adphi/Nextcloud-Docker
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update directory permissions to be compatible with non-root

Browse Source 
This commit updates the directory permissions to be more compatible when
running the image without root f.e. on OpenShift or when specifying it
when running with `docker run --user www-data:root ...`.
It adds detection logic to the entrypoint script as sudo is not always
allowed.

This change in directory permissions was also proposed by the official
documentation, see https://github.com/nextcloud/documentation/commit/22e2530.

The `chown` before the volume definition is needed to prepare the volume
as it inherits the permissions.

refs https://github.com/nextcloud/docker/issues/107
This commit is contained in:
Tobias Brunner 2017-07-17 21:35:16 +02:00 committed by Tilo Spannagel
parent 2220249a20
commit bd3fc10d7d
No known key found for this signature in database
GPG Key ID: B89F1626A58E1429
15 changed files with 135 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
10.0/apache/Dockerfile
View File

@ -42,6 +42,8 @@ RUN set -ex \
RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION 10.0.6
RUN chown -R www-data:root /var/www/html
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/
@ -58,16 +60,8 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh

22
10.0/apache/docker-entrypoint.sh
View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ]
}
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then
@ -25,10 +32,15 @@ fi
if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before
run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
if [[ $EUID -eq 0 ]]; then
rsync_options=-a
else
rsync_options=-rlD
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir"
@ -44,9 +56,9 @@ if version_greater "$image_version" "$installed_version"; then
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after
run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after

10
10.0/fpm/Dockerfile
View File

@ -40,6 +40,8 @@ RUN set -ex \
&& docker-php-ext-enable apcu redis memcached
ENV NEXTCLOUD_VERSION 10.0.6
RUN chown -R www-data:root /var/www/html
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/
@ -56,16 +58,8 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh

22
10.0/fpm/docker-entrypoint.sh
View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ]
}
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then
@ -25,10 +32,15 @@ fi
if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before
run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
if [[ $EUID -eq 0 ]]; then
rsync_options=-a
else
rsync_options=-rlD
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir"
@ -44,9 +56,9 @@ if version_greater "$image_version" "$installed_version"; then
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after
run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after

10
11.0/apache/Dockerfile
View File

@ -43,6 +43,8 @@ RUN set -ex \
RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION 11.0.4
RUN chown -R www-data:root /var/www/html
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/
@ -59,16 +61,8 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh

22
11.0/apache/docker-entrypoint.sh
View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ]
}
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then
@ -25,10 +32,15 @@ fi
if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before
run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
if [[ $EUID -eq 0 ]]; then
rsync_options=-a
else
rsync_options=-rlD
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir"
@ -44,9 +56,9 @@ if version_greater "$image_version" "$installed_version"; then
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after
run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after

10
11.0/fpm/Dockerfile
View File

@ -41,6 +41,8 @@ RUN set -ex \
&& docker-php-ext-enable apcu redis memcached
ENV NEXTCLOUD_VERSION 11.0.4
RUN chown -R www-data:root /var/www/html
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/
@ -57,16 +59,8 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh

22
11.0/fpm/docker-entrypoint.sh
View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ]
}
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then
@ -25,10 +32,15 @@ fi
if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before
run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
if [[ $EUID -eq 0 ]]; then
rsync_options=-a
else
rsync_options=-rlD
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir"
@ -44,9 +56,9 @@ if version_greater "$image_version" "$installed_version"; then
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after
run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after

10
12.0/apache/Dockerfile
View File

@ -43,6 +43,8 @@ RUN set -ex \
RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION 12.0.2
RUN chown -R www-data:root /var/www/html
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/
@ -59,16 +61,8 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh

22
12.0/apache/docker-entrypoint.sh
View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ]
}
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then
@ -25,10 +32,15 @@ fi
if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before
run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
if [[ $EUID -eq 0 ]]; then
rsync_options=-a
else
rsync_options=-rlD
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir"
@ -44,9 +56,9 @@ if version_greater "$image_version" "$installed_version"; then
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after
run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after

10
12.0/fpm/Dockerfile
View File

@ -41,6 +41,8 @@ RUN set -ex \
&& docker-php-ext-enable apcu redis memcached
ENV NEXTCLOUD_VERSION 12.0.2
RUN chown -R www-data:root /var/www/html
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/
@ -57,16 +59,8 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh

22
12.0/fpm/docker-entrypoint.sh
View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ]
}
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then
@ -25,10 +32,15 @@ fi
if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before
run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
if [[ $EUID -eq 0 ]]; then
rsync_options=-a
else
rsync_options=-rlD
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir"
@ -44,9 +56,9 @@ if version_greater "$image_version" "$installed_version"; then
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after
run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after

10
Dockerfile-php7.template
View File

@ -43,6 +43,8 @@ RUN set -ex \
RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION %%VERSION%%
RUN chown -R www-data:root /var/www/html
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/
@ -59,16 +61,8 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh

10
Dockerfile.template
View File

@ -42,6 +42,8 @@ RUN set -ex \
RUN a2enmod rewrite
ENV NEXTCLOUD_VERSION %%VERSION%%
RUN chown -R www-data:root /var/www/html
VOLUME /var/www/html
COPY config/* /usr/src/nextcloud/config/
@ -58,16 +60,8 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
&& rm nextcloud.tar.bz2 \
&& rm -rf /usr/src/nextcloud/updater \
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
&& mkdir -p /usr/src/nextcloud/data \
&& mkdir -p /usr/src/nextcloud/custom_apps \
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
&& chown -R root:www-data /usr/src/nextcloud/ \
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
&& chmod +x /usr/src/nextcloud/occ
COPY docker-entrypoint.sh /entrypoint.sh

22
docker-entrypoint.sh
View File

@ -11,6 +11,13 @@ function directory_empty() {
[ -n "$(find "$1"/ -prune -empty)" ]
}
function run_as() {
if [[ $EUID -eq 0 ]]; then
su - www-data -s /bin/bash -c "$1"
else
bash -c "$1"
fi
}
installed_version="0.0.0~unknown"
if [ -f /var/www/html/version.php ]; then
@ -25,10 +32,15 @@ fi
if version_greater "$image_version" "$installed_version"; then
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_before
run_as 'php /var/www/html/occ app:list' > /tmp/list_before
fi
rsync -a --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
if [[ $EUID -eq 0 ]]; then
rsync_options=-a
else
rsync_options=-rlD
fi
rsync $rsync_options --delete --exclude /config/ --exclude /data/ --exclude /custom_apps/ --exclude /themes/ /usr/src/nextcloud/ /var/www/html/
for dir in config data themes; do
if [ ! -d /var/www/html/"$dir" ] || directory_empty /var/www/html/"$dir"; then
cp -arT /usr/src/nextcloud/"$dir" /var/www/html/"$dir"
@ -44,9 +56,9 @@ if version_greater "$image_version" "$installed_version"; then
fi
if [ "$installed_version" != "0.0.0~unknown" ]; then
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
run_as 'php /var/www/html/occ upgrade --no-app-disable'
su - www-data -s /bin/bash -c 'php /var/www/html/occ app:list' > /tmp/list_after
run_as 'php /var/www/html/occ app:list' > /tmp/list_after
echo "The following apps have beed disabled:"
diff <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_before) <(sed -n "/Enabled:/,/Disabled:/p" /tmp/list_after) | grep '<' | cut -d- -f2 | cut -d: -f1
rm -f /tmp/list_before /tmp/list_after