daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-21 02:40:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

allow to adjust the log level globally (#7902)

Browse Source
This commit is contained in:
Simon L.
2026-04-28 18:08:27 +02:00
committed by GitHub
parent 4acc5b87e3 4f4ef8f1d6
commit 50643afd6a
64 changed files with 450 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/playwright-on-push.yml vendored
View File

@@ -5,12 +5,14 @@ on:
paths:
- 'php/**'
- 'Containers/mastercontainer/*.Caddyfile'
- 'Containers/mastercontainer/start.sh'
push:
branches:
- main
paths:
- 'php/**'
- 'Containers/mastercontainer/*.Caddyfile'
- 'Containers/mastercontainer/start.sh'
concurrency:
group: playwright-${{ github.head_ref || github.run_id }}
@@ -55,7 +57,7 @@ jobs:
rm -r ./session
composer install --no-dev
composer clear-cache
sudo chmod 777 -R ./
sudo chmod 777 -R ../
- name: Start fresh development server
run: |
@@ -72,6 +74,7 @@ jobs:
--volume ./php:/var/www/docker-aio/php \
--volume ./Containers/mastercontainer/internal.Caddyfile:/internal.Caddyfile \
--volume ./Containers/mastercontainer/headers.Caddyfile:/headers.Caddyfile \
--volume ./Containers/mastercontainer/start.sh:/start.sh \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
--env SKIP_DOMAIN_VALIDATION=true \
--env APACHE_PORT=11000 \
@@ -103,6 +106,7 @@ jobs:
--volume ./php:/var/www/docker-aio/php \
--volume ./Containers/mastercontainer/internal.Caddyfile:/internal.Caddyfile \
--volume ./Containers/mastercontainer/headers.Caddyfile:/headers.Caddyfile \
--volume ./Containers/mastercontainer/start.sh:/start.sh \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
--env SKIP_DOMAIN_VALIDATION=false \
--env APACHE_PORT=11000 \

2
Containers/apache/Caddyfile
View File

@@ -10,7 +10,7 @@
}
log {
level ERROR
level {$CADDY_LOG_LEVEL}
}
}

4
Containers/apache/healthcheck.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
nc -z "$NEXTCLOUD_HOST" 9000 || exit 0
nc -z 127.0.0.1 8000 || exit 1
nc -z 127.0.0.1 "$APACHE_PORT" || exit 1

2
Containers/apache/nextcloud.conf
View File

@@ -7,7 +7,7 @@ Listen 8000
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
ErrorLog /proc/self/fd/2
ErrorLogFormat "[%t] [%l] [%E] [client: %{X-Forwarded-For}i] [%M] [%{User-Agent}i]"
LogLevel warn
LogLevel ${AIO_LOG_LEVEL}
# KeepAlive On: allow the same TCP connection to carry multiple HTTP requests.
# Without this each asset (JS, CSS, image) would require a full TCP handshake,

12
Containers/apache/start.sh
View File

@@ -1,10 +1,22 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [ -z "$NC_DOMAIN" ]; then
echo "NC_DOMAIN and NEXTCLOUD_HOST need to be provided. Exiting!"
exit 1
fi
CADDY_LOG_LEVEL="$(echo "$AIO_LOG_LEVEL" | tr '[:lower:]' '[:upper:]')"
export CADDY_LOG_LEVEL
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
export SUPERVISORD_STDOUT=/dev/stdout
else
export SUPERVISORD_STDOUT=NONE
fi
# Need write access to /mnt/data
if ! [ -w /mnt/data ]; then
echo "Cannot write to /mnt/data"

4
Containers/apache/supervisord.conf
View File

@@ -5,11 +5,11 @@ pidfile=/var/run/supervisord/supervisord.pid
childlogdir=/var/log/supervisord/
logfile_maxbytes=50MB
logfile_backups=10
loglevel=error
loglevel=%(ENV_AIO_LOG_LEVEL)s
[program:apache]
# Stdout logging is disabled as otherwise the logs are spammed
stdout_logfile=NONE
stdout_logfile=%(ENV_SUPERVISORD_STDOUT)s
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=apachectl -DFOREGROUND

