strong permissions
This commit is contained in:
Tilo Spannagel
parent
201d934bb6
commit
d253cc1171
@ -54,7 +54,18 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf /usr/src/nextcloud/updater
|
||||
&& rm -rf /usr/src/nextcloud/updater \
|
||||
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
|
||||
&& mkdir -p /usr/src/nextcloud/data \
|
||||
&& mkdir -p /usr/src/nextcloud/custom_apps \
|
||||
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
|
||||
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
|
||||
&& chown -R root:www-data /usr/src/nextcloud/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
|
||||
&& chmod +x /usr/src/nextcloud/occ
|
||||
|
||||
COPY docker-entrypoint.sh /entrypoint.sh
|
||||
COPY apps.config.php /usr/src/nextcloud/config/apps.config.php
|
||||
|
||||
@ -28,9 +28,14 @@ if version_greater "$image_version" "$installed_version"; then
|
||||
cp -arT /usr/src/nextcloud/config /var/www/html/config
|
||||
fi
|
||||
|
||||
mkdir -p /var/www/html/custom_apps
|
||||
if [ ! -d /var/www/html/data ]; then
|
||||
cp -arT /usr/src/nextcloud/data /var/www/html/data
|
||||
fi
|
||||
|
||||
chown -R www-data /var/www/html
|
||||
if [ ! -d /var/www/html/custom_apps ]; then
|
||||
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
|
||||
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
|
||||
fi
|
||||
|
||||
if [ "$installed_version" != "0.0.0~unknown" ]; then
|
||||
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
|
||||
|
||||
@ -52,7 +52,18 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf /usr/src/nextcloud/updater
|
||||
&& rm -rf /usr/src/nextcloud/updater \
|
||||
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
|
||||
&& mkdir -p /usr/src/nextcloud/data \
|
||||
&& mkdir -p /usr/src/nextcloud/custom_apps \
|
||||
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
|
||||
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
|
||||
&& chown -R root:www-data /usr/src/nextcloud/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
|
||||
&& chmod +x /usr/src/nextcloud/occ
|
||||
|
||||
COPY docker-entrypoint.sh /entrypoint.sh
|
||||
COPY apps.config.php /usr/src/nextcloud/config/apps.config.php
|
||||
|
||||
@ -28,9 +28,14 @@ if version_greater "$image_version" "$installed_version"; then
|
||||
cp -arT /usr/src/nextcloud/config /var/www/html/config
|
||||
fi
|
||||
|
||||
mkdir -p /var/www/html/custom_apps
|
||||
if [ ! -d /var/www/html/data ]; then
|
||||
cp -arT /usr/src/nextcloud/data /var/www/html/data
|
||||
fi
|
||||
|
||||
chown -R www-data /var/www/html
|
||||
if [ ! -d /var/www/html/custom_apps ]; then
|
||||
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
|
||||
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
|
||||
fi
|
||||
|
||||
if [ "$installed_version" != "0.0.0~unknown" ]; then
|
||||
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
|
||||
|
||||
@ -54,7 +54,18 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf /usr/src/nextcloud/updater
|
||||
&& rm -rf /usr/src/nextcloud/updater \
|
||||
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
|
||||
&& mkdir -p /usr/src/nextcloud/data \
|
||||
&& mkdir -p /usr/src/nextcloud/custom_apps \
|
||||
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
|
||||
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
|
||||
&& chown -R root:www-data /usr/src/nextcloud/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
|
||||
&& chmod +x /usr/src/nextcloud/occ
|
||||
|
||||
COPY docker-entrypoint.sh /entrypoint.sh
|
||||
COPY apps.config.php /usr/src/nextcloud/config/apps.config.php
|
||||
|
||||
@ -28,9 +28,14 @@ if version_greater "$image_version" "$installed_version"; then
|
||||
cp -arT /usr/src/nextcloud/config /var/www/html/config
|
||||
fi
|
||||
|
||||
mkdir -p /var/www/html/custom_apps
|
||||
if [ ! -d /var/www/html/data ]; then
|
||||
cp -arT /usr/src/nextcloud/data /var/www/html/data
|
||||
fi
|
||||
|
||||
chown -R www-data /var/www/html
|
||||
if [ ! -d /var/www/html/custom_apps ]; then
|
||||
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
|
||||
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
|
||||
fi
|
||||
|
||||
