docker container construction

Makefile

@@ -0,0 +1,32 @@
+# Batch-build docker container layers for nextcloudpi
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+
+
+nextcloud: lamp
+	docker build . -f docker/nextcloud.dockerfile -t ownyourbits/nextcloudpi:latest
+
+lamp: miniraspbian
+	docker build . -f docker/lamp.dockerfile      -t ownyourbits/lamp-arm:latest
+
+miniraspbian: 
+	docker build . -f docker/raspbian.dockerfile  -t ownyourbits/miniraspbian:latest
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA

batch.sh

@@ -12,13 +12,17 @@
 source etc/library.sh       # initializes $IMGNAME
 
 IP=$1                       # First argument is the QEMU Raspbian IP address
-NC_SCRIPT=etc/nextcloudpi-config.d/nc-nextcloud.sh
+NC_INSTALL=etc/nextcloudpi-config.d/nc-nextcloud.sh
+NC_CONFIG=etc/nc-init.sh
 
 IMGBASE="NextCloudPi_$( date  "+%m-%d-%y" )_base.img"
 
-NO_CONFIG=1 NO_HALT_STEP=1 ./install-nextcloud.sh        $IP $IMGBASE
-NO_CONFIG=1                ./installer.sh $NC_SCRIPT     $IP $( ls -1t *.img | head -1 )
-NO_CONFIG=1                ./installer.sh nextcloudpi.sh $IP $( ls -1t *.img | head -1 )
+export NO_CONFIG=1           # skip interactive configuration
+
+NO_HALT_STEP=1 ./install-nextcloud.sh        $IP $IMGBASE
+               ./installer.sh $NC_INSTALL    $IP $( ls -1t *.img | head -1 )
+               ./installer.sh $NC_CONFIG     $IP $( ls -1t *.img | head -1 )
+               ./installer.sh nextcloudpi.sh $IP $( ls -1t *.img | head -1 )
 
 IMGFILE=$( ls -1t *.img | head -1 )
 IMGOUT=$( basename "$IMGFILE" _base_nc-nextcloud_nextcloudpi.img ).img

docker/lamp.dockerfile

@@ -0,0 +1,27 @@
+# docker run -d -p 443:443 -p 80:80 -v ncdata:/data --name lamp ownyourbits/lamp
+# docker build . -f lamp.dockerfile -t ownyourbits/lamp-arm:latest
+
+FROM ownyourbits/miniraspbian
+
+MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com>
+
+SHELL ["/bin/bash", "-c"]
+
+COPY etc/library.sh lamp.sh /usr/local/etc/
+
+# NOTE: move database to /data, which will be in a persistent volume
+RUN source /usr/local/etc/library.sh; set +x; install_script /usr/local/etc/lamp.sh; \
+     apt-get autoremove -y; apt-get clean; rm /var/lib/apt/lists/* -f; rm -rf /usr/share/man/*; rm -rf /usr/share/doc/*; \
+     mkdir -p /data/; \
+     mv /var/lib/mysql /data/database; \
+     sed -i "s|^datadir.*|datadir = /data/database|" /etc/mysql/mariadb.conf.d/50-server.cnf; \
+     rm /data/database/ib_logfile*; \
+     rm /var/cache/debconf/*-old; \
+     rm /var/log/alternatives.log /var/log/apt/* ; \
+     rm /usr/local/etc/{lamp.sh,library.sh}
+
+COPY docker/run-lamp.sh /usr/local/bin/
+
+ENTRYPOINT ["/usr/local/bin/run.sh"]
+
+EXPOSE 80 443

docker/nextcloud.dockerfile

@@ -0,0 +1,20 @@
+# docker run -d -p 443:443 -p 80:80 -v ncdata:/data --name nextcloudpi ownyourbits/nextcloudpi
+# docker build . -f nextcloud.dockerfile -t ownyourbits/nextcloudpi:latest
+
+FROM ownyourbits/lamp-arm
+
+MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com>
+
+SHELL ["/bin/bash", "-c"]
+
+COPY etc/library.sh nc-init.sh etc/nextcloudpi-config.d/nc-nextcloud.sh /usr/local/etc/
+
+RUN apt-get update; apt-get install --no-install-recommends -y wget ca-certificates; \
+    source /usr/local/etc/library.sh; set +x; activate_script /usr/local/etc/nc-nextcloud.sh; \
+    apt-get purge -y wget ca-certificates libgnutls-deb0-28 libhogweed2 libicu52 libnettle4 libpsl0; \
+    apt-get autoremove -y; apt-get clean; rm /var/lib/apt/lists/* -f; rm -rf /usr/share/man/*; rm -rf /usr/share/doc/*; \
+    rm /var/log/apt/* ; \
+    rm /var/cache/debconf/*-old; \
+    rm /usr/local/etc/nc-nextcloud.sh
+
+COPY docker/run-nc.sh /usr/local/bin/run.sh

