From 4038c60588f936476d2c3712d1faf79daec3f807 Mon Sep 17 00:00:00 2001 From: GitHub Workflow Date: Fri, 1 Mar 2024 17:35:50 +0000 Subject: [PATCH] Repo-sync --- Containers/clamav/Dockerfile | 2 +- Containers/collabora/Dockerfile | 2 +- Containers/docker-socket-proxy/Dockerfile | 2 +- Containers/fulltextsearch/Dockerfile | 2 +- Containers/imaginary/Dockerfile | 2 +- Containers/nextcloud/Dockerfile | 16 ++++-- Containers/nextcloud/entrypoint.sh | 31 +++++++---- Containers/onlyoffice/Dockerfile | 2 +- manual-install/latest.yml | 24 +++++++++ migration.md | 3 +- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../nextcloud-aio-apache-deployment.yaml | 9 ++-- ...loud-aio-apache-persistentvolumeclaim.yaml | 2 +- .../nextcloud-aio-apache-service.yaml | 4 +- .../nextcloud-aio-clamav-deployment.yaml | 8 +-- ...loud-aio-clamav-persistentvolumeclaim.yaml | 2 +- .../nextcloud-aio-clamav-service.yaml | 4 +- .../nextcloud-aio-collabora-deployment.yaml | 8 +-- .../nextcloud-aio-collabora-service.yaml | 4 +- .../nextcloud-aio-database-deployment.yaml | 8 +-- ...o-database-dump-persistentvolumeclaim.yaml | 2 +- ...ud-aio-database-persistentvolumeclaim.yaml | 2 +- .../nextcloud-aio-database-service.yaml | 4 +- ...o-elasticsearch-persistentvolumeclaim.yaml | 4 +- ...xtcloud-aio-fulltextsearch-deployment.yaml | 8 +-- .../nextcloud-aio-fulltextsearch-service.yaml | 4 +- .../nextcloud-aio-imaginary-deployment.yaml | 8 +-- .../nextcloud-aio-imaginary-service.yaml | 4 +- .../nextcloud-aio-namespace-namespace.yaml | 4 +- ...-nextcloud-data-persistentvolumeclaim.yaml | 2 +- .../nextcloud-aio-nextcloud-deployment.yaml | 9 ++-- ...d-aio-nextcloud-persistentvolumeclaim.yaml | 2 +- .../nextcloud-aio-nextcloud-service.yaml | 4 +- ...trusted-cacerts-persistentvolumeclaim.yaml | 2 +- .../nextcloud-aio-notify-push-deployment.yaml | 8 +-- .../nextcloud-aio-notify-push-service.yaml | 4 +- .../nextcloud-aio-onlyoffice-deployment.yaml | 8 +-- ...-aio-onlyoffice-persistentvolumeclaim.yaml | 2 +- .../nextcloud-aio-onlyoffice-service.yaml | 4 +- .../nextcloud-aio-redis-deployment.yaml | 8 +-- ...cloud-aio-redis-persistentvolumeclaim.yaml | 2 +- .../nextcloud-aio-redis-service.yaml | 4 +- .../nextcloud-aio-talk-deployment.yaml | 8 +-- ...xtcloud-aio-talk-recording-deployment.yaml | 8 +-- .../nextcloud-aio-talk-recording-service.yaml | 4 +- .../templates/nextcloud-aio-talk-service.yaml | 8 +-- nextcloud-aio-helm-chart/update-helm.sh | 8 ++- php/containers-schema.json | 7 +++ php/containers.json | 54 +++++++++++++++++-- php/psalm-baseline.xml | 2 +- php/templates/containers.twig | 2 +- readme.md | 2 +- 52 files changed, 221 insertions(+), 118 deletions(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 29862480..49c23314 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from this file: https://github.com/Cisco-Talos/clamav-docker/blob/main/clamav/1.1/alpine/Dockerfile -FROM clamav/clamav:1.3.0-39 +FROM clamav/clamav:1.3.0-40 COPY clamav.conf /tmp/clamav.conf diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 77482a8e..b067bc77 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker -FROM collabora/code:23.05.9.1.1 +FROM collabora/code:23.05.9.2.1 USER root diff --git a/Containers/docker-socket-proxy/Dockerfile b/Containers/docker-socket-proxy/Dockerfile index 10396e27..2f2b23a8 100644 --- a/Containers/docker-socket-proxy/Dockerfile +++ b/Containers/docker-socket-proxy/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM haproxy:2.9.5-alpine3.19 +FROM haproxy:2.9.6-alpine3.19 # hadolint ignore=DL3002 USER root diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index f0357035..d1fe922f 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # Probably