nextcloud/all-in-one
1
1
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-01-01 11:32:27 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #4159 from nextcloud/revert-4157-revert-4151-enh/4150/add-trusted-domain

Browse source 
Revert "Temporarily revert "helm chart - allow to add additional trusted domain""
This commit is contained in:
Simon L 2024-02-01 14:00:40 +01:00 committed by GitHub
commit 84ab32dd44
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 28 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Containers/apache/Caddyfile
View file

@ -14,6 +14,7 @@
} }
} }
https://{$ADDITIONAL_TRUSTED_DOMAIN}:443,
{$PROTOCOL}://{$NC_DOMAIN}:{$APACHE_PORT} { {$PROTOCOL}://{$NC_DOMAIN}:{$APACHE_PORT} {
# Collabora # Collabora

6
Containers/apache/start.sh
View file

@ -51,6 +51,12 @@ else
fi fi
echo "$CADDYFILE" > /tmp/Caddyfile echo "$CADDYFILE" > /tmp/Caddyfile
# Remove additional domain if not given
if [ -z "$ADDITIONAL_TRUSTED_DOMAIN" ]; then
CADDYFILE="$(sed '/ADDITIONAL_TRUSTED_DOMAIN/d' /tmp/Caddyfile)"
fi
echo "$CADDYFILE" > /tmp/Caddyfile
# Fix the Caddyfile format # Fix the Caddyfile format
caddy fmt --overwrite /tmp/Caddyfile caddy fmt --overwrite /tmp/Caddyfile

3
Containers/nextcloud/entrypoint.sh
View file

@ -528,6 +528,9 @@ php /var/www/html/occ config:system:set trusted_proxies 1 --value="::1"
if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then
php /var/www/html/occ config:system:set trusted_proxies 2 --value="$ADDITIONAL_TRUSTED_PROXY" php /var/www/html/occ config:system:set trusted_proxies 2 --value="$ADDITIONAL_TRUSTED_PROXY"
fi fi
if [ -n "$ADDITIONAL_TRUSTED_DOMAIN" ]; then
php /var/www/html/occ config:system:set trusted_domains 2 --value="$ADDITIONAL_TRUSTED_DOMAIN"
fi
php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push" php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push"
# Collabora # Collabora

2
nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml
View file

@ -37,6 +37,8 @@ spec:
mountPath: /nextcloud-aio-nextcloud mountPath: /nextcloud-aio-nextcloud
containers: containers:
- env: - env:
- name: ADDITIONAL_TRUSTED_DOMAIN
value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
- name: APACHE_MAX_SIZE - name: APACHE_MAX_SIZE
value: "{{ .Values.APACHE_MAX_SIZE }}" value: "{{ .Values.APACHE_MAX_SIZE }}"
- name: APACHE_MAX_TIME - name: APACHE_MAX_TIME

4
nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
View file

@ -70,6 +70,8 @@ spec:
value: "{{ .Values.APPS_ALLOWLIST }}" value: "{{ .Values.APPS_ALLOWLIST }}"
- name: ADDITIONAL_TRUSTED_PROXY - name: ADDITIONAL_TRUSTED_PROXY
value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}" value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}"
- name: ADDITIONAL_TRUSTED_DOMAIN
value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
- name: SERVERINFO_TOKEN - name: SERVERINFO_TOKEN
value: "{{ .Values.SERVERINFO_TOKEN }}" value: "{{ .Values.SERVERINFO_TOKEN }}"
- name: ADDITIONAL_APKS - name: ADDITIONAL_APKS
@ -112,8 +114,6 @@ spec:
value: nextcloud-aio-onlyoffice value: nextcloud-aio-onlyoffice
- name: ONLYOFFICE_SECRET - name: ONLYOFFICE_SECRET
value: "{{ .Values.ONLYOFFICE_SECRET }}" value: "{{ .Values.ONLYOFFICE_SECRET }}"
- name: OVERWRITEHOST
value: "{{ .Values.NC_DOMAIN }}"
- name: OVERWRITEPROTOCOL - name: OVERWRITEPROTOCOL
value: https value: https
- name: PHP_MAX_TIME - name: PHP_MAX_TIME

