diff --git a/10.0/apache/Dockerfile b/10.0/apache/Dockerfile index 1f38d8e..e10976e 100644 --- a/10.0/apache/Dockerfile +++ b/10.0/apache/Dockerfile @@ -42,9 +42,10 @@ RUN set -ex \ RUN a2enmod rewrite ENV NEXTCLOUD_VERSION 10.0.6 -VOLUME /var/www/html -COPY config/* /usr/src/nextcloud/config/ +RUN chown -R www-data:root /var/www/html && \ + chmod -R g=u /var/www/html +VOLUME /var/www/html RUN curl -fsSL -o nextcloud.tar.bz2 \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ @@ -58,19 +59,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && rm nextcloud.tar.bz2 \ && rm -rf /usr/src/nextcloud/updater \ - # https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions && mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/custom_apps \ - && find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \ - && find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \ - && chown -R root:www-data /usr/src/nextcloud/ \ - && chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \ - && chown -R www-data:www-data /usr/src/nextcloud/config/ \ - && chown -R www-data:www-data /usr/src/nextcloud/data/ \ - && chown -R www-data:www-data /usr/src/nextcloud/themes/ \ && chmod +x /usr/src/nextcloud/occ COPY docker-entrypoint.sh /entrypoint.sh +COPY config/* /usr/src/nextcloud/config/ ENTRYPOINT ["/entrypoint.sh"] CMD ["apache2-foreground"] diff --git a/10.0/apache/docker-entrypoint.sh b/10.0/apache/docker-entrypoint.sh index f073581..9298bb4 100755 --- a/10.0/apache/docker-entrypoint.sh +++ b/10.0/apache/docker-entrypoint.sh @@ -11,6 +11,13 @@ function directory_empty() { [ -n "$(find "$1"/ -prune -empty)" ] } +function run_as() { + if [[ $EUID -eq 0 ]]; then + su - www-data -s /bin/bash -c "$1" + else + bash -c "$1" + fi +} installed_version="0.0.0~unknown" if [ -f /var/www/html/version.php ]; then @@ -25,28 +32,25 @@ fi if version_greater "$image_version" "$installed_version"; then if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before + run_as 'php /var/www/html/occ app:list' > /tmp/list_before fi - rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ - - for dir in config data themes; do + if [[ $EUID -eq 0 ]]; then + rsync_options="-rlDog --chown www-data:root" + else + rsync_options="-rlD" + fi + rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ + + for dir in config data custom_apps themes; do if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then - cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" + rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/ fi done - if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then - cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php - fi - - if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then - cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps - fi - if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' + run_as 'php /var/www/html/occ upgrade --no-app-disable' - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after + run_as 'php /var/www/html/occ app:list' > /tmp/list_after echo "The following apps have beed disabled:" diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 rm -f /tmp/list_before /tmp/list_after diff --git a/10.0/fpm/Dockerfile b/10.0/fpm/Dockerfile index cc1fe76..9cc0337 100644 --- a/10.0/fpm/Dockerfile +++ b/10.0/fpm/Dockerfile @@ -40,9 +40,10 @@ RUN set -ex \ && docker-php-ext-enable apcu redis memcached ENV NEXTCLOUD_VERSION 10.0.6 -VOLUME /var/www/html -COPY config/* /usr/src/nextcloud/config/ +RUN chown -R www-data:root /var/www/html && \ + chmod -R g=u /var/www/html +VOLUME /var/www/html RUN curl -fsSL -o nextcloud.tar.bz2 \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ @@ -56,19 +57,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && rm nextcloud.tar.bz2 \ && rm -rf /usr/src/nextcloud/updater \ - # https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions && mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/custom_apps \ - && find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \ - && find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \ - && chown -R root:www-data /usr/src/nextcloud/ \ - && chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \ - && chown -R www-data:www-data /usr/src/nextcloud/config/ \ - && chown -R www-data:www-data /usr/src/nextcloud/data/ \ - && chown -R www-data:www-data /usr/src/nextcloud/themes/ \ && chmod +x /usr/src/nextcloud/occ COPY docker-entrypoint.sh /entrypoint.sh +COPY config/* /usr/src/nextcloud/config/ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] diff --git a/10.0/fpm/docker-entrypoint.sh b/10.0/fpm/docker-entrypoint.sh index f073581..9298bb4 100755 --- a/10.0/fpm/docker-entrypoint.sh +++ b/10.0/fpm/docker-entrypoint.sh @@ -11,6 +11,13 @@ function directory_empty() { [ -n "$(find "$1"/ -prune -empty)" ] } +function run_as() { + if [[ $EUID -eq 0 ]]; then + su - www-data -s /bin/bash -c "$1" + else + bash -c "$1" + fi +} installed_version="0.0.0~unknown" if [ -f /var/www/html/version.php ]; then @@ -25,28 +32,25 @@ fi if version_greater "$image_version" "$installed_version"; then if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before + run_as 'php /var/www/html/occ app:list' > /tmp/list_before fi - rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ - - for dir in config data themes; do + if [[ $EUID -eq 0 ]]; then + rsync_options="-rlDog --chown www-data:root" + else + rsync_options="-rlD" + fi + rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ + + for dir in config data custom_apps themes; do if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then - cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" + rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/ fi done - if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then - cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php - fi - - if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then - cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps - fi - if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' + run_as 'php /var/www/html/occ upgrade --no-app-disable' - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after + run_as 'php /var/www/html/occ app:list' > /tmp/list_after echo "The following apps have beed disabled:" diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 rm -f /tmp/list_before /tmp/list_after diff --git a/11.0/apache/Dockerfile b/11.0/apache/Dockerfile index 851d24f..ab9c68b 100644 --- a/11.0/apache/Dockerfile +++ b/11.0/apache/Dockerfile @@ -43,9 +43,10 @@ RUN set -ex \ RUN a2enmod rewrite ENV NEXTCLOUD_VERSION 11.0.4 -VOLUME /var/www/html -COPY config/* /usr/src/nextcloud/config/ +RUN chown -R www-data:root /var/www/html && \ + chmod -R g=u /var/www/html +VOLUME /var/www/html RUN curl -fsSL -o nextcloud.tar.bz2 \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ @@ -59,19 +60,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && rm nextcloud.tar.bz2 \ && rm -rf /usr/src/nextcloud/updater \ - # https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions && mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/custom_apps \ - && find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \ - && find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \ - && chown -R root:www-data /usr/src/nextcloud/ \ - && chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \ - && chown -R www-data:www-data /usr/src/nextcloud/config/ \ - && chown -R www-data:www-data /usr/src/nextcloud/data/ \ - && chown -R www-data:www-data /usr/src/nextcloud/themes/ \ && chmod +x /usr/src/nextcloud/occ COPY docker-entrypoint.sh /entrypoint.sh +COPY config/* /usr/src/nextcloud/config/ ENTRYPOINT ["/entrypoint.sh"] CMD ["apache2-foreground"] diff --git a/11.0/apache/docker-entrypoint.sh b/11.0/apache/docker-entrypoint.sh index f073581..9298bb4 100755 --- a/11.0/apache/docker-entrypoint.sh +++ b/11.0/apache/docker-entrypoint.sh @@ -11,6 +11,13 @@ function directory_empty() { [ -n "$(find "$1"/ -prune -empty)" ] } +function run_as() { + if [[ $EUID -eq 0 ]]; then + su - www-data -s /bin/bash -c "$1" + else + bash -c "$1" + fi +} installed_version="0.0.0~unknown" if [ -f /var/www/html/version.php ]; then @@ -25,28 +32,25 @@ fi if version_greater "$image_version" "$installed_version"; then if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before + run_as 'php /var/www/html/occ app:list' > /tmp/list_before fi - rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ - - for dir in config data themes; do + if [[ $EUID -eq 0 ]]; then + rsync_options="-rlDog --chown www-data:root" + else + rsync_options="-rlD" + fi + rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ + + for dir in config data custom_apps themes; do if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then - cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" + rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/ fi done - if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then - cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php - fi - - if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then - cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps - fi - if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' + run_as 'php /var/www/html/occ upgrade --no-app-disable' - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after + run_as 'php /var/www/html/occ app:list' > /tmp/list_after echo "The following apps have beed