from here https://github.com/elastic/elasticsearch/blob/main/distribution/docker/src/docker/Dockerfile -FROM elasticsearch:8.12.1 +FROM elasticsearch:8.12.2 USER root diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index d27cebe0..07dd487a 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:latest FROM golang:1.22.0-alpine3.18 as go -ENV IMAGINARY_HASH 6cd9edd1d3fb151eb773c14552886e4fc8e50138 +ENV IMAGINARY_HASH 6cd9edd1d3fb151eb773c14552886e4fc8e50138 RUN set -ex; \ apk add --no-cache \ diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index c2adcaaf..f88197e6 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -4,14 +4,18 @@ FROM php:8.1.27-fpm-alpine3.19 ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 10G ENV PHP_MAX_TIME 3600 -ENV NEXTCLOUD_VERSION 27.1.5 +ENV SOURCE_LOCATION /usr/src/nextcloud + +# AIO settings start # Do not remove or change this line! +ENV NEXTCLOUD_VERSION 27.1.7 ENV AIO_TOKEN 123456 ENV AIO_URL localhost +COPY supervisord.conf /supervisord.conf +# AIO settings end # Do not remove or change this line! COPY --chmod=775 *.sh / COPY --chmod=774 upgrade.exclude /upgrade.exclude COPY config/*.php / -COPY supervisord.conf /supervisord.conf VOLUME /mnt/ncdata VOLUME /var/www/html @@ -116,6 +120,7 @@ RUN set -ex; \ chown -R www-data:root /var/www; \ chmod -R g=u /var/www; \ \ +# Download Nextcloud archive start # Do not remove or change this line! apk add --no-cache --virtual .fetch-deps \ bzip2 \ gnupg \ @@ -136,8 +141,9 @@ RUN set -ex; \ mkdir -p /usr/src/nextcloud/custom_apps; \ chmod +x /usr/src/nextcloud/occ; \ mkdir -p /usr/src/nextcloud/config; \ - mv /*.php /usr/src/nextcloud/config/; \ apk del .fetch-deps; \ +# Download Nextcloud archive end # Do not remove or change this line! + mv /*.php /usr/src/nextcloud/config/; \ \ # Template from https://github.com/nextcloud/docker/blob/master/.examples/dockerfiles/full/fpm-alpine/Dockerfile apk add --no-cache \ @@ -205,18 +211,20 @@ RUN set -ex; \ sed -i 's/^pm.max_children =.*/pm.max_children = 5000/' /usr/local/etc/php-fpm.d/www.conf; \ sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf; \ \ +# AIO cloning start # Do not remove or change this line! rm -rf /tmp/nextcloud-aio && \ mkdir -p /tmp/nextcloud-aio && \ cd /tmp/nextcloud-aio && \ git clone https://github.com/nextcloud-releases/all-in-one.git --depth 1 .; \ mkdir -p /usr/src/nextcloud/apps/nextcloud-aio; \ cp -r ./app/* /usr/src/nextcloud/apps/nextcloud-aio/; \ +# AIO cloning end # Do not remove or change this line! \ chown www-data:root -R /usr/src && \ chown www-data:root -R /usr/local/etc/php/conf.d && \ chown www-data:root -R /usr/local/etc/php-fpm.d && \ chmod -R 777 /tmp; \ - rm -r /usr/src/nextcloud/apps/updatenotification; \ + rm -rf /usr/src/nextcloud/apps/updatenotification; \ \ mkdir -p /nc-updater; \ chown -R www-data:www-data /nc-updater; \ diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index c2dbebed..9e356b07 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -55,9 +55,9 @@ if [ -f /var/www/html/version.php ]; then else installed_version="0.0.0.0" fi -if [ -f "/usr/src/nextcloud/version.php" ]; then +if [ -f "$SOURCE_LOCATION/version.php" ]; then # shellcheck disable=SC2016 - image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')" + image_version="$(php -r "require '$SOURCE_LOCATION/version.php'; echo implode('.', \$OC_Version);")" else image_version="$installed_version" fi @@ -106,6 +106,8 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then fi if [ "$installed_version" != "0.0.0.0" ] && [ "$((IMAGE_MAJOR - INSTALLED_MAJOR))" -gt 1 ]; then +# Do not skip major versions placeholder # Do not remove or change this line! +# Do not skip