56
Containers/borgbackup/backupscript.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
# Functions
get_start_time(){
START_TIME=$(date +%s)
@@ -40,7 +44,7 @@ if [ -z "$BORG_REMOTE_REPO" ] && ! mountpoint -q "$MOUNT_DIR"; then
fi
# Check if repo is uninitialized
if [ "$BORG_MODE" != backup ] && [ "$BORG_MODE" != test ] && ! borg info > /dev/null; then
if [ "$BORG_MODE" != backup ] && [ "$BORG_MODE" != test ] && ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
if [ -n "$BORG_REMOTE_REPO" ]; then
echo "The repository is uninitialized or cannot connect to remote. Cannot perform check or restore."
else
@@ -123,7 +127,7 @@ if [ "$BORG_MODE" = backup ]; then
fi
# Initialize the repository if can't get info from target
if ! borg info > /dev/null; then
if ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
# Don't initialize if already initialized
if [ -f "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/borg.config" ]; then
if [ -n "$BORG_REMOTE_REPO" ]; then
@@ -140,14 +144,14 @@ if [ "$BORG_MODE" = backup ]; then
echo "Initializing repository..."
NEW_REPOSITORY=1
if ! borg init --debug --encryption=repokey-blake2; then
if ! borg "$BORG_LOG_LEVEL_FLAG" init --encryption=repokey-blake2; then
echo "Could not initialize borg repository."
exit 1
fi
if [ -z "$BORG_REMOTE_REPO" ]; then
# borg config only works for local repos; it's up to the remote to ensure the disk isn't full
borg config :: additional_free_space 2G
borg "$BORG_LOG_LEVEL_FLAG" config :: additional_free_space 2G
# Fix too large Borg cache
# https://borgbackup.readthedocs.io/en/stable/faq.html#the-borg-cache-eats-way-too-much-disk-space-what-can-i-do
@@ -156,7 +160,7 @@ if [ "$BORG_MODE" = backup ]; then
touch "/root/.cache/borg/$BORG_ID/chunks.archive.d"
fi
if ! borg info > /dev/null; then
if ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
echo "Borg can't get info from the repo it created. Something is wrong."
exit 1
fi
@@ -216,9 +220,9 @@ if [ "$BORG_MODE" = backup ]; then
# Create the backup
echo "Starting the backup..."
get_start_time
if ! borg create "${BORG_OPTS[@]}" "${BORG_INCLUDE[@]}" "${BORG_EXCLUDE[@]}" "::$CURRENT_DATE-nextcloud-aio" "/nextcloud_aio_volumes/" --exclude-from /borg_excludes; then
if ! borg "$BORG_LOG_LEVEL_FLAG" create "${BORG_OPTS[@]}" "${BORG_INCLUDE[@]}" "${BORG_EXCLUDE[@]}" "::$CURRENT_DATE-nextcloud-aio" "/nextcloud_aio_volumes/" --exclude-from /borg_excludes; then
echo "Deleting the failed backup archive..."
borg delete --stats "::$CURRENT_DATE-nextcloud-aio"
borg "$BORG_LOG_LEVEL_FLAG" delete --stats "::$CURRENT_DATE-nextcloud-aio"
echo "Backup failed!"
echo "You might want to check the backup integrity via the AIO interface."
if [ "$NEW_REPOSITORY" = 1 ]; then
@@ -237,14 +241,14 @@ if [ "$BORG_MODE" = backup ]; then
# Prune archives
echo "Pruning the archives..."
if ! borg prune --stats --glob-archives '*_*-nextcloud-aio' "${BORG_PRUNE_OPTS[@]}"; then
if ! borg "$BORG_LOG_LEVEL_FLAG" prune --stats --glob-archives '*_*-nextcloud-aio' "${BORG_PRUNE_OPTS[@]}"; then
echo "Failed to prune archives!"
exit 1
fi
# Compact archives
echo "Compacting the archives..."
if ! borg compact; then
if ! borg "$BORG_LOG_LEVEL_FLAG" compact; then
echo "Failed to compact archives!"
exit 1
fi
@@ -261,19 +265,19 @@ if [ "$BORG_MODE" = backup ]; then
fi
done
echo "Starting the backup for additional volumes..."
if ! borg create "${BORG_OPTS[@]}" "::$CURRENT_DATE-additional-docker-volumes" "/docker_volumes/"; then
if ! borg "$BORG_LOG_LEVEL_FLAG" create "${BORG_OPTS[@]}" "::$CURRENT_DATE-additional-docker-volumes" "/docker_volumes/"; then
echo "Deleting the failed backup archive..."
borg delete --stats "::$CURRENT_DATE-additional-docker-volumes"
borg "$BORG_LOG_LEVEL_FLAG" delete --stats "::$CURRENT_DATE-additional-docker-volumes"
echo "Backup of additional docker-volumes failed!"
exit 1
fi
echo "Pruning additional volumes..."
if ! borg prune --stats --glob-archives '*_*-additional-docker-volumes' "${BORG_PRUNE_OPTS[@]}"; then
if ! borg "$BORG_LOG_LEVEL_FLAG" prune --stats --glob-archives '*_*-additional-docker-volumes' "${BORG_PRUNE_OPTS[@]}"; then
echo "Failed to prune additional docker-volumes archives!"
exit 1
fi
echo "Compacting additional volumes..."
if ! borg compact; then
if ! borg "$BORG_LOG_LEVEL_FLAG" compact; then
echo "Failed to compact additional docker-volume archives!"
exit 1
fi
@@ -291,19 +295,19 @@ if [ "$BORG_MODE" = backup ]; then
EXCLUDE_DIRS+=(--exclude "/host_mounts/$directory/")
done
echo "Starting the backup for additional host mounts..."
if ! borg create "${BORG_OPTS[@]}" "${EXCLUDE_DIRS[@]}" "::$CURRENT_DATE-additional-host-mounts" "/host_mounts/"; then
if ! borg "$BORG_LOG_LEVEL_FLAG" create "${BORG_OPTS[@]}" "${EXCLUDE_DIRS[@]}" "::$CURRENT_DATE-additional-host-mounts" "/host_mounts/"; then
echo "Deleting the failed backup archive..."
borg delete --stats "::$CURRENT_DATE-additional-host-mounts"
borg "$BORG_LOG_LEVEL_FLAG" delete --stats "::$CURRENT_DATE-additional-host-mounts"
echo "Backup of additional host-mounts failed!"
exit 1
fi
echo "Pruning additional host mounts..."
if ! borg prune --stats --glob-archives '*_*-additional-host-mounts' "${BORG_PRUNE_OPTS[@]}"; then
if ! borg "$BORG_LOG_LEVEL_FLAG" prune --stats --glob-archives '*_*-additional-host-mounts' "${BORG_PRUNE_OPTS[@]}"; then
echo "Failed to prune additional host-mount archives!"
exit 1
fi
echo "Compacting additional host mounts..."
if ! borg compact; then
if ! borg "$BORG_LOG_LEVEL_FLAG" compact; then
echo "Failed to compact additional host-mount archives!"
exit 1
fi
@@ -385,7 +389,7 @@ if [ "$BORG_MODE" = restore ]; then
if [ -z "$BORG_REMOTE_REPO" ]; then
mkdir -p /tmp/borg
if ! borg mount "::$SELECTED_ARCHIVE" /tmp/borg; then
if ! borg "$BORG_LOG_LEVEL_FLAG" mount "::$SELECTED_ARCHIVE" /tmp/borg; then
echo "Could not mount the backup!"
exit 1
fi
@@ -432,7 +436,7 @@ if [ "$BORG_MODE" = restore ]; then
#
# Older backups may still contain files we've since excluded, so we have to exclude on extract as well.
cd / # borg extract has no destination arg and extracts to CWD
