diff --git a/manual-install/latest.yml b/manual-install/latest.yml index e5d876ca12d..03132847cf9 100644 --- a/manual-install/latest.yml +++ b/manual-install/latest.yml @@ -25,15 +25,15 @@ services: - ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/tcp - ${APACHE_IP_BINDING}:${APACHE_PORT}:${APACHE_PORT}/udp environment: - - NC_DOMAIN=${NC_DOMAIN} + - NC_DOMAIN - NEXTCLOUD_HOST=nextcloud-aio-nextcloud - APACHE_HOST=nextcloud-aio-apache - COLLABORA_HOST=nextcloud-aio-collabora - TALK_HOST=nextcloud-aio-talk - - APACHE_PORT=${APACHE_PORT} + - APACHE_PORT - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice - TZ=${TIMEZONE} - - APACHE_MAX_SIZE=${APACHE_MAX_SIZE} + - APACHE_MAX_SIZE - APACHE_MAX_TIME=${NEXTCLOUD_MAX_TIME} - NOTIFY_PUSH_HOST=nextcloud-aio-notify-push - WHITEBOARD_HOST=nextcloud-aio-whiteboard @@ -41,8 +41,6 @@ services: - nextcloud_aio_nextcloud:/var/www/html:ro - nextcloud_aio_apache:/mnt/data:rw restart: unless-stopped - networks: - - nextcloud-aio read_only: true tmpfs: - /var/log/supervisord @@ -70,8 +68,6 @@ services: stop_grace_period: 1800s restart: unless-stopped shm_size: 268435456 - networks: - - nextcloud-aio read_only: true tmpfs: - /var/run/postgresql @@ -116,52 +112,50 @@ services: - POSTGRES_USER=nextcloud - REDIS_HOST=nextcloud-aio-redis - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} - - NC_DOMAIN=${NC_DOMAIN} + - NC_DOMAIN - ADMIN_USER=admin - ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD} - NEXTCLOUD_DATA_DIR=/mnt/ncdata - OVERWRITEHOST=${NC_DOMAIN} - OVERWRITEPROTOCOL=https - - TURN_SECRET=${TURN_SECRET} - - SIGNALING_SECRET=${SIGNALING_SECRET} - - ONLYOFFICE_SECRET=${ONLYOFFICE_SECRET} - - NEXTCLOUD_MOUNT=${NEXTCLOUD_MOUNT} - - CLAMAV_ENABLED=${CLAMAV_ENABLED} + - TURN_SECRET + - SIGNALING_SECRET + - ONLYOFFICE_SECRET + - NEXTCLOUD_MOUNT + - CLAMAV_ENABLED - CLAMAV_HOST=nextcloud-aio-clamav - - ONLYOFFICE_ENABLED=${ONLYOFFICE_ENABLED} - - COLLABORA_ENABLED=${COLLABORA_ENABLED} + - ONLYOFFICE_ENABLED + - COLLABORA_ENABLED - COLLABORA_HOST=nextcloud-aio-collabora - - TALK_ENABLED=${TALK_ENABLED} + - TALK_ENABLED - ONLYOFFICE_HOST=nextcloud-aio-onlyoffice - - UPDATE_NEXTCLOUD_APPS=${UPDATE_NEXTCLOUD_APPS} + - UPDATE_NEXTCLOUD_APPS - TZ=${TIMEZONE} - - TALK_PORT=${TALK_PORT} - - IMAGINARY_ENABLED=${IMAGINARY_ENABLED} + - TALK_PORT + - IMAGINARY_ENABLED - IMAGINARY_HOST=nextcloud-aio-imaginary - CLAMAV_MAX_SIZE=${APACHE_MAX_SIZE} - PHP_UPLOAD_LIMIT=${NEXTCLOUD_UPLOAD_LIMIT} - PHP_MEMORY_LIMIT=${NEXTCLOUD_MEMORY_LIMIT} - - FULLTEXTSEARCH_ENABLED=${FULLTEXTSEARCH_ENABLED} + - FULLTEXTSEARCH_ENABLED - FULLTEXTSEARCH_HOST=nextcloud-aio-fulltextsearch - PHP_MAX_TIME=${NEXTCLOUD_MAX_TIME} - TRUSTED_CACERTS_DIR=${NEXTCLOUD_TRUSTED_CACERTS_DIR} - STARTUP_APPS=${NEXTCLOUD_STARTUP_APPS} - ADDITIONAL_APKS=${NEXTCLOUD_ADDITIONAL_APKS} - ADDITIONAL_PHP_EXTENSIONS=${NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS} - - INSTALL_LATEST_MAJOR=${INSTALL_LATEST_MAJOR} - - TALK_RECORDING_ENABLED=${TALK_RECORDING_ENABLED} - - RECORDING_SECRET=${RECORDING_SECRET} + - INSTALL_LATEST_MAJOR + - TALK_RECORDING_ENABLED + - RECORDING_SECRET - TALK_RECORDING_HOST=nextcloud-aio-talk-recording - - FULLTEXTSEARCH_PASSWORD=${FULLTEXTSEARCH_PASSWORD} - - REMOVE_DISABLED_APPS=${REMOVE_DISABLED_APPS} - - APACHE_PORT=${APACHE_PORT} - - IMAGINARY_SECRET=${IMAGINARY_SECRET} - - WHITEBOARD_SECRET=${WHITEBOARD_SECRET} - - WHITEBOARD_ENABLED=${WHITEBOARD_ENABLED} + - FULLTEXTSEARCH_PASSWORD + - REMOVE_DISABLED_APPS + - APACHE_PORT + - IMAGINARY_SECRET + - WHITEBOARD_SECRET + - WHITEBOARD_ENABLED stop_grace_period: 600s restart: unless-stopped - networks: - - nextcloud-aio cap_drop: - NET_RAW @@ -173,7 +167,7 @@ services: volumes: - nextcloud_aio_nextcloud:/nextcloud:ro environment: - - NC_DOMAIN=${NC_DOMAIN} + - NC_DOMAIN - NEXTCLOUD_HOST=nextcloud-aio-nextcloud - REDIS_HOST=nextcloud-aio-redis - REDIS_HOST_PASSWORD=${REDIS_PASSWORD} @@ -183,8 +177,6 @@ services: - POSTGRES_DB=nextcloud_database - POSTGRES_USER=nextcloud restart: unless-stopped - networks: - - nextcloud-aio read_only: true cap_drop: - NET_RAW @@ -200,8 +192,6 @@ services: volumes: - nextcloud_aio_redis:/data:rw restart: unless-stopped - networks: - - nextcloud-aio read_only: true cap_drop: - NET_RAW @@ -221,8 +211,6 @@ services: restart: unless-stopped profiles: - collabora - networks: - - nextcloud-aio cap_add: - MKNOD - SYS_ADMIN @@ -238,19 +226,17 @@ services: expose: - "8081" environment: - - NC_DOMAIN=${NC_DOMAIN} + - NC_DOMAIN - TALK_HOST=nextcloud-aio-talk - - TURN_SECRET=${TURN_SECRET} - - SIGNALING_SECRET=${SIGNALING_SECRET} + - TURN_SECRET + - SIGNALING_SECRET - TZ=${TIMEZONE} - - TALK_PORT=${TALK_PORT} + - TALK_PORT - INTERNAL_SECRET=${TALK_INTERNAL_SECRET} restart: unless-stopped profiles: - talk - talk-recording - networks: - - nextcloud-aio read_only: true tmpfs: - /var/log/supervisord @@ -267,16 +253,14 @@ services: expose: - "1234" environment: - - NC_DOMAIN=${NC_DOMAIN} + - NC_DOMAIN - TZ=${TIMEZONE} - - RECORDING_SECRET=${RECORDING_SECRET} + - RECORDING_SECRET - INTERNAL_SECRET=${TALK_INTERNAL_SECRET} shm_size: 2147483648 restart: unless-stopped profiles: - talk-recording - networks: - - nextcloud-aio read_only: true tmpfs: - /tmp @@ -298,8 +282,6 @@ services: restart: unless-stopped profiles: - clamav - networks: - - nextcloud-aio read_only: true tmpfs: - /var/lock @@ -323,8 +305,6 @@ services: restart: unless-stopped profiles: - onlyoffice - networks: - - nextcloud-aio cap_drop: - NET_RAW @@ -335,7 +315,7 @@ services: - "9000" environment: - TZ=${TIMEZONE} - - IMAGINARY_SECRET=${IMAGINARY_SECRET} + - IMAGINARY_SECRET restart: unless-stopped cap_add: - SYS_NICE @@ -343,8 +323,6 @@ services: - NET_RAW profiles: - imaginary - networks: - - nextcloud-aio read_only: true tmpfs: - /tmp @@ -364,14 +342,12 @@ services: - http.port=9200 - xpack.license.self_generated.type=basic - xpack.security.enabled=false - - FULLTEXTSEARCH_PASSWORD=${FULLTEXTSEARCH_PASSWORD} + - FULLTEXTSEARCH_PASSWORD volumes: - nextcloud_aio_elasticsearch:/usr/share/elasticsearch/data:rw restart: unless-stopped profiles: - fulltextsearch - networks: - - nextcloud-aio cap_drop: - NET_RAW @@ -391,8 +367,6 @@ services: profiles: - whiteboard read_only: true - networks: - - nextcloud-aio cap_drop: - NET_RAW @@ -417,5 +391,5 @@ volumes: name: nextcloud_aio_nextcloud_data networks: - nextcloud-aio: - name: nextcloud-aio + default: + driver: bridge diff --git a/manual-install/update-yaml.sh b/manual-install/update-yaml.sh index d8bb0cc21af..e712304c6d9 100644 --- a/manual-install/update-yaml.sh +++ b/manual-install/update-yaml.sh @@ -1,6 +1,6 @@ -#!/bin/bash +#!/bin/bash -ex -set -ex +type {jq,sudo} || { echo "Commands not found. Please install them"; exit 127; } jq -c . ./php/containers.json > /tmp/containers.json sed -i 's|aio_services_v1|services|g' /tmp/containers.json @@ -18,6 +18,7 @@ OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].devices)')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].backup_volumes)')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].nextcloud_exec_commands)')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].image_tag)')" +OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[].networks)')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-watchtower"))')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-domaincheck"))')" OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "nextcloud-aio-borgbackup"))')" @@ -25,7 +26,7 @@ OUTPUT="$(echo "$OUTPUT" | jq 'del(.services[] | select(.container_name == "next OUTPUT="$(echo "$OUTPUT" | jq '.services[] |= if has("depends_on") then .depends_on |= if contains(["nextcloud-aio-docker-socket-proxy"]) then del(.[index("nextcloud-aio-docker-socket-proxy")]) else . end else . end')" OUTPUT="$(echo "$OUTPUT" | jq '.services[] |= if has("depends_on") then .depends_on |= map({ (.): { "condition": "service_started", "required": false } }) else . end' | jq '.services[] |= if has("depends_on") then .depends_on |= reduce .[] as $item ({}; . + $item) else . end')" -snap install yq +sudo snap install yq mkdir -p ./manual-install echo "$OUTPUT" | yq -P > ./manual-install/containers.yml @@ -139,13 +140,12 @@ done cat << NETWORK >> containers.yml networks: - nextcloud-aio: - name: nextcloud-aio + default: + driver: bridge NETWORK -cat containers.yml > latest.yml +mv containers.yml latest.yml sed -i "/image:/s/$/:latest/" latest.yml - -rm containers.yml +sed -i 's/\( *- \(\w*\)\)=\${\2\}/\1/' latest.yml set +ex diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index 9267ab07a19..9200cc3a335 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -1,9 +1,11 @@ #!/bin/bash +[ -z "$1" ] && { echo "Error: Docker tag is not specified. Usage: ./nextcloud-aio-helm-chart/update-helm.sh "; exit 2; } + DOCKER_TAG="$1" # The logic needs the files in ./helm-chart -mv ./nextcloud-aio-helm-chart ./helm-chart +cp -r ./nextcloud-aio-helm-chart ./helm-chart # Clean rm -f ./helm-chart/values.yaml @@ -15,13 +17,15 @@ chmod +x kompose sudo mv ./kompose /usr/local/bin/kompose # Install yq -snap install yq +sudo snap install yq set -ex # Conversion of docker-compose cd manual-install cp latest.yml latest.yml.backup + +sed -i -E '/^( *- )(NET_RAW|SYS_NICE|MKNOD|SYS_ADMIN)$/!s/( *- )([A-Z_]+)$/\1\2=${\2}/' latest.yml cp sample.conf /tmp/ sed -i 's|^|export |' /tmp/sample.conf # shellcheck disable=SC1091 @@ -41,8 +45,7 @@ sed -i "/NEXTCLOUD_DATADIR/d" latest.yml sed -i "/\${NEXTCLOUD_MOUNT}/d" latest.yml sed -i "/^volumes:/a\ \ nextcloud_aio_nextcloud_trusted_cacerts:\n \ \ \ \ name: nextcloud_aio_nextcloud_trusted_cacerts" latest.yml sed -i "s|\${NEXTCLOUD_TRUSTED_CACERTS_DIR}:|nextcloud_aio_nextcloud_trusted_cacerts:|g#" latest.yml -sed -i 's|\${|{{ .Values.|g' latest.yml -sed -i 's|}| }}|g' latest.yml +sed -i 's/\${/{{ .Values./g; s/}/ }}/g' latest.yml yq -i 'del(.services.[].profiles)' latest.yml # Delete read_only and tmpfs setting while https://github.com/kubernetes/kubernetes/issues/48912 is not fixed yq -i 'del(.services.[].read_only)' latest.yml