docker/raspbian.dockerfile

@@ -0,0 +1,8 @@
+# docker build . -f Dockerfile.raspbian -t ownyourbits/raspbian:latest
+
+FROM ownyourbits/miniraspbian:raw
+
+MAINTAINER Ignacio Núñez Hernanz <nacho@ownyourbits.com>
+
+CMD /bin/bash
+

docker/run-lamp.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+cleanup()
+{
+  apachectl graceful-stop
+  killall php-fpm7.0
+  mysqladmin -u root -pownyourbits shutdown
+  killall cron
+  echo "Cleanup complete"
+}
+
+trap cleanup SIGTERM
+
+echo "Starting PHP-fpm"
+php-fpm7.0 &
+
+echo "Starting Apache"
+/usr/sbin/apache2ctl start
+
+echo "Starting mariaDB"
+mysqld &
+
+echo "Starting cron"
+cron
+
+echo "Done"
+while true; do sleep 0.5; done # do nothing, just wait for trap from 'docker stop'

docker/run-nc.sh

@@ -0,0 +1,77 @@
+#!/bin/bash
+
+cleanup()
+{
+  apachectl graceful-stop
+  killall php-fpm7.0
+  mysqladmin -u root -pownyourbits shutdown
+  killall cron
+  echo "Cleanup complete"
+}
+
+trap cleanup SIGTERM
+
+echo "Starting PHP-fpm"
+php-fpm7.0 &
+
+echo "Starting mariaDB"
+mysqld &
+
+# WAIT FOR MARIADB
+while :; do
+  [[ -S /var/run/mysqld/mysqld.sock ]] && break
+  sleep 0.5
+done
+
+## FIRST RUN: initialize NextCloud
+
+test -d /data/app || {
+
+  echo "First run"
+
+  # INIT DATABASE AND NEXTCLOUD CONFIG
+  source         /usr/local/etc/library.sh
+  install_script /usr/local/etc/nc-init.sh
+
+  # COPY DATADIR TO /data, WHICH WILL BE IN A PERSISTENT VOLUME
+  cd /var/www/nextcloud/
+  echo "Setting up persistent data dir..."
+  cp -ra /var/www/nextcloud/data /data/app
+  sudo -u www-data php occ config:system:set datadirectory --value=/data/app
+
+  # COPY CONFIG TO /data, WHICH WILL BE IN A PERSISTENT VOLUME
+  echo "Setting up persistent configuration..."
+  test -e /data/config || mv /var/www/nextcloud/config /data
+}
+
+# Use persistent configuration
+test -e /data/config && {
+  rm -rf /var/www/nextcloud/config
+  ln -s /data/config /var/www/nextcloud/config
+}
+
+cd /var/www/nextcloud/
+
+# Trusted Domain ( as an argument )
+[[ "$@" != "" ]] && {
+  IP=$( grep -oP '\d{1,3}(.\d{1,3}){3}' <<< "$1" ) # validate that the first argument is a valid IP
+  if [[ "$IP" != "" ]]; then
+    sudo -u www-data php occ config:system:set trusted_domains 1 --value=$IP
+  else
+    echo "First argument must be an IP address to include as a Trusted domain. Ignoring"
+  fi
+}
+
+# Trusted Domain ( local IP )
+IFACE=$( ip r | grep "default via" | awk '{ print $5 }' )
+IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(.\d{1,3}){3}' | head -1 )
+sudo -u www-data php occ config:system:set trusted_domains 2 --value=$IP
+
+echo "Starting Apache"
+/usr/sbin/apache2ctl start
+
+echo "Starting cron"
+cron
+
+echo "Done"
+while true; do sleep 0.5; done # do nothing, just wait for trap from 'docker stop'

docker/run-ncdocker.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# Initial Trusted Domain 
+IFACE=$( ip r | grep "default via" | awk '{ print $5 }' )
+IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(.\d{1,3}){3}' | head -1 )
+
+docker run -d -p 443:443 -p 80:80 -v ncdata:/data --name nextcloudpi ownyourbits/nextcloudpi $IP

etc/nextcloudpi-config.d/nc-nextcloud.sh

@@ -16,15 +16,13 @@
 #
 
 VER_=12.0.0
-ADMINUSER_=admin
-DBADMIN_=ncadmin
-DBPASSWD_=ownyourbits
 MAXFILESIZE_=2G
 MEMORYLIMIT_=768M
 MAXTRANSFERTIME_=3600
-OPCACHEDIR=/var/www/nextcloud/data/.opcache
 DESCRIPTION="Install any NextCloud version"
 
