adjust limiting the php-fpm port to specific containers again

Signed-off-by: Simon L <[email protected]>
nextcloud · Sep 29, 2023 · f82affd · f82affd
1 parent b0c859a
commit f82affd
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 5 deletions.
diff --git a/Containers/docker-socket-proxy/healthcheck.sh b/Containers/docker-socket-proxy/healthcheck.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
 
-nc -z "$NEXTCLOUD_HOST" 9000 || exit 0
+nc -z "$NEXTCLOUD_HOST" 9001 || exit 0
 nc -z localhost 2375 || exit 1
diff --git a/Containers/docker-socket-proxy/start.sh b/Containers/docker-socket-proxy/start.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 
 # Only start container if nextcloud is accessible
-while ! nc -z "$NEXTCLOUD_HOST" 9000; do
+while ! nc -z "$NEXTCLOUD_HOST" 9001; do
     echo "Waiting for Nextcloud to start..."
     sleep 5
 done

diff --git a/Containers/nextcloud/start.sh b/Containers/nextcloud/start.sh
@@ -131,4 +131,17 @@ if ! sudo -E -u www-data bash /entrypoint.sh; then
     exit 1
 fi
 
+while [ -z "$(dig nextcloud-aio-apache A +short)" ]; do
+    echo "Waiting for nextcloud-aio-apache to start..."
+    sleep 5
+done
+IPv4_ADDRESS_APACHE="$(dig nextcloud-aio-apache A +short | grep '^[0-9.]\+$' | sort | head -n1)"
+IPv6_ADDRESS_APACHE="$(dig nextcloud-aio-apache AAAA +short | grep '^[0-9a-f:]\+$' | sort | head -n1)"
+IPv4_ADDRESS_MASTERCONTAINER="$(dig nextcloud-aio-mastercontainer A +short | grep '^[0-9.]\+$' | sort | head -n1)"
+IPv6_ADDRESS_MASTERCONTAINER="$(dig nextcloud-aio-mastercontainer AAAA +short | grep '^[0-9a-f:]\+$' | sort | head -n1)"
+
+sed -i "s|^;listen.allowed_clients|listen.allowed_clients|" /usr/local/etc/php-fpm.d/www.conf
+sed -i "s|listen.allowed_clients.*|listen.allowed_clients = 127.0.0.1,::1,$IPv4_ADDRESS_APACHE,$IPv6_ADDRESS_APACHE,$IPv4_ADDRESS_MASTERCONTAINER,$IPv6_ADDRESS_MASTERCONTAINER|" /usr/local/etc/php-fpm.d/www.conf
+grep listen.allowed_clients /usr/local/etc/php-fpm.d/www.conf
+
 exec "$@"
diff --git a/Containers/nextcloud/supervisord.conf b/Containers/nextcloud/supervisord.conf
@@ -32,3 +32,12 @@ stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
 command=/run-exec-commands.sh
 user=www-data
+
+# This is a hack but no better solution is there
+[program:is-nextcloud-online]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=nc -lk 9001
+user=www-data
diff --git a/Containers/notify-push/healthcheck.sh b/Containers/notify-push/healthcheck.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-if ! nc -z "$NEXTCLOUD_HOST" 9000; then
+if ! nc -z "$NEXTCLOUD_HOST" 9001; then
     exit 0
 fi
 

diff --git a/Containers/notify-push/start.sh b/Containers/notify-push/start.sh
@@ -12,7 +12,7 @@ elif [ -z "$REDIS_HOST" ]; then
 fi
 
 # Only start container if nextcloud is accessible
-while ! nc -z "$NEXTCLOUD_HOST" 9000; do
+while ! nc -z "$NEXTCLOUD_HOST" 9001; do
     echo "Waiting for Nextcloud to start..."
     sleep 5
 done

diff --git a/php/containers.json b/php/containers.json
@@ -130,7 +130,8 @@
       "image": "nextcloud/aio-nextcloud",
       "init": true,
       "expose": [
-        "9000"
+        "9000",
+        "9001"
       ],
       "internal_port": "9000",
       "secrets": [