diff --git a/Containers/apache/start.sh b/Containers/apache/start.sh index 49270210..560dd84e 100644 --- a/Containers/apache/start.sh +++ b/Containers/apache/start.sh @@ -18,7 +18,8 @@ while ! nc -z "$NEXTCLOUD_HOST" 9000; do done # Get ipv4-address of Apache -IPv4_ADDRESS="$(dig nextcloud-aio-apache A +short +search | head -1)" +# shellcheck disable=SC2153 +IPv4_ADDRESS="$(dig "$APACHE_HOST" A +short +search | head -1)" # Bring it in CIDR notation # shellcheck disable=SC2001 IPv4_ADDRESS="$(echo "$IPv4_ADDRESS" | sed 's|[0-9]\+$|1/32|')" diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 126e3cd0..788535cf 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:latest # From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker -FROM collabora/code:24.04.3.1.1 +FROM collabora/code:24.04.4.1.1 USER root ARG DEBIAN_FRONTEND noninteractive diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile index e609dba7..c03e2d01 100644 --- a/Containers/mastercontainer/Dockerfile +++ b/Containers/mastercontainer/Dockerfile @@ -6,7 +6,7 @@ FROM docker:26.1.4-cli as docker FROM caddy:2.8.4-alpine as caddy # From https://github.com/docker-library/php/blob/master/8.3/alpine3.19/fpm/Dockerfile -FROM php:8.3.7-fpm-alpine3.19 +FROM php:8.3.8-fpm-alpine3.19 EXPOSE 80 EXPOSE 8080 diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index daaa2dc7..ef2493fe 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM php:8.2.19-fpm-alpine3.19 +FROM php:8.2.20-fpm-alpine3.19 ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 10G diff --git a/Containers/nextcloud/entrypoint.sh b/Containers/nextcloud/entrypoint.sh index c1945e54..eaa78778 100644 --- a/Containers/nextcloud/entrypoint.sh +++ b/Containers/nextcloud/entrypoint.sh @@ -162,8 +162,12 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then declare -Ag APPSTORAGE echo "Disabling apps before the update in order to make the update procedure more safe. This can take a while..." for app in "${NC_APPS_ARRAY[@]}"; do - APPSTORAGE[$app]=$(php /var/www/html/occ config:app:get "$app" enabled) - php /var/www/html/occ app:disable "$app" + if APPSTORAGE[$app]="$(php /var/www/html/occ config:app:get "$app" enabled)"; then + php /var/www/html/occ app:disable "$app" + else + APPSTORAGE[$app]="" + echo "Not disabling $app because the occ command to get the enabled state was failing." + fi done fi diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index 91591320..a28969ef 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:latest -FROM python:3.12.3-alpine3.19 +FROM python:3.12.4-alpine3.19 COPY --chmod=775 start.sh /start.sh diff --git a/Containers/talk/start.sh b/Containers/talk/start.sh index 37d2682e..e73525b8 100644 --- a/Containers/talk/start.sh +++ b/Containers/talk/start.sh @@ -20,8 +20,10 @@ fi set -x IPv4_ADDRESS_TALK_RELAY="$(hostname -i | grep -oP '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | head -1)" -IPv4_ADDRESS_TALK="$(dig nextcloud-aio-talk IN A +short +search | grep '^[0-9.]\+$' | sort | head -n1)" -IPv6_ADDRESS_TALK="$(dig nextcloud-aio-talk AAAA +short +search | grep '^[0-9a-f:]\+$' | sort | head -n1)" +# shellcheck disable=SC2153 +IPv4_ADDRESS_TALK="$(dig "$TALK_HOST" IN A +short +search | grep '^[0-9.]\+$' | sort | head -n1)" +# shellcheck disable=SC2153 +IPv6_ADDRESS_TALK="$(dig "$TALK_HOST" AAAA +short +search | grep '^[0-9a-f:]\+$' | sort | head -n1)" set +x if [ -n "$IPv4_ADDRESS_TALK" ] && [ "$IPv4_ADDRESS_TALK_RELAY" = "$IPv4_ADDRESS_TALK" ]; then diff --git a/community-containers/caddy/readme.md b/community-containers/caddy/readme.md index 4c1e3c52..94700b6b 100644 --- a/community-containers/caddy/readme.md +++ b/community-containers/caddy/readme.md @@ -6,6 +6,8 @@ This container bundles caddy and auto-configures it for you. It also covers http - Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with `sudo netstat -tulpn | grep 443` before installing AIO. - If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden, make sure that you point `bw.