+export DEBIAN_FRONTEND=noninteractive
+
 show_info()
 {
   [ -d /var/www/nextcloud ] && \
@@ -44,29 +42,14 @@ install() { :; }
 
 configure()
 {
-  service apache2 stop
-
-  # RE-CREATE DATABASE TABLE (workaround to emulate DROP USER IF EXISTS ..;)
-  sleep 40 # TODO wait for mysql to be up
-  mysql -u root -p$DBPASSWD_ <<EOF
-DROP DATABASE IF EXISTS nextcloud;
-CREATE DATABASE nextcloud;
-GRANT USAGE ON *.* TO '$DBADMIN_'@'localhost' IDENTIFIED BY '$DBPASSWD_';
-DROP USER '$DBADMIN_'@'localhost';
-CREATE USER '$DBADMIN_'@'localhost' IDENTIFIED BY '$DBPASSWD_';
-GRANT ALL PRIVILEGES ON nextcloud.* TO $DBADMIN_@localhost;
-EXIT
-EOF
-  [ $? -ne 0 ] && { echo -e "error configuring nextcloud database"; return 1; }
-
-  # DOWNLOAD AND (OVER)WRITE NEXTCLOUD
+  ## DOWNLOAD AND (OVER)WRITE NEXTCLOUD
   cd /var/www/
   wget https://download.nextcloud.com/server/releases/nextcloud-$VER_.tar.bz2 -O nextcloud.tar.bz2
   rm -rf nextcloud
   tar -xvf nextcloud.tar.bz2
   rm nextcloud.tar.bz2
 
-  # CONFIGURE FILE PERMISSIONS
+  ## CONFIGURE FILE PERMISSIONS
   local ocpath='/var/www/nextcloud'
   local htuser='www-data'
   local htgroup='www-data'
@@ -75,7 +58,6 @@ EOF
   printf "Creating possible missing Directories\n"
   mkdir -p $ocpath/data
   mkdir -p $ocpath/updater
-  mkdir -p $OPCACHEDIR
 
   printf "chmod Files and Directories\n"
   find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640
@@ -89,7 +71,6 @@ EOF
   chown -R ${htuser}:${htgroup} ${ocpath}/data/
   chown -R ${htuser}:${htgroup} ${ocpath}/themes/
   chown -R ${htuser}:${htgroup} ${ocpath}/updater/
-  chown -R ${htuser}:${htgroup} $OPCACHEDIR
 
   chmod +x ${ocpath}/occ
 
@@ -103,7 +84,7 @@ EOF
     chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess
   fi
 
-  # CONFIGURE NEXTCLOUD 
+  ## CONFIGURE NEXTCLOUD 
 cat > /etc/apache2/sites-available/000-default.conf <<'EOF'
 <VirtualHost _default_:80>
   DocumentRoot /var/www/nextcloud
@@ -115,16 +96,7 @@ cat > /etc/apache2/sites-available/000-default.conf <<'EOF'
 </VirtualHost>
 EOF
 
-  cd /var/www/nextcloud/
-
-  sudo -u www-data php occ maintenance:install --database \
-  "mysql" --database-name "nextcloud"  --database-user "$DBADMIN_" --database-pass \
-  "$DBPASSWD_" --admin-user "$ADMINUSER_" --admin-pass "$DBPASSWD_" 
-
-  sudo -u www-data php occ background:cron
-
-  sed -i '$s|^.*$|  '\''memcache.local'\'' => '\''\\\\OC\\\\Memcache\\\\APCu'\'',\\n);|' /var/www/nextcloud/config/config.php
-
+  ## SET LIMITS
   sed -i "s/post_max_size=.*/post_max_size=$MAXFILESIZE_/"             /var/www/nextcloud/.user.ini 
   sed -i "s/upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini 
   sed -i "s/memory_limit=.*/memory_limit=$MEMORYLIMIT_/"               /var/www/nextcloud/.user.ini 
@@ -133,17 +105,10 @@ EOF
   cat >> /var/www/nextcloud/.user.ini <<< "max_execution_time=$MAXTRANSFERTIME_"
   cat >> /var/www/nextcloud/.user.ini <<< "max_input_time=$MAXTRANSFERTIME_"
 