major versions start # Do not remove or change this line! set -ex NEXT_MAJOR="$((INSTALLED_MAJOR + 1))" curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-${NEXT_MAJOR}.tar.bz2" @@ -122,17 +124,18 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then mkdir -p /usr/src/tmp/nextcloud/data mkdir -p /usr/src/tmp/nextcloud/custom_apps chmod +x /usr/src/tmp/nextcloud/occ - cp -r /usr/src/nextcloud/config/* /usr/src/tmp/nextcloud/config/ + cp -r "$SOURCE_LOCATION"/config/* /usr/src/tmp/nextcloud/config/ mkdir -p /usr/src/tmp/nextcloud/apps/nextcloud-aio - cp -r /usr/src/nextcloud/apps/nextcloud-aio/* /usr/src/tmp/nextcloud/apps/nextcloud-aio/ - mv /usr/src/nextcloud /usr/src/temp-nextcloud - mv /usr/src/tmp/nextcloud /usr/src/nextcloud + cp -r "$SOURCE_LOCATION"/apps/nextcloud-aio/* /usr/src/tmp/nextcloud/apps/nextcloud-aio/ + mv "$SOURCE_LOCATION" /usr/src/temp-nextcloud + mv /usr/src/tmp/nextcloud "$SOURCE_LOCATION" rm -r /usr/src/tmp rm -r /usr/src/temp-nextcloud # shellcheck disable=SC2016 - image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')" + image_version="$(php -r "require $SOURCE_LOCATION/version.php; echo implode('.', \$OC_Version);")" IMAGE_MAJOR="${image_version%%.*}" set +ex +# Do not skip major versions end # Do not remove or change this line! fi if [ "$installed_version" != "0.0.0.0" ]; then @@ -186,15 +189,15 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then fi echo "Initializing nextcloud $image_version ..." - rsync -rlD --delete --exclude-from=/upgrade.exclude /usr/src/nextcloud/ /var/www/html/ + rsync -rlD --delete --exclude-from=/upgrade.exclude "$SOURCE_LOCATION/" /var/www/html/ for dir in config data custom_apps themes; do if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then - rsync -rlD --include "/$dir/" --exclude '/*' /usr/src/nextcloud/ /var/www/html/ + rsync -rlD --include "/$dir/" --exclude '/*' "$SOURCE_LOCATION/" /var/www/html/ fi done - rsync -rlD --delete --include '/config/' --exclude '/*' --exclude '/config/CAN_INSTALL' --exclude '/config/config.sample.php' --exclude '/config/config.php' /usr/src/nextcloud/ /var/www/html/ - rsync -rlD --include '/version.php' --exclude '/*' /usr/src/nextcloud/ /var/www/html/ + rsync -rlD --delete --include '/config/' --exclude '/*' --exclude '/config/CAN_INSTALL' --exclude '/config/config.sample.php' --exclude '/config/config.php' "$SOURCE_LOCATION/" /var/www/html/ + rsync -rlD --include '/version.php' --exclude '/*' "$SOURCE_LOCATION/" /var/www/html/ echo "Initializing finished" #install @@ -255,6 +258,7 @@ DATADIR_PERMISSION_CONF # unset admin password unset ADMIN_PASSWORD +# AIO update to latest start # Do not remove or change this line! if [ "$INSTALL_LATEST_MAJOR" = yes ]; then php /var/www/html/occ config:system:set updatedirectory --value="/nc-updater" INSTALLED_AT="$(php /var/www/html/occ config:app:get core installedat)" @@ -292,6 +296,7 @@ DATADIR_PERMISSION_CONF php /var/www/html/occ db:add-missing-primary-keys yes | php /var/www/html/occ db:convert-filecache-bigint fi +# AIO update to latest end # Do not remove or change this line! # Apply log settings echo "Applying default settings..." @@ -463,11 +468,13 @@ if [ -f "$NEXTCLOUD_DATA_DIR/fingerprint.update" ]; then rm "$NEXTCLOUD_DATA_DIR/fingerprint.update" fi +# AIO one-click settings start # Do not remove or change this line! # Apply one-click-instance settings echo "Applying one-click-instance settings..." php /var/www/html/occ config:system:set one-click-instance --value=true --type=bool php /var/www/html/occ config:system:set one-click-instance.user-limit --value=100 --type=int php /var/www/html/occ config:system:set one-click-instance.link --value="https://nextcloud.com/all-in-one/" +# AIO one-click settings end # Do not remove or change this line! php /var/www/html/occ app:enable support if [ -n "$SUBSCRIPTION_KEY" ] && [ -z "$(php /var/www/html/occ config:app:get support potential_subscription_key)" ]; then php /var/www/html/occ config:app:set support potential_subscription_key --value="$SUBSCRIPTION_KEY" @@ -503,6 +510,7 @@ else php /var/www/html/occ config:system:set files_external_allow_create_new_local --type=bool --value=true fi +# AIO app start # Do not remove or change this line! # AIO app if [ "$THIS_IS_AIO" = "true" ]; then if [ "$(php /var/www/html/occ config:app:get nextcloud-aio enabled)" != "yes" ]; then @@ -513,6 +521,7 @@ else php /var/www/html/occ app:disable nextcloud-aio fi fi +# AIO app end # Do not remove or change this line! # Notify push if ! [ -d "/var/www/html/custom_apps/notify_push" ]; then diff --git a/Containers/onlyoffice/Dockerfile b/Containers/onlyoffice/Dockerfile index 03bcab59..8bea975a 100644 --- a/Containers/onlyoffice/Dockerfile +++ b/Containers/onlyoffice/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/Dockerfile -FROM onlyoffice/documentserver:7.5.1.1 +FROM onlyoffice/documentserver:8.0.1.1 # USER root is probably used diff --git a/manual-install/latest.yml b/manual-install/latest.yml index 51a6b3dc..b0ec690b 100644 --- a/manual-install/latest.yml +++ b/manual-install/latest.yml @@ -45,6 +45,8 @@ services: - /usr/local/apache2/logs - /tmp - /home/www-data + cap_drop: + - NET_RAW nextcloud-aio-database: image: nextcloud/aio-postgresql:latest @@ -68,6 +70,8 @@ services: read_only: true tmpfs: - /var/run/postgresql + cap_drop: + - NET_RAW nextcloud-aio-nextcloud: depends_on: @@ -149,6 +153,8 @@ services: restart: unless-stopped networks: - nextcloud-aio + cap_drop: + - NET_RAW nextcloud-aio-notify-push: image: nextcloud/aio-notify-push:latest @@ -170,6 +176,8 @@ services: networks: - nextcloud-aio read_only: true + cap_drop: + - NET_RAW nextcloud-aio-redis: image: nextcloud/aio-redis:latest @@ -185,6 +193,8 @@ services: networks: - nextcloud-aio read_only: true + cap_drop: + - NET_RAW nextcloud-aio-collabora: image: nextcloud/aio-collabora:latest @@ -205,6 +215,8 @@ services: - nextcloud-aio cap_add: - MKNOD + cap_drop: + - NET_RAW nextcloud-aio-talk: image: nextcloud/aio-talk:latest @@ -234,6 +246,8 @@ services: - /opt/eturnal/run - /conf - /tmp + cap_drop: + - NET_RAW nextcloud-aio-talk-recording: image: nextcloud/aio-talk-recording:latest @@ -255,6 +269,8 @@ services: tmpfs: - /tmp - /conf + cap_drop: + - NET_RAW nextcloud-aio-clamav: image: nextcloud/aio-clamav:latest @@ -276,6 +292,8 @@ services: - /var/lock - /var/log/clamav - /tmp + cap_drop: + - NET_RAW nextcloud-aio-onlyoffice: image: nextcloud/aio-onlyoffice:latest @@ -294,6 +312,8 @@ services: - onlyoffice networks: - nextcloud-aio + cap_drop: + - NET_RAW nextcloud-aio-imaginary: image: nextcloud/aio-imaginary:latest @@ -305,6 +325,8 @@ services: restart: unless-stopped cap_add: - SYS_NICE + cap_drop: + - NET_RAW profiles: - imaginary networks: @@ -336,6 +358,8 @@ services: - fulltextsearch networks: - nextcloud-aio + cap_drop: + - NET_RAW volumes: nextcloud_aio_apache: diff --git a/migration.md b/migration.md index 1574381c..38b6fa47 100644 --- a/migration.md +++ b/migration.md @@ -68,7 +68,8 @@ The procedure for migrating the files and the database works like this: 1. Change it to look like this: `local::/mnt/ncdata/`. 1. Now save the file by pressing `[CTRL] + [o]` then `[ENTER]` and close nano by pressing `[CTRL] + [x]` 1. In order to make sure that everything is good, you can now run `grep "/your/old/datadir" database-dump.sql` which should not bring up further results.