13
nextcloud-aio-helm-chart/update-helm.sh
View file

@ -27,6 +27,7 @@ sed -i 's|^|export |' /tmp/sample.conf
# shellcheck disable=SC1091 # shellcheck disable=SC1091
source /tmp/sample.conf source /tmp/sample.conf
rm /tmp/sample.conf rm /tmp/sample.conf
sed -i '/OVERWRITEHOST/d' latest.yml
sed -i "s|:latest$|:$DOCKER_TAG-latest|" latest.yml sed -i "s|:latest$|:$DOCKER_TAG-latest|" latest.yml
sed -i "s|\${APACHE_IP_BINDING}:||" latest.yml sed -i "s|\${APACHE_IP_BINDING}:||" latest.yml
sed -i '/APACHE_IP_BINDING/d' latest.yml sed -i '/APACHE_IP_BINDING/d' latest.yml
@ -255,12 +256,23 @@ cat << EOL > /tmp/additional.config
value: "{{ .Values.APPS_ALLOWLIST }}" value: "{{ .Values.APPS_ALLOWLIST }}"
- name: ADDITIONAL_TRUSTED_PROXY - name: ADDITIONAL_TRUSTED_PROXY
value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}" value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}"
- name: ADDITIONAL_TRUSTED_DOMAIN
value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
- name: SERVERINFO_TOKEN - name: SERVERINFO_TOKEN
value: "{{ .Values.SERVERINFO_TOKEN }}" value: "{{ .Values.SERVERINFO_TOKEN }}"
EOL EOL
# shellcheck disable=SC1083 # shellcheck disable=SC1083
find ./ -name '*nextcloud-deployment.yaml' -exec sed -i "/^.*\- env:/r /tmp/additional.config" \{} \; find ./ -name '*nextcloud-deployment.yaml' -exec sed -i "/^.*\- env:/r /tmp/additional.config" \{} \;
# Additional config
cat << EOL > /tmp/additional-apache.config
- name: ADDITIONAL_TRUSTED_DOMAIN
value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
EOL
# shellcheck disable=SC1083
find ./ -name '*apache-deployment.yaml' -exec sed -i "/^.*\- env:/r /tmp/additional-apache.config" \{} \;
cd ../ cd ../
mkdir -p ../helm-chart/ mkdir -p ../helm-chart/
rm latest/Chart.yaml rm latest/Chart.yaml
@ -305,6 +317,7 @@ SUBSCRIPTION_KEY: # This allows to set the Nextcloud Enterprise key via E
SERVERINFO_TOKEN: # This allows to set the serverinfo app token for monitoring your Nextcloud via the serverinfo app SERVERINFO_TOKEN: # This allows to set the serverinfo app token for monitoring your Nextcloud via the serverinfo app
APPS_ALLOWLIST: # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments' APPS_ALLOWLIST: # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments'
ADDITIONAL_TRUSTED_PROXY: # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here. ADDITIONAL_TRUSTED_PROXY: # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here.
ADDITIONAL_TRUSTED_DOMAIN: # Allows to add one domain to Nextcloud's trusted domains and also generates a certificate automatically for it
SMTP_HOST: # (empty by default): The hostname of the SMTP server. SMTP_HOST: # (empty by default): The hostname of the SMTP server.
SMTP_SECURE: # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS. SMTP_SECURE: # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS.
SMTP_PORT: # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS. SMTP_PORT: # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS.

1
nextcloud-aio-helm-chart/values.yaml
View file

@ -51,6 +51,7 @@ SUBSCRIPTION_KEY: # This allows to set the Nextcloud Enterprise key via E
SERVERINFO_TOKEN: # This allows to set the serverinfo app token for monitoring your Nextcloud via the serverinfo app SERVERINFO_TOKEN: # This allows to set the serverinfo app token for monitoring your Nextcloud via the serverinfo app
APPS_ALLOWLIST: # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments' APPS_ALLOWLIST: # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments'
ADDITIONAL_TRUSTED_PROXY: # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here. ADDITIONAL_TRUSTED_PROXY: # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here.
ADDITIONAL_TRUSTED_DOMAIN: # Allows to add one domain to Nextcloud's trusted domains and also generates a certificate automatically for it
SMTP_HOST: # (empty by default): The hostname of the SMTP server. SMTP_HOST: # (empty by default): The hostname of the SMTP server.
SMTP_SECURE: # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS. SMTP_SECURE: # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS.
SMTP_PORT: # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS. SMTP_PORT: # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS.