External-Mirrors/nextcloudpi
2
0
Fork 0
mirror of https://github.com/nextcloud/nextcloudpi.git synced 2026-01-10 15:12:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

docker: fixes in build process for NC13 version

Browse Source
This commit is contained in:
nachoparker 2018-02-08 14:11:15 +01:00
parent fc0d3f96f2
commit 07b38cb240
7 changed files with 73 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
changelog.md
View File

@ -1,9 +1,11 @@
[v0.46.3](https://github.com/nextcloud/nextcloudpi/commit/865d622) (2018-02-07) unattended upgrades: fix unattended upgrades not working because of modified files [v0.46.4 ](https://github.com/nextcloud/nextcloudpi/commit/ae79b42) (2018-02-08) do not rely on pings, just return value of operations
[v0.46.2 ](https://github.com/nextcloud/nextcloudpi/commit/1615589) (2018-02-07) modsecurity: turn off logging, its too spammy for ramlogs [v0.46.3](https://github.com/nextcloud/nextcloudpi/commit/4c12769) (2018-02-07) unattended upgrades: fix unattended upgrades not working because of modified files
[v0.46.1, master](https://github.com/nextcloud/nextcloudpi/commit/fe57d03) (2018-02-07) ping to 4.4.4.2 because google is blocked in china [v0.46.2 ](https://github.com/nextcloud/nextcloudpi/commit/e649f47) (2018-02-07) modsecurity: turn off logging, its too spammy for ramlogs
[v0.46.1 ](https://github.com/nextcloud/nextcloudpi/commit/bf45b30) (2018-02-07) ping to 4.2.2.2 because google is blocked in china
[v0.46.0 ](https://github.com/nextcloud/nextcloudpi/commit/4c9dab6) (2018-02-06) update to NC 13.0.0 [v0.46.0 ](https://github.com/nextcloud/nextcloudpi/commit/4c9dab6) (2018-02-06) update to NC 13.0.0

30
docker-armhf/nextcloudpi/Dockerfile
View File

@ -9,6 +9,7 @@ ENV DOCKERBUILD 1
COPY nextcloudpi.sh /usr/local/etc/ COPY nextcloudpi.sh /usr/local/etc/
RUN \ RUN \
# mark as image build # mark as image build
touch /.ncp-image; \ touch /.ncp-image; \
@ -34,7 +35,34 @@ rm -r /var/www/ncp-web/wizard; \
# cleanup all NCP extras # cleanup all NCP extras
source /usr/local/etc/library.sh; \ source /usr/local/etc/library.sh; \
cd /usr/local/etc/nextcloudpi-config.d/; \ cd /usr/local/etc/nextcloudpi-config.d/; \
for script in *.sh; do cleanup_script $script done; \ for script in *.sh; do cleanup_script $script; done; \
apt-get purge -y \
make \
git \
binutils \
cpp \
cpp-6 \
gcc \
gcc-6 \
libasan3 \
libaugeas0 \
libc-dev-bin \
libc6-dev \
libcc1-0 \
libexpat1-dev \
libffi-dev \
libgcc-6-dev \
libgomp1 \
libisl15 \
libmpc3 \
libubsan0 \
linux-libc-dev \
python-virtualenv \
python-pkg-resources \
python3-pkg-resources \
python3-virtualenv \
virtualenv; \
# package clean up # package clean up
apt-get autoremove -y; \ apt-get autoremove -y; \

