/entrypoint.sh new file mode 100755 index 00000000..5b627f07 --- /dev/null +++ b/29/apache/entrypoint.sh @@ -0,0 +1,279 @@ +#!/bin/sh +set -eu + +# version_greater A B returns whether A > B +version_greater() { + [ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ] +} + +# return true if specified directory is empty +directory_empty() { + [ -z "$(ls -A "$1/")" ] +} + +run_as() { + if [ "$(id -u)" = 0 ]; then + su -p "$user" -s /bin/sh -c "$1" + else + sh -c "$1" + fi +} + +# Execute all executable files in a given directory in alphanumeric order +run_path() { + local hook_folder_path="/docker-entrypoint-hooks.d/$1" + local return_code=0 + + if ! [ -d "${hook_folder_path}" ]; then + echo "=> Skipping the folder \"${hook_folder_path}\", because it doesn't exist" + return 0 + fi + + echo "=> Searching for scripts (*.sh) to run, located in the folder: ${hook_folder_path}" + + ( + find "${hook_folder_path}" -maxdepth 1 -iname '*.sh' '(' -type f -o -type l ')' -print | sort | while read -r script_file_path; do + if ! [ -x "${script_file_path}" ]; then + echo "==> The script \"${script_file_path}\" was skipped, because it didn't have the executable flag" + continue + fi + + echo "==> Running the script (cwd: $(pwd)): \"${script_file_path}\"" + + run_as "${script_file_path}" || return_code="$?" + + if [ "${return_code}" -ne "0" ]; then + echo "==> Failed at executing \"${script_file_path}\". Exit code: ${return_code}" + exit 1 + fi + + echo "==> Finished the script: \"${script_file_path}\"" + done + ) +} + +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") + local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") + if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + if [ -n "${varValue}" ]; then + export "$var"="${varValue}" + elif [ -n "${fileVarValue}" ]; then + export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${def}" ]; then + export "$var"="$def" + fi + unset "$fileVar" +} + +if expr "$1" : "apache" 1>/dev/null; then + if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then + a2disconf remoteip + fi +fi + +if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then + uid="$(id -u)" + gid="$(id -g)" + if [ "$uid" = '0' ]; then + case "$1" in + apache2*) + user="${APACHE_RUN_USER:-www-data}" + group="${APACHE_RUN_GROUP:-www-data}" + + # strip off any '#' symbol ('#1000' is valid syntax for Apache) + user="${user#'#'}" + group="${group#'#'}" + ;; + *) # php-fpm + user='www-data' + group='www-data' + ;; + esac + else + user="$uid" + group="$gid" + fi + + if [ -n "${REDIS_HOST+x}" ]; then + + echo "Configuring Redis as session handler" + { + file_env REDIS_HOST_PASSWORD + echo 'session.save_handler = redis' + # check if redis host is an unix socket path + if [ "$(echo "$REDIS_HOST" | cut -c1-1)" = "/" ]; then + if [ -n "${REDIS_HOST_PASSWORD+x}" ]; then + echo "session.save_path = \"unix://${REDIS_HOST}?auth=${REDIS_HOST_PASSWORD}\"" + else + echo "session.save_path = \"unix://${REDIS_HOST}\"" + fi + # check if redis password has been set + elif [ -n "${REDIS_HOST_PASSWORD+x}" ]; then + echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}\"" + else + echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}\"" + fi + echo "redis.session.locking_enabled = 1" + echo "redis.session.lock_retries = -1" + # redis.session.lock_wait_time is specified in microseconds. + # Wait 10ms before retrying the lock rather than the default 2ms. + echo "redis.session.lock_wait_time = 10000" + } > /usr/local/etc/php/conf.d/redis-session.ini + fi + + # If another process is syncing the html folder, wait for + # it to be done, then escape initalization. + ( + if ! flock -n 9; then + # If we couldn't get it immediately, show a message, then wait for real + echo "Another process is initializing Nextcloud. Waiting..." + flock 9 + fi + + installed_version="0.0.0.0" + if [ -f /var/www/html/version.php ]; then + # shellcheck disable=SC2016 + installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')" + fi + # shellcheck disable=SC2016 + image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')" + + if version_greater "$installed_version" "$image_version"; then + echo "Can't start Nextcloud because the version of the data ($installed_version) is higher than the docker image version ($image_version) and downgrading is not supported. Are you sure you have pulled the newest image version?" + exit 1 + fi + + if version_greater "$image_version" "$installed_version"; then + echo "Initializing nextcloud $image_version ..." + if [ "$installed_version" != "0.0.0.0" ]; then + if [ "${image_version%%.*}" -gt "$((${installed_version%%.*} + 1))" ]; th |