From da2b967a3311166b0f234374ad09d845a449e1a5 Mon Sep 17 00:00:00 2001 From: Simon L Date: Tue, 8 Nov 2022 21:38:31 +0100 Subject: [PATCH] allow to add dependencies and php extensions into the Nextcloud container Signed-off-by: Simon L --- .github/workflows/nextcloud-update.yml | 4 ++-- Containers/mastercontainer/start.sh | 16 ++++++++++++++ Containers/nextcloud/Dockerfile | 2 -- Containers/nextcloud/start.sh | 28 +++++++++++++++++++++++++ docker-compose.yml | 2 ++ manual-install/update-yaml.sh | 2 ++ php/containers.json | 4 +++- php/src/Data/ConfigurationManager.php | 14 +++++++++++++ php/src/Docker/DockerActionManager.php | 4 ++++ readme.md | 10 +++++++++ tests/QA/060-environmental-variables.md | 2 ++ 11 files changed, 83 insertions(+), 5 deletions(-) diff --git a/.github/workflows/nextcloud-update.yml b/.github/workflows/nextcloud-update.yml index aa681496..a14a11e5 100644 --- a/.github/workflows/nextcloud-update.yml +++ b/.github/workflows/nextcloud-update.yml @@ -57,8 +57,8 @@ jobs: | sort -V \ | tail -1 )" - sed -i "s|pecl install imagick.*\;|pecl install imagick-$imagick_version\;|" ./Containers/nextcloud/Dockerfile - + sed -i "s|pecl install imagick.*|pecl install imagick-$imagick_version|" ./Containers/nextcloud/start.sh + # Nextcloud NC_MAJOR="$(grep "ENV NEXTCLOUD_VERSION" ./Containers/nextcloud/Dockerfile | grep -oP '[23][0-9]')" NCVERSION=$(curl -s -m 900 https://download.nextcloud.com/server/releases/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | grep "$NC_MAJOR" | sort --version-sort | tail -1) diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh index b4333123..ba00eb0f 100644 --- a/Containers/mastercontainer/start.sh +++ b/Containers/mastercontainer/start.sh @@ -185,6 +185,22 @@ It is set to '$NEXTCLOUD_STARTUP_APPS'." exit 1 fi fi +if [ -n "$NEXTCLOUD_ADDITIONAL_APKS" ]; then + if ! echo "$NEXTCLOUD_ADDITIONAL_APKS" | grep -q "^[a-z _-]\+$"; then + echo "You've set NEXTCLOUD_ADDITIONAL_APKS but not to an allowed value. +It needs to be a string. Allowed are small letters a-z, spaces, hyphens and '_'. +It is set to '$NEXTCLOUD_ADDITIONAL_APKS'." + exit 1 + fi +fi +if [ -n "$NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS" ]; then + if ! echo "$NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS" | grep -q "^[a-z _-]\+$"; then + echo "You've set NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS but not to an allowed value. +It needs to be a string. Allowed are small letters a-z, spaces, hyphens and '_'. +It is set to '$NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS'." + exit 1 + fi +fi # Check DNS resolution # Prevents issues like https://github.com/nextcloud/all-in-one/discussions/565 diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 5bd0a4b1..a4f9e4c1 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -64,13 +64,11 @@ RUN set -ex; \ pecl install APCu-5.1.22; \ pecl install memcached-3.2.0; \ pecl install redis-5.3.7; \ - pecl install imagick-3.7.0; \ \ docker-php-ext-enable \ apcu \ memcached \ redis \ - imagick \ ; \ rm -r /tmp/pear; \ \ diff --git a/Containers/nextcloud/start.sh b/Containers/nextcloud/start.sh index 851096ab..b6a3c749 100644 --- a/Containers/nextcloud/start.sh +++ b/Containers/nextcloud/start.sh @@ -36,6 +36,34 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" ]; then fi sudo -u www-data rm -f "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" +# Install additional dependencies +if [ -n "$ADDITIONAL_APKS" ]; then + if ! [ -f "/additional-apks-are-installed" ]; then + read -ra ADDITIONAL_APKS_ARRAY <<< "$ADDITIONAL_APKS" + for app in "${ADDITIONAL_APKS_ARRAY[@]}"; do + apk add "$app" + done + fi + touch /additional-apks-are-installed +fi + +# Install additional php extensions +if [ -n "$ADDITIONAL_PHP_EXTENSIONS" ]; then + if ! [ -f "/additional-php-extensions-are-installed" ]; then + read -ra ADDITIONAL_PHP_EXTENSIONS_ARRAY <<< "$ADDITIONAL_PHP_EXTENSIONS" + for app in "${ADDITIONAL_PHP_EXTENSIONS_ARRAY[@]}"; do + if [ "$app" = imagick ]; then + pecl install imagick-3.7.0 + docker-php-ext-enable imagick + else + pecl install "$app" + docker-php-ext-enable "$app" + fi + done + fi + touch /additional-php-extensions-are-installed +fi + # Run original entrypoint if ! sudo -E -u www-data bash /entrypoint.sh; then exit 1 diff --git a/docker-compose.yml b/docker-compose.yml index 495dccee..2bccf6a1 