- 1. **Please note:** Unfortunately it is not possible to import a database dump from a former database owner with the name `nextcloud`. You can check if that is the case with this command: `grep "Name: oc_appconfig; Type: TABLE; Schema: public; Owner:" database-dump.sql | grep -oP 'Owner:.*$' | sed 's|Owner:||;s| ||g'`. If it returns `nextcloud`, you need to rename the owner in the dump file manually. A command like the following should work, however please note that it is possible that it will overwrite wrong lines. You can thus first check which lines it will change with `grep "Owner: nextcloud$" database-dump.sql`. If only correct looking lines get returned, feel free to change them with `sed -i 's|Owner: nextcloud$|Owner: ncadmin|' database-dump.sql`. + 1. **Please note:** Unfortunately it is not possible to import a database dump from a former database owner with the name `nextcloud`. You can check if that is the case with this command: `grep "Name: oc_appconfig; Type: TABLE; Schema: public; Owner:" database-dump.sql | grep -oP 'Owner:.*$' | sed 's|Owner:||;s| ||g'`. If it returns `nextcloud`, you need to rename the owner in the dump file manually. A command like the following should work, however please note that it is possible that it will overwrite wrong lines. You can thus first check which lines it will change with `grep "Owner: nextcloud$" database-dump.sql`. If only correct looking lines get returned, feel free to change them with `sed -i 's|Owner: nextcloud$|Owner: ncadmin|' database-dump.sql`. +The same applies for the second statement, check with `grep " OWNER TO nextcloud;$" database-dump.sql` and replace with `sed -i 's| OWNER TO nextcloud;$| OWNER TO ncadmin;$|' database-dump.sql`. 1. Next, copy the database dump into the correct place and prepare the database container which will import from the database dump automatically the next container start: ``` sudo docker run --rm --volume nextcloud_aio_database_dump:/mnt/data:rw alpine rm /mnt/data/database-dump.sql diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index 46c8063a..a81e9961 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 7.12.0-beta +version: 7.13.0 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 64e12c6d..542920db 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -2,12 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-apache name: nextcloud-aio-apache - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -59,8 +59,7 @@ spec: value: nextcloud-aio-talk - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-apache:beta - imagePullPolicy: Always + image: nextcloud/aio-apache:20240228_172209-latest name: nextcloud-aio-apache ports: - containerPort: {{ .Values.APACHE_PORT }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-persistentvolumeclaim.yaml index 1b88ba0d..773d198f 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-persistentvolumeclaim.yaml @@ -4,7 +4,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-apache name: nextcloud-aio-apache - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml index e2a3389f..df54d903 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-service.yaml @@ -2,12 +2,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-apache name: nextcloud-aio-apache - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack type: LoadBalancer diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index d0733ac9..8d95fc48 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -3,12 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-clamav name: nextcloud-aio-clamav - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -50,7 +50,7 @@ spec: value: "90" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-clamav:20240201_120631-latest + image: nextcloud/aio-clamav:20240228_172209-latest name: nextcloud-aio-clamav ports: - containerPort: 3310 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-persistentvolumeclaim.yaml index c08d5f75..ebb19681 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-persistentvolumeclaim.yaml @@ -5,7 +5,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-clamav name: nextcloud-aio-clamav - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml index 7af1e626..91f71af2 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-service.yaml @@ -3,12 +3,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-clamav name: nextcloud-aio-clamav - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index eebda80b..93b75ffc 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -3,12 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-collabora name: nextcloud-aio-collabora - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -37,7 +37,7 @@ spec: value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true {{ .Values.COLLABORA_SECCOMP_POLICY }} --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json - name: server_name value: "{{ .Values.NC_DOMAIN }}" - image: nextcloud/aio-collabora:20240201_120631-latest + image: nextcloud/aio-collabora:20240228_172209-latest name: nextcloud-aio-collabora ports: - containerPort: 9980 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml index 9f47648f..ecdc035b 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-service.yaml @@ -3,12 +3,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-collabora name: nextcloud-aio-collabora - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index e933846b..24c89b76 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -2,12 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-database name: nextcloud-aio-database - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -61,7 +61,7 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-postgresql:20240201_120631-latest + image: nextcloud/aio-postgresql:20240228_172209-latest name: nextcloud-aio-database ports: - containerPort: 5432 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-dump-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-dump-persistentvolumeclaim.yaml index 73c9ed93..49135452 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-dump-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-dump-persistentvolumeclaim.yaml @@ -4,7 +4,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-database-dump name: nextcloud-aio-database-dump - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-persistentvolumeclaim.yaml index e81e639a..7b753e22 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-persistentvolumeclaim.yaml @@ -4,7 +4,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-database name: nextcloud-aio-database - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml index 9999233b..772324e6 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-service.yaml @@ -2,12 +2,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-database name: nextcloud-aio-database - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml index 4b8ba194..44458a8d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml @@ -1,10 +1,11 @@ +{{- if eq .Values.FULLTEXTSEARCH_ENABLED "yes" }} apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: io.kompose.service: nextcloud-aio-elasticsearch name: nextcloud-aio-elasticsearch - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} @@ -14,3 +15,4 @@ spec: resources: requests: storage: {{ .Values.ELASTICSEARCH_STORAGE_SIZE }} +{{- end }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index 8c4ef301..a4bbf35a 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -3,12 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-fulltextsearch name: nextcloud-aio-fulltextsearch - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -55,7 +55,7 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: nextcloud/aio-fulltextsearch:20240201_120631-latest + image: nextcloud/aio-fulltextsearch:20240228_172209-latest name: nextcloud-aio-fulltextsearch ports: - containerPort: 9200 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml index f98c2335..c3b49c2e 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-service.yaml @@ -3,12 +3,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-fulltextsearch name: nextcloud-aio-fulltextsearch - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index b28938df..d1954b24 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -3,12 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-imaginary name: nextcloud-aio-imaginary - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -27,7 +27,7 @@ spec: - env: - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-imaginary:20240201_120631-latest + image: nextcloud/aio-imaginary:20240228_172209-latest name: nextcloud-aio-imaginary ports: - containerPort: 9000 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml index 3bd1c737..9bae54ad 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-service.yaml @@ -3,12 +3,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-imaginary name: nextcloud-aio-imaginary - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-namespace-namespace.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-namespace-namespace.yaml index 265abb64..ef732d86 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-namespace-namespace.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-namespace-namespace.yaml @@ -1,5 +1,5 @@ apiVersion: v1 kind: Namespace metadata: - name: {{ .Values.NAMESPACE }} - namespace: {{ .Values.NAMESPACE }} + name: "{{ .Values.NAMESPACE }}" + namespace: "{{ .Values.NAMESPACE }}" diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-data-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-data-persistentvolumeclaim.yaml index 107265c0..5be12896 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-data-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-data-persistentvolumeclaim.yaml @@ -4,7 +4,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-nextcloud-data name: nextcloud-aio-nextcloud-data - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 8fce52f2..3dc92052 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -2,12 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-nextcloud name: nextcloud-aio-nextcloud - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -158,8 +158,7 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: UPDATE_NEXTCLOUD_APPS value: "{{ .Values.UPDATE_NEXTCLOUD_APPS }}" - image: nextcloud/aio-nextcloud:beta - imagePullPolicy: Always + image: nextcloud/aio-nextcloud:20240228_172209-latest name: nextcloud-aio-nextcloud ports: - containerPort: 9000 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-persistentvolumeclaim.yaml index 320d719f..ee55be2a 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-persistentvolumeclaim.yaml @@ -4,7 +4,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-nextcloud name: nextcloud-aio-nextcloud - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml index dd12a261..9f0a1fa6 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-service.yaml @@ -2,12 +2,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-nextcloud name: nextcloud-aio-nextcloud - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-trusted-cacerts-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-trusted-cacerts-persistentvolumeclaim.yaml