Merge pull request #131 from tobru/dir_permissions

update directory permissions to be compatible with non-root
This commit is contained in:
Tilo Spannagel 2017-08-26 16:26:16 +02:00 committed by GitHub
commit 261f545fab
15 changed files with 165 additions and 185 deletions

View File

@ -42,9 +42,10 @@ RUN set -ex \
RUN a2enmod rewrite RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION 10.0.6 ENV NEXTCLOUD_VERSION 10.0.6
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/ RUN chown -R www-data:root /var/www/html && \
chmod -R g=u /var/www/html
VOLUME /var/www/html
RUN curl -fsSL -o nextcloud.tar.bz2 \ RUN curl -fsSL -o nextcloud.tar.bz2 \
"https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
@ -58,19 +59,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \ && rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \ && mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ && chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY config/* /usr/src/nextcloud/config/
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["apache2-foreground"] CMD ["apache2-foreground"]

View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ] [ -n "$(find "$1"/ -prune -empty)" ]
} }
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown" installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then if [ -f /var/www/html/version.php ]; then
@ -25,28 +32,25 @@ fi
if version_greater "$image_version" "$installed_version"; then if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ if [[ $EUID -eq 0 ]]; then
rsync_options="-rlDog --chown www-data:root"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do for dir in config data custom_apps themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/
fi fi
done done
if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
fi
if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:" echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after rm -f /tmp/list_before /tmp/list_after

View File

@ -40,9 +40,10 @@ RUN set -ex \
&& docker-php-ext-enable apcu redis memcached && docker-php-ext-enable apcu redis memcached
ENV NEXTCLOUD_VERSION 10.0.6 ENV NEXTCLOUD_VERSION 10.0.6
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/ RUN chown -R www-data:root /var/www/html && \
chmod -R g=u /var/www/html
VOLUME /var/www/html
RUN curl -fsSL -o nextcloud.tar.bz2 \ RUN curl -fsSL -o nextcloud.tar.bz2 \
"https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
@ -56,19 +57,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \ && rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \ && mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ && chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY config/* /usr/src/nextcloud/config/
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]

View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ] [ -n "$(find "$1"/ -prune -empty)" ]
} }
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown" installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then if [ -f /var/www/html/version.php ]; then
@ -25,28 +32,25 @@ fi
if version_greater "$image_version" "$installed_version"; then if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ if [[ $EUID -eq 0 ]]; then
rsync_options="-rlDog --chown www-data:root"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do for dir in config data custom_apps themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/
fi fi
done done
if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
fi
if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:" echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after rm -f /tmp/list_before /tmp/list_after

View File

@ -43,9 +43,10 @@ RUN set -ex \
RUN a2enmod rewrite RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION 11.0.4 ENV NEXTCLOUD_VERSION 11.0.4
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/ RUN chown -R www-data:root /var/www/html && \
chmod -R g=u /var/www/html
VOLUME /var/www/html
RUN curl -fsSL -o nextcloud.tar.bz2 \ RUN curl -fsSL -o nextcloud.tar.bz2 \
"https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
@ -59,19 +60,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \ && rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \ && mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ && chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY config/* /usr/src/nextcloud/config/
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["apache2-foreground"] CMD ["apache2-foreground"]

View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ] [ -n "$(find "$1"/ -prune -empty)" ]
} }
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown" installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then if [ -f /var/www/html/version.php ]; then
@ -25,28 +32,25 @@ fi
if version_greater "$image_version" "$installed_version"; then if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ if [[ $EUID -eq 0 ]]; then
rsync_options="-rlDog --chown www-data:root"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do for dir in config data custom_apps themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/
fi fi
done done
if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
fi
if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:" echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after rm -f /tmp/list_before /tmp/list_after

View File

@ -41,9 +41,10 @@ RUN set -ex \
&& docker-php-ext-enable apcu redis memcached && docker-php-ext-enable apcu redis memcached
ENV NEXTCLOUD_VERSION 11.0.4 ENV NEXTCLOUD_VERSION 11.0.4
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/ RUN chown -R www-data:root /var/www/html && \
chmod -R g=u /var/www/html
VOLUME /var/www/html
RUN curl -fsSL -o nextcloud.tar.bz2 \ RUN curl -fsSL -o nextcloud.tar.bz2 \
"https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
@ -57,19 +58,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \ && rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \ && mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ && chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY config/* /usr/src/nextcloud/config/
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]

View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ] [ -n "$(find "$1"/ -prune -empty)" ]
} }
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown" installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then if [ -f /var/www/html/version.php ]; then
@ -25,28 +32,25 @@ fi
if version_greater "$image_version" "$installed_version"; then if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ if [[ $EUID -eq 0 ]]; then
rsync_options="-rlDog --chown www-data:root"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do for dir in config data custom_apps themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/
fi fi
done done
if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
fi
if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:" echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after rm -f /tmp/list_before /tmp/list_after