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -30,6 +30,8 @@ services: # - NEXTCLOUD_TRUSTED_CACERTS_DIR=/path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nexcloud container (Useful e.g. for LDAPS) See See https://github.com/nextcloud/all-in-one#how-to-trust-user-defiend-certification-authorities-ca # - COLLABORA_SECCOMP_DISABLED=false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature # - NEXTCLOUD_STARTUP_APPS=twofactor_totp deck tasks calendar contacts apporder # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup + # - NEXTCLOUD_ADDITIONAL_APKS=imagick # This allows to add additional packages to the Nextcloud container permanently. + # - NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. # # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md # # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588 diff --git a/manual-install/update-yaml.sh b/manual-install/update-yaml.sh index 70c3a2e5..50f60fd2 100644 --- a/manual-install/update-yaml.sh +++ b/manual-install/update-yaml.sh @@ -77,6 +77,8 @@ sed -i 's|NEXTCLOUD_PASSWORD=|NEXTCLOUD_PASSWORD= # TODO! This is the p sed -i 's|TIMEZONE=|TIMEZONE=Europe/Berlin # TODO! This is the timezone that your containers will use.|' sample.conf sed -i 's|COLLABORA_SECCOMP_POLICY=|COLLABORA_SECCOMP_POLICY=--o:security.seccomp=true # Changing the value to false allows to disable the seccomp feature of the Collabora container.|' sample.conf sed -i 's|NEXTCLOUD_STARTUP_APPS=|NEXTCLOUD_STARTUP_APPS=twofactor_totp deck tasks calendar contacts apporder # Allows to modify the Nextcloud apps that are installed on starting AIO the first time|' sample.conf +sed -i 's|NEXTCLOUD_ADDITIONAL_APKS=|NEXTCLOUD_ADDITIONAL_APKS=imagick # This allows to add additional packages to the Nextcloud container permanently.|' sample.conf +sed -i 's|NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=|NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value.|' sample.conf sed -i 's|=$|= # TODO! This needs to be a unique and good password!|' sample.conf cat sample.conf diff --git a/php/containers.json b/php/containers.json index a7437487..9412ed63 100644 --- a/php/containers.json +++ b/php/containers.json @@ -158,7 +158,9 @@ "FULLTEXTSEARCH_HOST=nextcloud-aio-fulltextsearch", "PHP_MAX_TIME=%NEXTCLOUD_MAX_TIME%", "TRUSTED_CACERTS_DIR=%NEXTCLOUD_TRUSTED_CACERTS_DIR%", - "STARTUP_APPS=%NEXTCLOUD_STARTUP_APPS%" + "STARTUP_APPS=%NEXTCLOUD_STARTUP_APPS%", + "ADDITIONAL_APKS=%NEXTCLOUD_ADDITIONAL_APKS%", + "ADDITIONAL_PHP_EXTENSIONS=%NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS%" ], "maxShutdownTime": 10, "restartPolicy": "unless-stopped" diff --git a/php/src/Data/ConfigurationManager.php b/php/src/Data/ConfigurationManager.php index cc8babb1..fb0a986a 100644 --- a/php/src/Data/ConfigurationManager.php +++ b/php/src/Data/ConfigurationManager.php @@ -561,6 +561,20 @@ class ConfigurationManager return $this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue); } + public function GetNextcloudAdditionalApks() : string { + $envVariableName = 'NEXTCLOUD_ADDITIONAL_APKS'; + $configName = 'nextcloud_additional_apks'; + $defaultValue = ''; + return trim($this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue)); + } + + public function GetNextcloudAdditionalPhpExtensions() : string { + $envVariableName = 'NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS'; + $configName = 'nextcloud_additional_php_extensions'; + $defaultValue = 'imagick'; + return trim($this->GetEnvironmentalVariableOrConfig($envVariableName, $configName, $defaultValue)); + } + public function GetCollaboraSeccompPolicy() : string { $defaultString = '--o:security.seccomp='; if ($this->GetCollaboraSeccompDisabledState() !== 'true') { diff --git a/php/src/Docker/DockerActionManager.php b/php/src/Docker/DockerActionManager.php index 3debf73e..0377cd26 100644 --- a/php/src/Docker/DockerActionManager.php +++ b/php/src/Docker/DockerActionManager.php @@ -332,6 +332,10 @@ class DockerActionManager $replacements[1] = $this->configurationManager->GetCollaboraSeccompPolicy(); } elseif ($out[1] === '%NEXTCLOUD_STARTUP_APPS%') { $replacements[1] = $this->configurationManager->GetNextcloudStartupApps(); + } elseif ($out[1] === '%NEXTCLOUD_ADDITIONAL_APKS%') { + $replacements[1] = $this->configurationManager->GetNextcloudAdditionalApks(); + } elseif ($out[1] === '%NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS%') { + $replacements[1] = $this->configurationManager->GetNextcloudAdditionalPhpExtensions(); } else { $replacements[1] = $this->configurationManager->GetSecret($out[1]); } diff --git a/readme.md b/readme.md index ff6d9b33..2d6867e1 100644 --- a/readme.md +++ b/readme.md @@ -467,6 +467,16 @@ You can run AIO also with docker rootless. How to do this is documented here: [d ### How to change the Nextcloud apps that are installed on the first startup? You might want to adjust the Nextcloud apps that are installed upon the first startup of the Nextcloud container. You can do so by adding `-e NEXTCLOUD_STARTUP_APPS=twofactor_totp deck tasks calendar contacts apporder` to the docker run command of the mastercontainer and customize the value to your fitting. It must be a string with small letters a-z, spaces and hyphens or '_'. +### How to add packets permanently to the Nextcloud container? +Some Nextcloud apps require additional external dependencies that must be bundled within Nextcloud container in order to work correctly. As we cannot put each and every dependency for all apps into the container - as this would make the project very fast unmaintainable - there is an official way how you can add additional dependencies into the Nextcloud container. However note that doing this is not recommended since we do not test Nextcloud apps that require external dependencies. + +You can do so by adding `-e NEXTCLOUD_ADDITIONAL_APKS=dependency1 dependency2` to the docker run command of the mastercontainer and customize the value to your fitting. It must be a string with small letters a-z, spaces and hyphens or '_'. You can find available packages here: https://pkgs.alpinelinux.org/packages?name=&branch=v3.16&repo=&arch=&maintainer= + +### How to add PHP extensions permanently to the Nextcloud container? +Some Nextcloud apps require additional php extensions that must be bundled within Nextcloud container in order to work correctly. As we cannot put each and every dependency for all apps into the container - as this would make the project very fast unmaintainable - there is an official way how you can add additional php extensions into the Nextcloud container. However note that doing this is not recommended since we do not test Nextcloud apps that require additional php extensions. + +You can do so by adding `-e NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=imagick extension1 extension2` to the docker run command of the mastercontainer and customize the value to your fitting. It must be a string with small letters a-z, spaces and hyphens or '_'. You can find available extensions here: https://pecl.php.net/packages.php. By default added is `imagick`. If you want to keep that, you need to specify it as well. + ### Huge docker logs When your containers run for a few days without a restart, the container logs that you can view from the AIO interface can get really huge. You can limit the loge sizes by enabling logrotate for docker container logs. Feel free to enable this by following those instructions: https://sandro-keil.de/blog/logrotate-for-docker-container/ diff --git a/tests/QA/060-environmental-variables.md b/tests/QA/060-environmental-variables.md index 6adb70e7..0b8e70a9 100644 --- a/tests/QA/060-environmental-variables.md +++ b/tests/QA/060-environmental-variables.md @@ -16,5 +16,7 @@ See https://github.com/nextcloud/all-in-one#how-to-trust-user-defiend-certification-authorities-ca - [ ] When starting the mastercontainer with `-e COLLABORA_SECCOMP_DISABLED=true`, the resulting collabora container should have `--o:security.seccomp=false` applied to it. - [ ] When starting the mastercontainer with `-e NEXTCLOUD_STARTUP_APPS=deck`, the resulting Nextcloud should have only installed the deck app and not the other apps that get installed by default. Default are `twofactor_totp deck tasks calendar contacts apporder`. +- [ ] When starting the mastercontainer with `-e NEXTCLOUD_ADDITIONAL_APKS=zip`, the resulting Nextcloud container should have the zip package installed. +- [ ] When starting the mastercontainer with `-e NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS=inotify`, the resulting Nextcloud container should have the inotify extension installed and not the imagick extension. You can now continue with [070-timezone-change.md](./070-timezone-change.md)