disabled:" diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 rm -f /tmp/list_before /tmp/list_after diff --git a/11.0/fpm/Dockerfile b/11.0/fpm/Dockerfile index dd0d689..6c75948 100644 --- a/11.0/fpm/Dockerfile +++ b/11.0/fpm/Dockerfile @@ -41,9 +41,10 @@ RUN set -ex \ && docker-php-ext-enable apcu redis memcached ENV NEXTCLOUD_VERSION 11.0.4 -VOLUME /var/www/html -COPY config/* /usr/src/nextcloud/config/ +RUN chown -R www-data:root /var/www/html && \ + chmod -R g=u /var/www/html +VOLUME /var/www/html RUN curl -fsSL -o nextcloud.tar.bz2 \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ @@ -57,19 +58,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && rm nextcloud.tar.bz2 \ && rm -rf /usr/src/nextcloud/updater \ - # https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions && mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/custom_apps \ - && find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \ - && find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \ - && chown -R root:www-data /usr/src/nextcloud/ \ - && chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \ - && chown -R www-data:www-data /usr/src/nextcloud/config/ \ - && chown -R www-data:www-data /usr/src/nextcloud/data/ \ - && chown -R www-data:www-data /usr/src/nextcloud/themes/ \ && chmod +x /usr/src/nextcloud/occ COPY docker-entrypoint.sh /entrypoint.sh +COPY config/* /usr/src/nextcloud/config/ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] diff --git a/11.0/fpm/docker-entrypoint.sh b/11.0/fpm/docker-entrypoint.sh index f073581..9298bb4 100755 --- a/11.0/fpm/docker-entrypoint.sh +++ b/11.0/fpm/docker-entrypoint.sh @@ -11,6 +11,13 @@ function directory_empty() { [ -n "$(find "$1"/ -prune -empty)" ] } +function run_as() { + if [[ $EUID -eq 0 ]]; then + su - www-data -s /bin/bash -c "$1" + else + bash -c "$1" + fi +} installed_version="0.0.0~unknown" if [ -f /var/www/html/version.php ]; then @@ -25,28 +32,25 @@ fi if version_greater "$image_version" "$installed_version"; then if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before + run_as 'php /var/www/html/occ app:list' > /tmp/list_before fi - rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ - - for dir in config data themes; do + if [[ $EUID -eq 0 ]]; then + rsync_options="-rlDog --chown www-data:root" + else + rsync_options="-rlD" + fi + rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ + + for dir in config data custom_apps themes; do if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then - cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" + rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/ fi done - if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then - cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php - fi - - if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then - cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps - fi - if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' + run_as 'php /var/www/html/occ upgrade --no-app-disable' - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after + run_as 'php /var/www/html/occ app:list' > /tmp/list_after echo "The following apps have beed disabled:" diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 rm -f /tmp/list_before /tmp/list_after diff --git a/12.0/apache/Dockerfile b/12.0/apache/Dockerfile index d742d9c..9032b0a 100644 --- a/12.0/apache/Dockerfile +++ b/12.0/apache/Dockerfile @@ -43,9 +43,10 @@ RUN set -ex \ RUN a2enmod rewrite ENV NEXTCLOUD_VERSION 12.0.2 -VOLUME /var/www/html -COPY config/* /usr/src/nextcloud/config/ +RUN chown -R www-data:root /var/www/html && \ + chmod -R g=u /var/www/html +VOLUME /var/www/html RUN curl -fsSL -o nextcloud.tar.bz2 \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ @@ -59,19 +60,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && rm nextcloud.tar.bz2 \ && rm -rf /usr/src/nextcloud/updater \ - # https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions && mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/custom_apps \ - && find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \ - && find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \ - && chown -R root:www-data /usr/src/nextcloud/ \ - && chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \ - && chown -R www-data:www-data /usr/src/nextcloud/config/ \ - && chown -R www-data:www-data /usr/src/nextcloud/data/ \ - && chown -R www-data:www-data /usr/src/nextcloud/themes/ \ && chmod +x /usr/src/nextcloud/occ COPY docker-entrypoint.sh /entrypoint.sh +COPY config/* /usr/src/nextcloud/config/ ENTRYPOINT ["/entrypoint.sh"] CMD ["apache2-foreground"] diff --git a/12.0/apache/docker-entrypoint.sh b/12.0/apache/docker-entrypoint.sh