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden. - If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/stalwart, make sure that you point `mail.your-nc-domain.com` to your server using an A, AAAA or CNAME record so that caddy can get a certificate automatically for stalwart. +- If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin, make sure that you point `media.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden. +- If you want to use this with https://github.com/nextcloud/all-in-one/tree/main/community-containers/lldap, make sure that you point `ldap.your-nc-domain.com` to your server using a cname record so that caddy can get a certificate automatically for vaultwarden. - After the container was started the first time, you should see a new `nextcloud-aio-caddy` folder and inside there an `allowed-countries.txt` file when you open the files app with the default `admin` user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. `IT FR` would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the `GeoLite2-Country.mmdb` and upload it with this exact name into the `nextcloud-aio-caddy` folder. Afterwards restart all containers from the AIO interface and your new config should be active! - You can add your own Caddy configurations in `/data/caddy-imports/` inside the Caddy container (`sudo docker exec -it nextcloud-aio-caddy bash`). These will be imported on container startup. - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack diff --git a/community-containers/facerecognition/readme.md b/community-containers/facerecognition/readme.md index 072ae01a..fa22e0bb 100644 --- a/community-containers/facerecognition/readme.md +++ b/community-containers/facerecognition/readme.md @@ -3,7 +3,6 @@ This container bundles the external model of facerecognition and auto-configures ### Notes - This container needs imaginary in order to analyze modern file format images. Make sure to enable imaginary in the AIO interface before adding this container. -- Currently, in order to run this correctly, your server should have at least 6 GB of RAM, better 8 GB of RAM. - Facerecognition is by default disabled for all users, if you want to enable facerecognition for all users, you can run the following before adding this container: ```bash # Go into the container diff --git a/manual-install/latest.yml b/manual-install/latest.yml index f80e32b0..ac6f411b 100644 --- a/manual-install/latest.yml +++ b/manual-install/latest.yml @@ -24,6 +24,7 @@ services: environment: - NC_DOMAIN=${NC_DOMAIN} - NEXTCLOUD_HOST=nextcloud-aio-nextcloud + - APACHE_HOST=nextcloud-aio-apache - COLLABORA_HOST=nextcloud-aio-collabora - TALK_HOST=nextcloud-aio-talk - APACHE_PORT=${APACHE_PORT} @@ -231,6 +232,7 @@ services: - "8081" environment: - NC_DOMAIN=${NC_DOMAIN} + - TALK_HOST=nextcloud-aio-talk - TURN_SECRET=${TURN_SECRET} - SIGNALING_SECRET=${SIGNALING_SECRET} - TZ=${TIMEZONE} diff --git a/php/composer.lock b/php/composer.lock index ed53f767..fcd0eeeb 100644 --- a/php/composer.lock +++ b/php/composer.lock @@ -830,16 +830,16 @@ }, { "name": "psr/http-message", - "version": "1.1", + "version": "2.0", "source": { "type": "git", "url": "https://github.com/php-fig/http-message.git", - "reference": "cb6ce4845ce34a8ad9e68117c10ee90a29919eba" + "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-message/zipball/cb6ce4845ce34a8ad9e68117c10ee90a29919eba", - "reference": "cb6ce4845ce34a8ad9e68117c10ee90a29919eba", + "url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71", + "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71", "shasum": "" }, "require": { @@ -848,7 +848,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.1.x-dev" + "dev-master": "2.0.x-dev" } }, "autoload": { @@ -863,7 +863,7 @@ "authors": [ { "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" + "homepage": "https://www.php-fig.org/" } ], "description": "Common interface for HTTP messages", @@ -877,9 +877,9 @@ "response" ], "support": { - "source": "https://github.com/php-fig/http-message/tree/1.1" + "source": "https://github.com/php-fig/http-message/tree/2.0" }, - "time": "2023-04-04T09:50:52+00:00" + "time": "2023-04-04T09:54:51+00:00" }, { "name": "psr/http-server-handler", @@ -1090,30 +1090,30 @@ }, { "name": "slim/csrf", - "version": "1.4.0", + "version": "1.5.0", "source": { "type": "git", "url": "https://github.com/slimphp/Slim-Csrf.git", - "reference": "f66be9740283ed4f432535aff3623540e178013a" + "reference": "179cbcf40ee1d246d4906aefed42d3e62066974b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/slimphp/Slim-Csrf/zipball/f66be9740283ed4f432535aff3623540e178013a", - "reference": "f66be9740283ed4f432535aff3623540e178013a", + "url": "https://api.github.com/repos/slimphp/Slim-Csrf/zipball/179cbcf40ee1d246d4906aefed42d3e62066974b", + "reference": "179cbcf40ee1d246d4906aefed42d3e62066974b", "shasum": "" }, "require": { "php": "^7.4 || ^8.0", - "psr/http-factory": "^1.0", - "psr/http-message": "^1.0", + "psr/http-factory": "^1.1", + "psr/http-message": "^1.0 || ^2.0", "psr/http-server-handler": "^1.0", "psr/http-server-middleware": "^1.0" }, "require-dev": { - "phpspec/prophecy": "^1.18", - "phpspec/prophecy-phpunit": "^2.1", + "phpspec/prophecy": "^1.19", + "phpspec/prophecy-phpunit": "^2.2", "phpunit/phpunit": "^9.6", - "squizlabs/php_codesniffer": "^3.8" + "squizlabs/php_codesniffer": "^3.10" }, "type": "library", "autoload": { @@ -1142,9 +1142,9 @@ ], "support": { "issues": "https://github.com/slimphp/Slim-Csrf/issues", - "source": "https://github.com/slimphp/Slim-Csrf/tree/1.4.0" + "source": "https://github.com/slimphp/Slim-Csrf/tree/1.5.0" }, - "time": "2024-01-22T09:08:27+00:00" + "time": "2024-06-08T16:37:18+00:00" }, { "name": "slim/slim", diff --git a/php/containers.json b/php/containers.json index fd1e137e..a8669744 100644 --- a/php/containers.json +++ b/php/containers.json @@ -29,6 +29,7 @@ "environment": [ "NC_DOMAIN=%NC_DOMAIN%", "NEXTCLOUD_HOST=nextcloud-aio-nextcloud", + "APACHE_HOST=nextcloud-aio-apache", "COLLABORA_HOST=nextcloud-aio-collabora", "TALK_HOST=nextcloud-aio-talk", "APACHE_PORT=%APACHE_PORT%", @@ -376,6 +377,7 @@ "internal_port": "%TALK_PORT%", "environment": [ "NC_DOMAIN=%NC_DOMAIN%", + "TALK_HOST=nextcloud-aio-talk", "TURN_SECRET=%TURN_SECRET%", "SIGNALING_SECRET=%SIGNALING_SECRET%", "TZ=%TIMEZONE%", diff --git a/php/templates/containers.twig b/php/templates/containers.twig index e2ef6185..7110782b 100644 --- a/php/templates/containers.twig +++ b/php/templates/containers.twig @@ -16,7 +16,7 @@
-

Nextcloud AIO v9.0.0

+

Nextcloud AIO v9.0.1

{# Add 2nd tab warning #} diff --git a/readme.md b/readme.md index 95e00a85..abc7b969 100644 --- a/readme.md +++ b/readme.md @@ -375,9 +375,9 @@ If you connect an external drive to your host, and choose the backup directory t Backups can be created and restored in the AIO interface using the buttons `Create Backup` and `Restore selected backup`. Additionally, a backup check is provided that checks the integrity of your backups but it shouldn't be needed in most situations. -The backups itself get encrypted with an encryption key that gets shown to you in the AIO interface. Please save that at a safe place as you will not be able to restore from backup without this key. +The backups themselves get encrypted with an encryption key that gets shown to you in the AIO interface. Please save that at a safe place as you will not be able to restore from backup without this key. -Daily backups can get enabled after the initial backup is done. Enabling this also allows to enable an option that allows to update all containers, Nextcloud and its apps automatically. +Daily backups can get enabled after the initial backup is done. Enabling this also allows to enable an option that allows to automatically update all containers, Nextcloud and its apps. Be aware that this solution does not back up files and folders that are mounted into Nextcloud using the external storage app - but you can add further Docker volumes and host paths that you want to back up after the initial backup is done.