+  ## SET CRON
   echo "*/15  *  *  *  * php -f /var/www/nextcloud/cron.php" > /tmp/crontab_http
   crontab -u www-data /tmp/crontab_http
   rm /tmp/crontab_http
-
-  # Initial Trusted Domain
-  local IFACE=$( ip r | grep "default via" | awk '{ print $5 }' )
-  local IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(.\d{1,3}){3}' | head -1 )
-  sudo -u www-data php occ config:system:set trusted_domains 1 --value=$IP
-  cd -
-
-  service apache2 start
 }
 
 cleanup()   

install-nextcloud.sh

@@ -20,7 +20,7 @@ IMGFILE=$2     # Second argument is the name for the output image
 DOWNLOAD=1     # Download the latest image
 EXTRACT=1      # Extract the image from zip, so start from 0
 IMG=raspbian_lite_latest
-INSTALL_SCRIPT=nextcloud_lamp.sh
+INSTALL_SCRIPT=lamp.sh
 
 source etc/library.sh       # initializes $IMGNAME
 

lamp.sh

@@ -20,42 +20,14 @@
 # More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
 #
 
-DBADMIN_=ncadmin
 DBPASSWD_=ownyourbits
 OPCACHEDIR=/var/www/nextcloud/data/.opcache
-STATE_FILE=/home/pi/.installation_state
-APTINSTALL="apt-get install -y --no-install-recommends"
 
+APTINSTALL="apt-get install -y --no-install-recommends"
+export DEBIAN_FRONTEND=noninteractive
 
 install()
 {
-  test -f $STATE_FILE && STATE=$( cat $STATE_FILE 2>/dev/null )
-  if [ "$STATE" == "" ]; then
-
-    # RESIZE IMAGE
-    ##########################################
-
-    SECTOR=$( fdisk -l /dev/sda | grep Linux | awk '{ print $2 }' )
-    echo -e "d\n2\nn\np\n2\n$SECTOR\n\nw\n" | fdisk /dev/sda || true
-
-    echo 0 > $STATE_FILE 
-    nohup reboot &>/dev/null &
-  elif [ "$STATE" == "0" ]; then
-
-    # UPDATE EVERYTHING
-    ##########################################
-    resize2fs /dev/sda2
-
-    apt-get update
-    apt-get upgrade -y
-    apt-get dist-upgrade -y
-    $APTINSTALL rpi-update 
-    echo -e "y\n" | PRUNE_MODULES=1 rpi-update
-
-    echo 1 > $STATE_FILE 
-    nohup reboot &>/dev/null &
-  elif [ "$STATE" == "1" ]; then
-
     # GET STRETCH SOURCES FOR HTTP2 AND PHP7
     ##########################################
 
@@ -70,14 +42,17 @@ EOF
     # INSTALL FROM STRETCH
     ##########################################
 
+    $APTINSTALL apt-utils 
+    $APTINSTALL cron
     $APTINSTALL -t stretch apache2
-    $APTINSTALL -t stretch php7.0 php7.0-curl php7.0-gd php7.0-fpm php7.0-cli php7.0-opcache php7.0-mbstring php7.0-xml php7.0-zip 
-    $APTINSTALL php7.0-APC 
-    $APTINSTALL libxml2-dev php-zip php-dom php-xmlwriter php-xmlreader php-gd php-curl php-mbstring 
+    $APTINSTALL -t stretch php7.0 php7.0-curl php7.0-gd php7.0-fpm php7.0-cli php7.0-opcache php7.0-mbstring php7.0-xml php7.0-zip php7.0-APC
+    mkdir -p /run/php
 
     debconf-set-selections <<< "mariadb-server-5.5 mysql-server/root_password password $DBPASSWD_"
     debconf-set-selections <<< "mariadb-server-5.5 mysql-server/root_password_again password $DBPASSWD_"
-    $APTINSTALL mariadb-server php7.0-mysql 
+    $APTINSTALL -t stretch mariadb-server php7.0-mysql 
+    mkdir -p /run/mysqld
+    chown mysql /run/mysqld
 
     # CONFIGURE APACHE AND PHP7
     ##########################################
@@ -126,6 +101,8 @@ opcache.memory_consumption=128
 opcache.save_comments=1
 opcache.revalidate_freq=1
 EOF
+    mkdir -p $OPCACHEDIR
+    chown -R www-data:www-data $OPCACHEDIR
 
     a2enmod http2
     a2enconf http2 
@@ -165,28 +142,18 @@ EOF
 </IfModule>
 EOF
     a2ensite nextcloud
-
-    mysql -u root -p$DBPASSWD_ <<EOF
-CREATE DATABASE nextcloud;
-CREATE USER '$DBADMIN_'@'localhost' IDENTIFIED BY '$DBPASSWD_';
-GRANT ALL PRIVILEGES ON nextcloud.* TO $DBADMIN_@localhost;
-EXIT
-EOF
-  fi
 }
 
 configure() { :; }
 
 cleanup()   
 { 
-  [ "$STATE" != "1" ] && return
   apt-get autoremove
   apt-get clean
   rm /var/lib/apt/lists/* -r
   rm -f /home/pi/.bash_history
 
   systemctl disable ssh
-  rm $STATE_FILE 
   nohup halt &>/dev/null &
 }
 

nc-init.sh

@@ -0,0 +1,75 @@
+#!/bin/bash
+
+# Init NextCloud database and perform initial configuration
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh nc-init.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
+#
+
+ADMINUSER_=admin
+DBADMIN_=ncadmin
+DBPASSWD_=ownyourbits
+
+install()
+{
+  # RE-CREATE DATABASE TABLE (workaround to emulate DROP USER IF EXISTS ..;)
+
+  echo "Setting up database..."
+
+  # wait for mariadb
+  while :; do
+    [[ -S /var/run/mysqld/mysqld.sock ]] && break
+    sleep 0.5
+  done
+
+  mysql -u root -p$DBPASSWD_ <<EOF
+DROP DATABASE IF EXISTS nextcloud;
+CREATE DATABASE nextcloud;
+GRANT USAGE ON *.* TO '$DBADMIN_'@'localhost' IDENTIFIED BY '$DBPASSWD_';
+DROP USER '$DBADMIN_'@'localhost';
+CREATE USER '$DBADMIN_'@'localhost' IDENTIFIED BY '$DBPASSWD_';
+GRANT ALL PRIVILEGES ON nextcloud.* TO $DBADMIN_@localhost;
+EXIT
+EOF
+
+  # INITIALIZE NEXTCLOUD
+
+  echo "Setting up Nextcloud..."
+
+  cd /var/www/nextcloud/
+  sudo -u www-data php occ maintenance:install --database \
+    "mysql" --database-name "nextcloud"  --database-user "$DBADMIN_" --database-pass \
+    "$DBPASSWD_" --admin-user "$ADMINUSER_" --admin-pass "$DBPASSWD_"
+
+  sudo -u www-data php occ background:cron
+  sed -i '$s|^.*$|  '\''memcache.local'\'' => '\''\\\\OC\\\\Memcache\\\\APCu'\'',\n);|' /var/www/nextcloud/config/config.php
+}
+
+configure(){ :; }
+cleanup()  { :; }
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA

nextcloudpi.sh

@@ -22,7 +22,6 @@ APTINSTALL="apt-get install -y --no-install-recommends"
 
 install()
 {
-
   # NEXTCLOUDPI-CONFIG
   ##########################################
   apt-get update
@@ -155,4 +154,3 @@ cleanup()
 # along with this script; if not, write to the
 # Free Software Foundation, Inc., 59 Temple Place, Suite 330,
 # Boston, MA  02111-1307  USA
-

prepare_img.sh

@@ -0,0 +1,35 @@
+#!/bin/bish
+
+# TODO
+
+STATE_FILE=/home/pi/.installation_state
+APTINSTALL="apt-get install -y --no-install-recommends"
+
+install()
+{
+  test -f $STATE_FILE && STATE=$( cat $STATE_FILE 2>/dev/null )
+  if [ "$STATE" == "" ]; then
+
+    # RESIZE IMAGE
+    ##########################################
+
+    SECTOR=$( fdisk -l /dev/sda | grep Linux | awk '{ print $2 }' )
+    echo -e "d\n2\nn\np\n2\n$SECTOR\n\nw\n" | fdisk /dev/sda || true
+
+    echo 0 > $STATE_FILE 
+    nohup reboot &>/dev/null &
+  elif [ "$STATE" == "0" ]; then
+
+    # UPDATE EVERYTHING
+    ##########################################
+    resize2fs /dev/sda2
+
+    apt-get update
+    apt-get upgrade -y
+    apt-get dist-upgrade -y
+    $APTINSTALL rpi-update 
+    echo -e "y\n" | PRUNE_MODULES=1 rpi-update
+
+    echo 1 > $STATE_FILE 
+    nohup reboot &>/dev/null &
+  elif [ "$STATE" == "1" ]; then