index f073581..9298bb4 100755 --- a/12.0/apache/docker-entrypoint.sh +++ b/12.0/apache/docker-entrypoint.sh @@ -11,6 +11,13 @@ function directory_empty() { [ -n "$(find "$1"/ -prune -empty)" ] } +function run_as() { + if [[ $EUID -eq 0 ]]; then + su - www-data -s /bin/bash -c "$1" + else + bash -c "$1" + fi +} installed_version="0.0.0~unknown" if [ -f /var/www/html/version.php ]; then @@ -25,28 +32,25 @@ fi if version_greater "$image_version" "$installed_version"; then if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before + run_as 'php /var/www/html/occ app:list' > /tmp/list_before fi - rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ - - for dir in config data themes; do + if [[ $EUID -eq 0 ]]; then + rsync_options="-rlDog --chown www-data:root" + else + rsync_options="-rlD" + fi + rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ + + for dir in config data custom_apps themes; do if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then - cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" + rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/ fi done - if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then - cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php - fi - - if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then - cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps - fi - if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' + run_as 'php /var/www/html/occ upgrade --no-app-disable' - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after + run_as 'php /var/www/html/occ app:list' > /tmp/list_after echo "The following apps have beed disabled:" diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 rm -f /tmp/list_before /tmp/list_after diff --git a/12.0/fpm/Dockerfile b/12.0/fpm/Dockerfile index 02ef6f6..e0c75fd 100644 --- a/12.0/fpm/Dockerfile +++ b/12.0/fpm/Dockerfile @@ -41,9 +41,10 @@ RUN set -ex \ && docker-php-ext-enable apcu redis memcached ENV NEXTCLOUD_VERSION 12.0.2 -VOLUME /var/www/html -COPY config/* /usr/src/nextcloud/config/ +RUN chown -R www-data:root /var/www/html && \ + chmod -R g=u /var/www/html +VOLUME /var/www/html RUN curl -fsSL -o nextcloud.tar.bz2 \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ @@ -57,19 +58,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && rm nextcloud.tar.bz2 \ && rm -rf /usr/src/nextcloud/updater \ - # https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions && mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/custom_apps \ - && find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \ - && find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \ - && chown -R root:www-data /usr/src/nextcloud/ \ - && chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \ - && chown -R www-data:www-data /usr/src/nextcloud/config/ \ - && chown -R www-data:www-data /usr/src/nextcloud/data/ \ - && chown -R www-data:www-data /usr/src/nextcloud/themes/ \ && chmod +x /usr/src/nextcloud/occ COPY docker-entrypoint.sh /entrypoint.sh +COPY config/* /usr/src/nextcloud/config/ ENTRYPOINT ["/entrypoint.sh"] CMD ["php-fpm"] diff --git a/12.0/fpm/docker-entrypoint.sh b/12.0/fpm/docker-entrypoint.sh index f073581..9298bb4 100755 --- a/12.0/fpm/docker-entrypoint.sh +++ b/12.0/fpm/docker-entrypoint.sh @@ -11,6 +11,13 @@ function directory_empty() { [ -n "$(find "$1"/ -prune -empty)" ] } +function run_as() { + if [[ $EUID -eq 0 ]]; then + su - www-data -s /bin/bash -c "$1" + else + bash -c "$1" + fi +} installed_version="0.0.0~unknown" if [ -f /var/www/html/version.php ]; then @@ -25,28 +32,25 @@ fi if version_greater "$image_version" "$installed_version"; then if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before + run_as 'php /var/www/html/occ app:list' > /tmp/list_before fi - rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ - - for dir in config data themes; do + if [[ $EUID -eq 0 ]]; then + rsync_options="-rlDog --chown www-data:root" + else + rsync_options="-rlD" + fi + rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ + + for dir in config data custom_apps themes; do if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then - cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" + rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/ fi done - if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then - cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php - fi - - if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then - cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps - fi - if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' + run_as 'php /var/www/html/occ upgrade --no-app-disable' - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after + run_as 'php /var/www/html/occ app:list' > /tmp/list_after echo "The following apps have beed disabled:" diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 rm -f /tmp/list_before /tmp/list_after diff --git a/Dockerfile-php7.template b/Dockerfile-php7.template index d764607..fd15327 100644 --- a/Dockerfile-php7.template +++ b/Dockerfile-php7.template @@ -43,9 +43,10 @@ RUN set -ex \ RUN a2enmod rewrite ENV NEXTCLOUD_VERSION %%VERSION%% -VOLUME /var/www/html -COPY config/* /usr/src/nextcloud/config/ +RUN chown -R www-data:root /var/www/html && \ + chmod -R g=u /var/www/html +VOLUME /var/www/html RUN curl -fsSL -o nextcloud.tar.bz2 \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ @@ -59,19 +60,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && rm nextcloud.tar.bz2 \ && rm -rf /usr/src/nextcloud/updater \ - # https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions && mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/custom_apps \ - && find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \ - && find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \ - && chown -R root:www-data /usr/src/nextcloud/ \ - && chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \ - && chown -R www-data:www-data /usr/src/nextcloud/config/ \ - && chown -R www-data:www-data /usr/src/nextcloud/data/ \ - && chown -R www-data:www-data /usr/src/nextcloud/themes/ \ && chmod +x /usr/src/nextcloud/occ COPY docker-entrypoint.sh /entrypoint.sh +COPY config/* /usr/src/nextcloud/config/ ENTRYPOINT ["/entrypoint.sh"] CMD ["%%CMD%%"] diff --git a/Dockerfile.template b/Dockerfile.template index 53c7ee4..fbf9d62 100644 --- a/Dockerfile.template +++ b/Dockerfile.template @@ -42,9 +42,10 @@ RUN set -ex \ RUN a2enmod rewrite ENV NEXTCLOUD_VERSION %%VERSION%% -VOLUME /var/www/html -COPY config/* /usr/src/nextcloud/config/ +RUN chown -R www-data:root /var/www/html && \ + chmod -R g=u /var/www/html +VOLUME /var/www/html RUN curl -fsSL -o nextcloud.tar.bz2 \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ @@ -58,19 +59,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && rm nextcloud.tar.bz2 \ && rm -rf /usr/src/nextcloud/updater \ - # https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions && mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/custom_apps \ - && find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \ - && find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \ - && chown -R root:www-data /usr/src/nextcloud/ \ - && chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \ - && chown -R www-data:www-data /usr/src/nextcloud/config/ \ - && chown -R www-data:www-data /usr/src/nextcloud/data/ \ - && chown -R www-data:www-data /usr/src/nextcloud/themes/ \ && chmod +x /usr/src/nextcloud/occ COPY docker-entrypoint.sh /entrypoint.sh +COPY config/* /usr/src/nextcloud/config/ ENTRYPOINT ["/entrypoint.sh"] CMD ["%%CMD%%"] diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index f073581..9298bb4 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -11,6 +11,13 @@ function directory_empty() { [ -n "$(find "$1"/ -prune -empty)" ] } +function run_as() { + if [[ $EUID -eq 0 ]]; then + su - www-data -s /bin/bash -c "$1" + else + bash -c "$1" + fi +} installed_version="0.0.0~unknown" if [ -f /var/www/html/version.php ]; then @@ -25,28 +32,25 @@ fi if version_greater "$image_version" "$installed_version"; then if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before + run_as 'php /var/www/html/occ app:list' > /tmp/list_before fi - rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ - - for dir in config data themes; do + if [[ $EUID -eq 0 ]]; then + rsync_options="-rlDog --chown www-data:root" + else + rsync_options="-rlD" + fi + rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ + + for dir in config data custom_apps themes; do if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then - cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" + rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/ fi done - if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then - cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php - fi - - if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then - cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps - fi - if [ "$installed_version" != "0.0.0~unknown" ]; then - su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' + run_as 'php /var/www/html/occ upgrade --no-app-disable' - su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after + run_as 'php /var/www/html/occ app:list' > /tmp/list_after echo "The following apps have beed disabled:" diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 rm -f /tmp/list_before /tmp/list_after