View File

@ -43,9 +43,10 @@ RUN set -ex \
RUN a2enmod rewrite RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION 12.0.2 ENV NEXTCLOUD_VERSION 12.0.2
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/ RUN chown -R www-data:root /var/www/html && \
chmod -R g=u /var/www/html
VOLUME /var/www/html
RUN curl -fsSL -o nextcloud.tar.bz2 \ RUN curl -fsSL -o nextcloud.tar.bz2 \
"https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
@ -59,19 +60,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \ && rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \ && mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ && chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY config/* /usr/src/nextcloud/config/
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["apache2-foreground"] CMD ["apache2-foreground"]

View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ] [ -n "$(find "$1"/ -prune -empty)" ]
} }
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown" installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then if [ -f /var/www/html/version.php ]; then
@ -25,28 +32,25 @@ fi
if version_greater "$image_version" "$installed_version"; then if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ if [[ $EUID -eq 0 ]]; then
rsync_options="-rlDog --chown www-data:root"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do for dir in config data custom_apps themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/
fi fi
done done
if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
fi
if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:" echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after rm -f /tmp/list_before /tmp/list_after

View File

@ -41,9 +41,10 @@ RUN set -ex \
&& docker-php-ext-enable apcu redis memcached && docker-php-ext-enable apcu redis memcached
ENV NEXTCLOUD_VERSION 12.0.2 ENV NEXTCLOUD_VERSION 12.0.2
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/ RUN chown -R www-data:root /var/www/html && \
chmod -R g=u /var/www/html
VOLUME /var/www/html
RUN curl -fsSL -o nextcloud.tar.bz2 \ RUN curl -fsSL -o nextcloud.tar.bz2 \
"https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
@ -57,19 +58,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \ && rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \ && mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ && chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY config/* /usr/src/nextcloud/config/
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"] CMD ["php-fpm"]

View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ] [ -n "$(find "$1"/ -prune -empty)" ]
} }
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown" installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then if [ -f /var/www/html/version.php ]; then
@ -25,28 +32,25 @@ fi
if version_greater "$image_version" "$installed_version"; then if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ if [[ $EUID -eq 0 ]]; then
rsync_options="-rlDog --chown www-data:root"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do for dir in config data custom_apps themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/
fi fi
done done
if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
fi
if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:" echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after rm -f /tmp/list_before /tmp/list_after

View File

@ -43,9 +43,10 @@ RUN set -ex \
RUN a2enmod rewrite RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION %%VERSION%% ENV NEXTCLOUD_VERSION %%VERSION%%
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/ RUN chown -R www-data:root /var/www/html && \
chmod -R g=u /var/www/html
VOLUME /var/www/html
RUN curl -fsSL -o nextcloud.tar.bz2 \ RUN curl -fsSL -o nextcloud.tar.bz2 \
"https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
@ -59,19 +60,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \ && rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \ && mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ && chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY config/* /usr/src/nextcloud/config/
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["%%CMD%%"] CMD ["%%CMD%%"]

View File

@ -42,9 +42,10 @@ RUN set -ex \
RUN a2enmod rewrite RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION %%VERSION%% ENV NEXTCLOUD_VERSION %%VERSION%%
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/ RUN chown -R www-data:root /var/www/html && \
chmod -R g=u /var/www/html
VOLUME /var/www/html
RUN curl -fsSL -o nextcloud.tar.bz2 \ RUN curl -fsSL -o nextcloud.tar.bz2 \
"https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ "https://download.nextcloud.com/server/releases/nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
@ -58,19 +59,12 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \ && tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \ && rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \ && rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \ && mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \ && mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ && chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh COPY docker-entrypoint.sh /entrypoint.sh
COPY config/* /usr/src/nextcloud/config/
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["%%CMD%%"] CMD ["%%CMD%%"]

View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ] [ -n "$(find "$1"/ -prune -empty)" ]
} }
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown" installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then if [ -f /var/www/html/version.php ]; then
@ -25,28 +32,25 @@ fi
if version_greater "$image_version" "$installed_version"; then if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/ if [[ $EUID -eq 0 ]]; then
rsync_options="-rlDog --chown www-data:root"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do for dir in config data custom_apps themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir" rsync $rsync_options --include /"$dir"/ --exclude '/*' /usr/src/nextcloud/ /var/www/html/
fi fi
done done
if [ ! -d /var/www/html/custom_apps ] && [ ! -f /var/www/html/config/apps.config.php ]; then
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
fi
if [ ! -d /var/www/html/custom_apps ] || directory_empty /var/www/html/custom_apps; then
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable' run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:" echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1 diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after rm -f /tmp/list_before /tmp/list_after