diff --git a/Dockerfile b/Dockerfile index 61a1becf..1f6d465e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,6 +12,15 @@ LABEL maintainer="aptalca" # environment settings ENV LD_PRELOAD="/usr/lib/preloadable_libiconv.so" +ENV DB_TYPE="sqlite" +ENV DB_HOST="localhost" +ENV DB_NAME="nextcloud" +ENV DB_USER="nextcloud" +ENV DB_PASS="" + +ENV ADMIN_USER="admin" +ENV ADMIN_PASS="" + RUN \ echo "**** install runtime packages ****" && \ apk add --no-cache \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 86acbad4..d21bb6a1 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -12,6 +12,15 @@ LABEL maintainer="aptalca" # environment settings ENV LD_PRELOAD="/usr/lib/preloadable_libiconv.so" +ENV DB_TYPE="sqlite" +ENV DB_HOST="localhost" +ENV DB_NAME="nextcloud" +ENV DB_USER="nextcloud" +ENV DB_PASS="" + +ENV ADMIN_USER="admin" +ENV ADMIN_PASS="" + RUN \ echo "**** install runtime packages ****" && \ apk add --no-cache \ diff --git a/readme-vars.yml b/readme-vars.yml index 8139ab34..d963a807 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -32,6 +32,16 @@ param_ports: - {external_port: "443", internal_port: "443", port_desc: "WebUI"} readonly_supported: false nonroot_supported: false +# optional container parameters +opt_param_usage_include_env: true +opt_param_env_vars: + - {env_var: "DB_TYPE", env_value: "sqlite", desc: "Specify the type of database to be used (valid values: 'sqlite', 'mysql', 'pgsql') (valid only for first run)"} + - {env_var: "DB_HOST", env_value: "localhost", desc: "Set this to the database host. (valid only for first run)"} + - {env_var: "DB_NAME", env_value: "nextcloud", desc: "Set this to the database name. (valid only for first run)"} + - {env_var: "DB_USER", env_value: "nextcloud", desc: "Set this to the database user. (valid only for first run)"} + - {env_var: "DB_PASS", env_value: "", desc: "Set this to the database password. (minimum 4 characters & non-alphanumeric passwords must be properly escaped). (valid only for first run)"} + - {env_var: "ADMIN_USER", env_value: "admin", desc: "Specify the admin account name. (valid only for first run and while setting password)"} + - {env_var: "ADMIN_PASS", env_value: "", desc: "Specify the password for the nextcloud admin account. (resets password every start if set) (automated setup generates a random password if empty)"} # application setup block app_setup_block_enabled: true app_setup_block: | @@ -39,6 +49,43 @@ app_setup_block: | Note: `occ` should be run without prepending with `sudo -u abc php` or `sudo -u www-data php` ie; `docker exec -it nextcloud occ maintenance:mode --off` + ### Automated installation (optional) + + NOTE changing any of the `DB_` variables after the container has set up Nextcloud has no effect, edit the config file instead. + + NOTE if you want to use (`DB_TYPE`, `DB_HOST`, `DB_NAME`, `DB_USER`, `DB_PASS`) **all five** of these variables need to be set you cannot pick and choose. + However, you can use the defaults if they match your setup. + + This is completely optional and can be skipped. + If the `ADMIN_PASS` variable is empty, a random password will be generated while the automated installation runs. + You can find this password in the logs. + + ### Loading passwords and users from files + + All env values can be set in a file: + + ```path + /config/env + ``` + + Using the following format: + + ```env + DB_TYPE="mysql" + DB_HOST="mariadb_container_name" + DB_NAME="nextcloud" + DB_USER="nextcloud" + DB_PASS="MySuperL0ngPW" + ADMIN_PASS="MyEv3nB3tt3rPW" + ``` + + These settings can be mixed and matched with Docker ENV settings as you require, but the settings in the file will always take precedence. + + ### Resetting admin password + + The admin's password will be set on container start, if the `ADMIN_PASS` env variable is set. + This allows an easy password reset, but keep in mind that changes via Nextcloud will be overridden. + ### Updating Nextcloud Updating Nextcloud is done by pulling the new image, and recreating the container with it. @@ -145,6 +192,7 @@ init_diagram: | "nextcloud:latest" <- Base Images # changelog changelogs: + - {date: "13.09.25:", desc: "Added automated install script and maintenance."} - {date: "10.07.25:", desc: "Rebase to Alpine 3.22."} - {date: "12.02.25:", desc: "Rebase to Alpine 3.21."} - {date: "09.01.25:", desc: "Fix uploading large files. Existing users should update their nginx confs."} diff --git a/root/etc/s6-overlay/s6-rc.d/init-nextcloud-config/run b/root/etc/s6-overlay/s6-rc.d/init-nextcloud-config/run index bba0b8d1..7857d8a3 100755 --- a/root/etc/s6-overlay/s6-rc.d/init-nextcloud-config/run +++ b/root/etc/s6-overlay/s6-rc.d/init-nextcloud-config/run @@ -1,6 +1,12 @@ #!