index 858d7f2c..d18f7a82 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-trusted-cacerts-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-trusted-cacerts-persistentvolumeclaim.yaml @@ -4,7 +4,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-nextcloud-trusted-cacerts name: nextcloud-aio-nextcloud-trusted-cacerts - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index f9e368b3..1437caf8 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -2,12 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-notify-push name: nextcloud-aio-notify-push - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -50,7 +50,7 @@ spec: value: nextcloud-aio-redis - name: REDIS_HOST_PASSWORD value: "{{ .Values.REDIS_PASSWORD }}" - image: nextcloud/aio-notify-push:20240201_120631-latest + image: nextcloud/aio-notify-push:20240228_172209-latest name: nextcloud-aio-notify-push ports: - containerPort: 7867 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml index 17ecb5bd..1f428dc2 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-service.yaml @@ -2,12 +2,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-notify-push name: nextcloud-aio-notify-push - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index 5afbff12..159e464d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -3,12 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-onlyoffice name: nextcloud-aio-onlyoffice - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -43,7 +43,7 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-onlyoffice:20240201_120631-latest + image: nextcloud/aio-onlyoffice:20240228_172209-latest name: nextcloud-aio-onlyoffice ports: - containerPort: 80 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-persistentvolumeclaim.yaml index 55445a35..80de727b 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-persistentvolumeclaim.yaml @@ -5,7 +5,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-onlyoffice name: nextcloud-aio-onlyoffice - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml index 549653db..be51a6c5 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-service.yaml @@ -3,12 +3,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-onlyoffice name: nextcloud-aio-onlyoffice - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 539a4fa8..5985bd54 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -2,12 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-redis name: nextcloud-aio-redis - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -16,7 +16,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -38,7 +38,7 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-redis:20240201_120631-latest + image: nextcloud/aio-redis:20240228_172209-latest name: nextcloud-aio-redis ports: - containerPort: 6379 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-persistentvolumeclaim.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-persistentvolumeclaim.yaml index 0dba4859..51b4f588 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-persistentvolumeclaim.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-persistentvolumeclaim.yaml @@ -4,7 +4,7 @@ metadata: labels: io.kompose.service: nextcloud-aio-redis name: nextcloud-aio-redis - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: {{- if .Values.STORAGE_CLASS }} storageClassName: {{ .Values.STORAGE_CLASS }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml index 7f2bc67c..c669581f 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-service.yaml @@ -2,12 +2,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-redis name: nextcloud-aio-redis - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index 9edb16c0..36925eaf 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -3,12 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -37,7 +37,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-talk:20240201_120631-latest + image: nextcloud/aio-talk:20240228_172209-latest name: nextcloud-aio-talk ports: - containerPort: {{ .Values.TALK_PORT }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index c0f6021f..145a3cc2 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -3,12 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-talk-recording name: nextcloud-aio-talk-recording - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: replicas: 1 selector: @@ -17,7 +17,7 @@ spec: template: metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.network/nextcloud-aio: "true" @@ -33,7 +33,7 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-talk-recording:20240201_120631-latest + image: nextcloud/aio-talk-recording:20240228_172209-latest name: nextcloud-aio-talk-recording ports: - containerPort: 1234 diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml index 2ffceefe..2778a3ee 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-service.yaml @@ -3,12 +3,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-talk-recording name: nextcloud-aio-talk-recording - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml index 37306e42..03b0e0a8 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-service.yaml @@ -4,12 +4,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk-public - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack type: LoadBalancer @@ -29,12 +29,12 @@ apiVersion: v1 kind: Service metadata: annotations: - kompose.cmd: kompose convert -c -f latest.yml --namespace {{ .Values.NAMESPACE }} + kompose.cmd: kompose convert -c -f latest.yml --namespace "{{ .Values.NAMESPACE }}" kompose.version: 1.32.0 (765fde254) labels: io.kompose.service: nextcloud-aio-talk