15
docker/nextcloudpi/Dockerfile
View File

@ -9,6 +9,7 @@ ENV DOCKERBUILD 1
COPY nextcloudpi.sh /usr/local/etc/ COPY nextcloudpi.sh /usr/local/etc/
RUN \ RUN \
# mark as image build # mark as image build
touch /.ncp-image; \ touch /.ncp-image; \
@ -31,11 +32,15 @@ rm /.ncp-image; \
# remove wizard for now # remove wizard for now
rm -r /var/www/ncp-web/wizard; \ rm -r /var/www/ncp-web/wizard; \
# cleanup all NCP extras
source /usr/local/etc/library.sh; \
cd /usr/local/etc/nextcloudpi-config.d/; \
for script in *.sh; do cleanup_script $script; done; \
# letsencrypt build artifacts cleanup # letsencrypt build artifacts cleanup
apt-get purge -y \ apt-get purge -y \
make \ make \
git \ git \
augeas-lenses \
binutils \ binutils \
cpp \ cpp \
cpp-6 \ cpp-6 \
@ -56,21 +61,15 @@ apt-get purge -y \
liblsan0 \ liblsan0 \
libmpc3 \ libmpc3 \
libmpx2 \ libmpx2 \
libpython-dev \
libpython2.7-dev \
libquadmath0 \ libquadmath0 \
libssl-dev \
libtsan0 \ libtsan0 \
libubsan0 \ libubsan0 \
linux-libc-dev \ linux-libc-dev \
python-dev \
python-virtualenv \ python-virtualenv \
python2.7-dev \
python-pkg-resources \ python-pkg-resources \
python3-pkg-resources \ python3-pkg-resources \
python3-virtualenv \ python3-virtualenv \
virtualenv \ virtualenv; \
python-pip-whl; \
# package clean up # package clean up
apt-get autoremove -y; \ apt-get autoremove -y; \

22
etc/nextcloudpi-config.d/nc-init.sh
View File

@ -43,7 +43,8 @@ configure()
mysqld & mysqld &
fi fi
pgrep -x mysqld &>/dev/null || { echo "mariaDB process not found"; return 1; } pgrep -x mysqld &>/dev/null || {
echo "mariaDB process not found. Waiting..."
# wait for mariadb # wait for mariadb
# TODO FIXME armbian build # TODO FIXME armbian build
@ -51,7 +52,8 @@ configure()
#[[ -S /run/mysqld/mysqld.sock ]] && break #[[ -S /run/mysqld/mysqld.sock ]] && break
#sleep 0.5 #sleep 0.5
#done #done
sleep 10 sleep 10
}
# workaround to emulate DROP USER IF EXISTS ..;) # workaround to emulate DROP USER IF EXISTS ..;)
local DBPASSWD=$( grep password /root/.my.cnf | cut -d= -f2 ) local DBPASSWD=$( grep password /root/.my.cnf | cut -d= -f2 )
@ -112,7 +114,9 @@ EOF
sudo -u www-data php occ config:system:set mysql.utf8mb4 --type boolean --value="true" sudo -u www-data php occ config:system:set mysql.utf8mb4 --type boolean --value="true"
# Default trusted domain ( only from nextcloudpi-config ) # Default trusted domain ( only from nextcloudpi-config )
test -f /.ncp-image || bash /usr/local/bin/nextcloud-domain.sh test -f /usr/local/bin/nextcloud-domain.sh && {
test -f /.ncp-image || bash /usr/local/bin/nextcloud-domain.sh
}
sudo -u www-data php occ config:system:set trusted_domains 5 --value="nextcloudpi.local" sudo -u www-data php occ config:system:set trusted_domains 5 --value="nextcloudpi.local"
# email # email
@ -122,11 +126,13 @@ EOF
sudo -u www-data php occ config:system:set mail_domain --value="ownyourbits.com" sudo -u www-data php occ config:system:set mail_domain --value="ownyourbits.com"
# NCP theme # NCP theme
local ID=$( grep instanceid config/config.php | awk -F "=> " '{ print $2 }' | sed "s|[,']||g" ) [[ -e /usr/local/etc/logo ]] && {
[[ "$ID" == "" ]] && { echo "failed to get ID"; return 1; } local ID=$( grep instanceid config/config.php | awk -F "=> " '{ print $2 }' | sed "s|[,']||g" )
mkdir -p data/appdata_${ID}/theming/images [[ "$ID" == "" ]] && { echo "failed to get ID"; return 1; }
cp /usr/local/etc/logo /usr/local/etc/background data/appdata_${ID}/theming/images mkdir -p data/appdata_${ID}/theming/images
chown -R www-data:www-data data/appdata_${ID} cp /usr/local/etc/logo /usr/local/etc/background data/appdata_${ID}/theming/images
chown -R www-data:www-data data/appdata_${ID}
}
mysql nextcloud <<EOF mysql nextcloud <<EOF
replace into oc_appconfig values ( 'theming', 'name' , "NextCloudPi" ); replace into oc_appconfig values ( 'theming', 'name' , "NextCloudPi" );