if [ "$installed_version" != "0.0.0~unknown" ]; then
|
||||
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
|
||||
|
||||
@ -52,7 +52,18 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf /usr/src/nextcloud/updater
|
||||
&& rm -rf /usr/src/nextcloud/updater \
|
||||
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
|
||||
&& mkdir -p /usr/src/nextcloud/data \
|
||||
&& mkdir -p /usr/src/nextcloud/custom_apps \
|
||||
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
|
||||
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
|
||||
&& chown -R root:www-data /usr/src/nextcloud/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
|
||||
&& chmod +x /usr/src/nextcloud/occ
|
||||
|
||||
COPY docker-entrypoint.sh /entrypoint.sh
|
||||
COPY apps.config.php /usr/src/nextcloud/config/apps.config.php
|
||||
|
||||
@ -28,9 +28,14 @@ if version_greater "$image_version" "$installed_version"; then
|
||||
cp -arT /usr/src/nextcloud/config /var/www/html/config
|
||||
fi
|
||||
|
||||
mkdir -p /var/www/html/custom_apps
|
||||
if [ ! -d /var/www/html/data ]; then
|
||||
cp -arT /usr/src/nextcloud/data /var/www/html/data
|
||||
fi
|
||||
|
||||
chown -R www-data /var/www/html
|
||||
if [ ! -d /var/www/html/custom_apps ]; then
|
||||
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
|
||||
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
|
||||
fi
|
||||
|
||||
if [ "$installed_version" != "0.0.0~unknown" ]; then
|
||||
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
|
||||
|
||||
@ -54,7 +54,22 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf /usr/src/nextcloud/updater
|
||||
&& rm -rf /usr/src/nextcloud/updater \
|
||||
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
|
||||
&& mkdir -p /usr/src/nextcloud/data \
|
||||
&& mkdir -p /usr/src/nextcloud/custom_apps \
|
||||
# only used in nextcloud 9 (assets)
|
||||
&& mkdir -p /usr/src/nextcloud/assets \
|
||||
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
|
||||
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
|
||||
&& chown -R root:www-data /usr/src/nextcloud/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
|
||||
# only used in nextcloud 9 (assets)
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/assets/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
|
||||
&& chmod +x /usr/src/nextcloud/occ
|
||||
|
||||
COPY docker-entrypoint.sh /entrypoint.sh
|
||||
COPY apps.config.php /usr/src/nextcloud/config/apps.config.php
|
||||
|
||||
@ -28,9 +28,14 @@ if version_greater "$image_version" "$installed_version"; then
|
||||
cp -arT /usr/src/nextcloud/config /var/www/html/config
|
||||
fi
|
||||
|
||||
mkdir -p /var/www/html/custom_apps
|
||||
if [ ! -d /var/www/html/data ]; then
|
||||
cp -arT /usr/src/nextcloud/data /var/www/html/data
|
||||
fi
|
||||
|
||||
chown -R www-data /var/www/html
|
||||
if [ ! -d /var/www/html/custom_apps ]; then
|
||||
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
|
||||
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
|
||||
fi
|
||||
|
||||
if [ "$installed_version" != "0.0.0~unknown" ]; then
|
||||
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
|
||||
|
||||
@ -52,7 +52,22 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf /usr/src/nextcloud/updater
|
||||
&& rm -rf /usr/src/nextcloud/updater \
|
||||
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
|
||||
&& mkdir -p /usr/src/nextcloud/data \
|
||||
&& mkdir -p /usr/src/nextcloud/custom_apps \
|
||||
# only used in nextcloud 9 (assets)
|
||||
&& mkdir -p /usr/src/nextcloud/assets \
|
||||
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
|
||||
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
|
||||
&& chown -R root:www-data /usr/src/nextcloud/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
|
||||
# only used in nextcloud 9 (assets)
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/assets/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
|
||||
&& chmod +x /usr/src/nextcloud/occ
|
||||
|
||||
COPY docker-entrypoint.sh /entrypoint.sh
|
||||
COPY apps.config.php /usr/src/nextcloud/config/apps.config.php
|
||||
|
||||
@ -28,9 +28,14 @@ if version_greater "$image_version" "$installed_version"; then