name: nextcloud-aio-talk - namespace: {{ .Values.NAMESPACE }} + namespace: "{{ .Values.NAMESPACE }}" spec: ipFamilyPolicy: PreferDualStack ports: diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index 20cd2f70..6fe1c10b 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -160,7 +160,7 @@ for variable in "${DEPLOYMENTS[@]}"; do fi done # shellcheck disable=SC1083 -find ./ -name '*.yaml' -exec sed -i "s|nextcloud-aio-namespace|\{\{ .Values.NAMESPACE \}\}|" \{} \; +find ./ -name '*.yaml' -exec sed -i 's|nextcloud-aio-namespace|"\{\{ .Values.NAMESPACE \}\}"|' \{} \; # shellcheck disable=SC1083 find ./ -name '*service.yaml' -exec sed -i "/^status:/,$ d" \{} \; # shellcheck disable=SC1083 @@ -350,6 +350,12 @@ for variable in "${ENABLED_VARIABLES[@]}"; do find ./ -name "*nextcloud-aio-$name-persistentvolumeclaim.yaml" -exec sed -i "$ a {{- end }}" \{} \; done +# Additional case for FTS volume +# shellcheck disable=SC1083 +find ./ -name "*nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml" -exec sed -i "1i\\{{- if eq .Values.FULLTEXTSEARCH_ENABLED \"yes\" }}" \{} \; +# shellcheck disable=SC1083 +find ./ -name "*nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml" -exec sed -i "$ a {{- end }}" \{} \; + chmod 777 -R ./ # Seems like the dir needs to match the name of the chart diff --git a/php/containers-schema.json b/php/containers-schema.json index 0f99c1a9..db63fddf 100644 --- a/php/containers-schema.json +++ b/php/containers-schema.json @@ -31,6 +31,13 @@ "pattern": "^[A-Z_]+$" } }, + "cap_drop": { + "type": "array", + "items": { + "type": "string", + "pattern": "^[A-Z_]+$" + } + }, "depends_on": { "type": "array", "items": { diff --git a/php/containers.json b/php/containers.json index 2ee9a131..f79f1b47 100644 --- a/php/containers.json +++ b/php/containers.json @@ -65,6 +65,9 @@ "/usr/local/apache2/logs", "/tmp", "/home/www-data" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -112,6 +115,9 @@ "read_only": true, "tmpfs": [ "/var/run/postgresql" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -226,6 +232,9 @@ ], "networks": [ "nextcloud-aio" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -263,7 +272,10 @@ "networks": [ "nextcloud-aio" ], - "read_only": true + "read_only": true, + "cap_drop": [ + "NET_RAW" + ] }, { "container_name": "nextcloud-aio-redis", @@ -295,7 +307,10 @@ "networks": [ "nextcloud-aio" ], - "read_only": true + "read_only": true, + "cap_drop": [ + "NET_RAW" + ] }, { "container_name": "nextcloud-aio-collabora", @@ -328,6 +343,9 @@ ], "cap_add": [ "MKNOD" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -380,6 +398,9 @@ "/opt/eturnal/run", "/conf", "/tmp" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -414,6 +435,9 @@ "tmpfs": [ "/tmp", "/conf" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -472,6 +496,9 @@ "cap_add": [ "SYS_ADMIN" ], + "cap_drop": [ + "NET_RAW" + ], "apparmor_unconfined": true, "read_only": true, "tmpfs": [ @@ -494,7 +521,10 @@ "writeable": false } ], - "read_only": true + "read_only": true, + "cap_drop": [ + "NET_RAW" + ] }, { "container_name": "nextcloud-aio-domaincheck", @@ -521,6 +551,9 @@ "tmpfs": [ "/etc/lighttpd", "/var/www/domaincheck" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -556,6 +589,9 @@ "/var/lock", "/var/log/clamav", "/tmp" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -594,6 +630,9 @@ ], "networks": [ "nextcloud-aio" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -613,6 +652,9 @@ "cap_add": [ "SYS_NICE" ], + "cap_drop": [ + "NET_RAW" + ], "profiles": [ "imaginary" ], @@ -662,6 +704,9 @@ ], "secrets": [ "FULLTEXTSEARCH_PASSWORD" + ], + "cap_drop": [ + "NET_RAW" ] }, { @@ -685,6 +730,9 @@ "read_only": true, "tmpfs": [ "/tmp" + ], + "cap_drop": [ + "NET_RAW" ] } ] diff --git a/php/psalm-baseline.xml b/php/psalm-baseline.xml index c537d28b..9dba49fe 100644 --- a/php/psalm-baseline.xml +++ b/php/psalm-baseline.xml @@ -1,2 +1,2 @@ - + diff --git a/php/templates/containers.twig b/php/templates/containers.twig index 4461301c..5c7f8455 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -16,7 +16,7 @@
-

Nextcloud AIO v7.13.0

+

Nextcloud AIO v7.13.1

{# Add 2nd tab warning #} diff --git a/readme.md b/readme.md index 7d094149..a4fb9e3f 100644 --- a/readme.md +++ b/readme.md @@ -103,7 +103,7 @@ The following instructions are meant for installations without a web server or r Explanation of the command - `sudo docker run` This command spins up a new docker container. Docker commands can optionally be used without `sudo` if the user is added to the docker group (this is not the same as docker rootless, see FAQ below). - - `--init` This option makes sure that no zombie-processes are created, ever. See https://docs.docker.com/engine/reference/run/#specify-an-init-process + - `--init` This option makes sure that no zombie-processes are created, ever. See [the Docker documentation](https://docs.docker.com/reference/cli/docker/container/run/#init). - `--sig-proxy=false` This option allows to exit the container shell that gets attached automatically when using `docker run` by using `[CTRL] + [C]` without shutting down the container. - `--name nextcloud-aio-mastercontainer` This is the name of the container. This line is not allowed to be changed, since mastercontainer updates would fail. - `--restart always` This is the "restart policy". `always` means that the container should always get started with the Docker daemon. See the Docker documentation for further detail about restart policies: https://docs.docker.com/config/containers/start-containers-automatically/