/usr/bin/with-contenv bash # shellcheck shell=bash +# load env file if it exists +if [[ -f "/config/env" ]]; then + # shellcheck source=/dev/null + source /config/env +fi + # create folders mkdir -p \ /app/www/public \ @@ -33,6 +39,20 @@ for dir in apps config themes; do fi done +# set data directory +if [[ ! -s /config/www/nextcloud/config/config.php ]]; then + touch /config/www/nextcloud/config/CAN_INSTALL + echo -e " '/data',\n);" >/config/www/nextcloud/config/config.php +elif [[ -f /config/www/nextcloud/config/config.php ]]; then + sed -i "s|/app/www/public/data|/data|g" /config/www/nextcloud/config/config.php +fi + +#modify javascript mime type and add .mjs support +if [[ -s /etc/nginx/mime.types ]]; then + sed -i 's|\bjs;|js mjs;|g' /etc/nginx/mime.types + sed -i 's|\bapplication/javascript|text/javascript|g' /etc/nginx/mime.types +fi + # get versions image_version=$(php -r "require '/app/www/src/version.php'; echo implode('.', \$OC_Version);" 2>/dev/null | xargs) installed_version=$(php -r "require '/config/www/nextcloud/config/config.php'; echo \$CONFIG['version'];" 2>/dev/null | xargs) @@ -97,10 +117,40 @@ if [[ -f /config/www/nextcloud/config/needs_migration ]] || [[ -f /tmp/needs_ins if [[ -f /config/www/nextcloud/config/needs_migration ]] || [[ -f /tmp/needs_upgrade ]]; then # Upgrade occ upgrade - else - if [[ "${installed_version}" = "0.0.0.0" ]]; then - # Install - echo "New nextcloud instance" + elif [[ -f /tmp/needs_install ]]; then + # Install + echo "New nextcloud instance" + + # Make sure all database settings are set + if [[ "${DB_HOST+x}" && "${DB_USER+x}" && "${DB_NAME+x}" && "${#DB_PASS}" -gt "3" ]] && \ + [[ "${DB_TYPE}" == "sqlite" || "${DB_TYPE}" == "pgsql" || "${DB_TYPE}" == "mysql" ]]; then + + # Generate admin password, if missing + if [[ ! "${ADMIN_PASS+x}" ]]; then + ADMIN_PASS="$(openssl rand -hex 64)" + echo "Nextcloud admin password: $ADMIN_PASS" + fi + + # Run installation process + echo "Running Nextcloud installation..." + occ maintenance:install \ + --database="${DB_TYPE}" \ + --database-host="${DB_HOST}" \ + --database-name="${DB_NAME}" \ + --database-user="${DB_USER}" \ + --database-pass="${DB_PASS}" \ + --admin-user="${ADMIN_USER:-admin}" \ + --admin-pass="${ADMIN_PASS}" \ + --data-dir=/data + + # Check return code + if [[ $? -eq 0 ]]; then + echo "Nextcloud installation successful!" + else + echo "Nextcloud installation failed!" + echo "Please run the web-based installer or check the logs." + fi + else echo "Please run the web-based installer on first connect!" fi fi @@ -132,9 +182,22 @@ if occ config:system:get installed >/dev/null 2>&1; then if ! occ config:system:get datadirectory >/dev/null 2>&1; then occ config:system:set datadirectory --value='/data' fi + if ! occ config:system:get maintenance_window_start >/dev/null 2>&1; then + occ config:system:set maintenance_window_start --value=4 --type=integer + fi if ! occ config:system:get upgrade.disable-web >/dev/null 2>&1; then occ config:system:set upgrade.disable-web --value=true --type=boolean fi + + # Set admin password + if [[ "${ADMIN_PASS+x}" ]]; then + echo "Setting admin password" + occ user:resetpassword --password-from-env "${ADMIN_USER:-admin}" + fi + + # Run maintenance steps, this also fixes warnings in the admin panel + occ db:add-missing-indices + occ maintenance:repair --include-expensive else echo "After completing the web-based installer, restart the Nextcloud container to apply default memory caching and transactional file locking configurations." echo "Alternatively, you can apply your own configurations by editing /config/www/nextcloud/config/config.php following the documentation:" @@ -161,16 +224,3 @@ for APP in richdocumentscode; do occ app:remove "${APP}" >/dev/null 2>&1 rm -rf "${APP_PATH}" done - -# set data directory -if [[ ! -s /config/www/nextcloud/config/config.php ]]; then - echo -e " '/data',\n);" >/config/www/nextcloud/config/config.php -elif [[ -f /config/www/nextcloud/config/config.php ]]; then - sed -i "s|/app/www/public/data|/data|g" /config/www/nextcloud/config/config.php -fi - -#modify javascript mime type and add .mjs support -if [[ -s /etc/nginx/mime.types ]]; then - sed -i 's|\bjs;|js mjs;|g' /etc/nginx/mime.types - sed -i 's|\bapplication/javascript|text/javascript|g' /etc/nginx/mime.types -fi diff --git a/root/usr/bin/occ b/root/usr/bin/occ index a08d55e7..b984accf 100755 --- a/root/usr/bin/occ +++ b/root/usr/bin/occ @@ -1,4 +1,5 @@ #!/usr/bin/with-contenv bash # shellcheck shell=bash -sudo -u abc -s /bin/bash -c "php /app/www/public/occ $*" +export NC_PASS=${ADMIN_PASS} +sudo -E -u abc -s /bin/bash -c "php /app/www/public/occ $*"