|
||||
cp -arT /usr/src/nextcloud/config /var/www/html/config
|
||||
fi
|
||||
|
||||
mkdir -p /var/www/html/custom_apps
|
||||
if [ ! -d /var/www/html/data ]; then
|
||||
cp -arT /usr/src/nextcloud/data /var/www/html/data
|
||||
fi
|
||||
|
||||
chown -R www-data /var/www/html
|
||||
if [ ! -d /var/www/html/custom_apps ]; then
|
||||
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
|
||||
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
|
||||
fi
|
||||
|
||||
if [ "$installed_version" != "0.0.0~unknown" ]; then
|
||||
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
|
||||
|
||||
@ -54,7 +54,22 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf /usr/src/nextcloud/updater
|
||||
&& rm -rf /usr/src/nextcloud/updater \
|
||||
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
|
||||
&& mkdir -p /usr/src/nextcloud/data \
|
||||
&& mkdir -p /usr/src/nextcloud/custom_apps \
|
||||
# only used in nextcloud 9 (assets)
|
||||
&& mkdir -p /usr/src/nextcloud/assets \
|
||||
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
|
||||
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
|
||||
&& chown -R root:www-data /usr/src/nextcloud/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
|
||||
# only used in nextcloud 9 (assets)
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/assets/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
|
||||
&& chmod +x /usr/src/nextcloud/occ
|
||||
|
||||
COPY docker-entrypoint.sh /entrypoint.sh
|
||||
COPY apps.config.php /usr/src/nextcloud/config/apps.config.php
|
||||
|
||||
@ -54,7 +54,22 @@ RUN curl -fsSL -o nextcloud.tar.bz2 \
|
||||
&& rm -r "$GNUPGHOME" nextcloud.tar.bz2.asc \
|
||||
&& tar -xjf nextcloud.tar.bz2 -C /usr/src/ \
|
||||
&& rm nextcloud.tar.bz2 \
|
||||
&& rm -rf /usr/src/nextcloud/updater
|
||||
&& rm -rf /usr/src/nextcloud/updater \
|
||||
# https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#setting-strong-directory-permissions
|
||||
&& mkdir -p /usr/src/nextcloud/data \
|
||||
&& mkdir -p /usr/src/nextcloud/custom_apps \
|
||||
# only used in nextcloud 9 (assets)
|
||||
&& mkdir -p /usr/src/nextcloud/assets \
|
||||
&& find /usr/src/nextcloud/ -type f -print0 | xargs -0 chmod 0640 \
|
||||
&& find /usr/src/nextcloud/ -type d -print0 | xargs -0 chmod 0750 \
|
||||
&& chown -R root:www-data /usr/src/nextcloud/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/custom_apps/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/config/ \
|
||||
# only used in nextcloud 9 (assets)
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/assets/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/data/ \
|
||||
&& chown -R www-data:www-data /usr/src/nextcloud/themes/ \
|
||||
&& chmod +x /usr/src/nextcloud/occ
|
||||
|
||||
COPY docker-entrypoint.sh /entrypoint.sh
|
||||
COPY apps.config.php /usr/src/nextcloud/config/apps.config.php
|
||||
|
||||
@ -28,9 +28,14 @@ if version_greater "$image_version" "$installed_version"; then
|
||||
cp -arT /usr/src/nextcloud/config /var/www/html/config
|
||||
fi
|
||||
|
||||
mkdir -p /var/www/html/custom_apps
|
||||
if [ ! -d /var/www/html/data ]; then
|
||||
cp -arT /usr/src/nextcloud/data /var/www/html/data
|
||||
fi
|
||||
|
||||
chown -R www-data /var/www/html
|
||||
if [ ! -d /var/www/html/custom_apps ]; then
|
||||
cp -arT /usr/src/nextcloud/custom_apps /var/www/html/custom_apps
|
||||
cp -a /usr/src/nextcloud/config/apps.config.php /var/www/html/config/apps.config.php
|
||||
fi
|
||||
|
||||
if [ "$installed_version" != "0.0.0~unknown" ]; then
|
||||
su - www-data -s /bin/bash -c 'php /var/www/html/occ upgrade --no-app-disable'
|
||||
|
||||
@ -43,6 +43,11 @@ for latest in "${latests[@]}"; do
|
||||
sed -ri -e '/a2enmod/d' "$version/$variant/Dockerfile"
|
||||
fi
|
||||
|
||||
# Remove the assets folder if version >= 10.0
|
||||
if version_greater_or_equal "$version" "10.0"; then
|
||||
sed -ri -e '/assets/d' "$version/$variant/Dockerfile"
|
||||
fi
|
||||
|
||||
# Copy the docker-entrypoint.
|
||||
cp docker-entrypoint.sh "$version/$variant/docker-entrypoint.sh"
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user