2
lamp.sh
View File

@ -29,7 +29,7 @@ install()
# INSTALL # INSTALL
########################################## ##########################################
$APTINSTALL apt-utils $APTINSTALL apt-utils openssl
$APTINSTALL cron $APTINSTALL cron
$APTINSTALL apache2 $APTINSTALL apache2
$APTINSTALL php7.0 php7.0-curl php7.0-gd php7.0-fpm php7.0-cli php7.0-opcache php7.0-mbstring php7.0-xml php7.0-zip php7.0-fileinfo php7.0-mcrypt php7.0-ldap $APTINSTALL php7.0 php7.0-curl php7.0-gd php7.0-fpm php7.0-cli php7.0-opcache php7.0-mbstring php7.0-xml php7.0-zip php7.0-fileinfo php7.0-mcrypt php7.0-ldap

22
nextcloudpi.sh
View File

@ -202,16 +202,18 @@ EOF
echo "NextCloudPi_$( date "+%m-%d-%y" )" > /usr/local/etc/ncp-baseimage echo "NextCloudPi_$( date "+%m-%d-%y" )" > /usr/local/etc/ncp-baseimage
## SSH hardening ## SSH hardening
sed -i 's|^#AllowTcpForwarding .*|AllowTcpForwarding no|' /etc/ssh/sshd_config [[ -f /etc/ssh/sshd_config ]] && {
sed -i 's|^#ClientAliveCountMax .*|ClientAliveCountMax 2|' /etc/ssh/sshd_config sed -i 's|^#AllowTcpForwarding .*|AllowTcpForwarding no|' /etc/ssh/sshd_config
sed -i 's|^MaxAuthTries .*|MaxAuthTries 1|' /etc/ssh/sshd_config sed -i 's|^#ClientAliveCountMax .*|ClientAliveCountMax 2|' /etc/ssh/sshd_config
sed -i 's|^#MaxSessions .*|MaxSessions 2|' /etc/ssh/sshd_config sed -i 's|^MaxAuthTries .*|MaxAuthTries 1|' /etc/ssh/sshd_config
sed -i 's|^#PermitRootLogin .*|PermitRootLogin no|' /etc/ssh/sshd_config sed -i 's|^#MaxSessions .*|MaxSessions 2|' /etc/ssh/sshd_config
sed -i 's|^#TCPKeepAlive .*|TCPKeepAlive no|' /etc/ssh/sshd_config sed -i 's|^#PermitRootLogin .*|PermitRootLogin no|' /etc/ssh/sshd_config
sed -i 's|^X11Forwarding .*|X11Forwarding no|' /etc/ssh/sshd_config sed -i 's|^#TCPKeepAlive .*|TCPKeepAlive no|' /etc/ssh/sshd_config
sed -i 's|^#LogLevel .*|LogLevel VERBOSE|' /etc/ssh/sshd_config sed -i 's|^X11Forwarding .*|X11Forwarding no|' /etc/ssh/sshd_config
sed -i 's|^#Compression .*|Compression no|' /etc/ssh/sshd_config sed -i 's|^#LogLevel .*|LogLevel VERBOSE|' /etc/ssh/sshd_config
sed -i 's|^#AllowAgentForwarding .*|AllowAgentForwarding no|' /etc/ssh/sshd_config sed -i 's|^#Compression .*|Compression no|' /etc/ssh/sshd_config
sed -i 's|^#AllowAgentForwarding .*|AllowAgentForwarding no|' /etc/ssh/sshd_config
}
## kernel hardening ## kernel hardening
cat >> /etc/sysctl.conf <<EOF cat >> /etc/sysctl.conf <<EOF

5
update.sh
View File

@ -22,6 +22,11 @@ nc-static-IP.sh
nc-wifi.sh nc-wifi.sh
nc-nextcloud.sh nc-nextcloud.sh
nc-init.sh nc-init.sh
UFW.sh
nc-snapshot.sh
nc-snapshot-auto.sh
nc-audit.sh
SSH.sh
" "
# need to be fixed for this # need to be fixed for this