if ! borg extract "::$SELECTED_ARCHIVE" --progress --exclude-from /borg_excludes "${ADDITIONAL_BORG_EXCLUDES[@]}" --pattern '+nextcloud_aio_volumes/**'
if ! borg "$BORG_LOG_LEVEL_FLAG" extract "::$SELECTED_ARCHIVE" --progress --exclude-from /borg_excludes "${ADDITIONAL_BORG_EXCLUDES[@]}" --pattern '+nextcloud_aio_volumes/**'
then
RESTORE_FAILED=1
echo "Failed to extract backup archive."
@@ -464,7 +468,7 @@ if [ "$BORG_MODE" = restore ]; then
\) \
| LC_ALL=C sort \
| LC_ALL=C comm -23 - \
<(borg list "::$SELECTED_ARCHIVE" --short --exclude-from /borg_excludes --pattern '+nextcloud_aio_volumes/**' | LC_ALL=C sort) \
<(borg "$BORG_LOG_LEVEL_FLAG" list "::$SELECTED_ARCHIVE" --short --exclude-from /borg_excludes --pattern '+nextcloud_aio_volumes/**' | LC_ALL=C sort) \
> /tmp/local_files_not_in_backup
then
RESTORE_FAILED=1
@@ -552,7 +556,7 @@ if [ "$BORG_MODE" = check ]; then
echo "Checking the backup integrity..."
# Perform the check
if ! borg check -v --verify-data; then
if ! borg "$BORG_LOG_LEVEL_FLAG" check -v --verify-data; then
echo "Some errors were found while checking the backup integrity!"
echo "Check the AIO interface for advice on how to proceed now!"
exit 1
@@ -570,7 +574,7 @@ if [ "$BORG_MODE" = "check-repair" ]; then
echo "Checking the backup integrity and repairing it..."
# Perform the check-repair
if ! echo YES | borg check -v --repair; then
if ! echo YES | borg "$BORG_LOG_LEVEL_FLAG" check -v --repair; then
echo "Some errors were found while checking and repairing the backup integrity!"
exit 1
fi
@@ -584,7 +588,7 @@ fi
# Do the backup test
if [ "$BORG_MODE" = test ]; then
if [ -n "$BORG_REMOTE_REPO" ]; then
if ! borg info > /dev/null; then
if ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
echo "Borg could not get info from the remote repo."
echo "See the above borg info output for details."
exit 1
@@ -605,12 +609,12 @@ if [ "$BORG_MODE" = test ]; then
fi
fi
if ! borg list >/dev/null; then
if ! borg "$BORG_LOG_LEVEL_FLAG" list >/dev/null; then
echo "The entered path seems to be valid but could not open the backup archive."
echo "Most likely the entered password was wrong so please adjust it accordingly!"
exit 1
else
if ! borg list | grep "nextcloud-aio"; then
if ! borg "$BORG_LOG_LEVEL_FLAG" list | grep "nextcloud-aio"; then
echo "The backup archive does not contain a valid Nextcloud AIO backup."
echo "Most likely was the archive not created via Nextcloud AIO."
exit 1
@@ -623,7 +627,7 @@ fi
if [ "$BORG_MODE" = list ]; then
echo "Updating backup list..."
if ! borg info > /dev/null; then
if ! borg "$BORG_LOG_LEVEL_FLAG" info > /dev/null; then
echo "Could not update the backup list."
exit 1
fi

13
Containers/borgbackup/start.sh
View File

@@ -1,5 +1,16 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [ "$AIO_LOG_LEVEL" = "warn" ]; then
BORG_LOG_LEVEL_FLAG="--warning"
else
BORG_LOG_LEVEL_FLAG="--$AIO_LOG_LEVEL"
fi
export BORG_LOG_LEVEL_FLAG
# Variables
export MOUNT_DIR="/mnt/borgbackup"
export BORG_BACKUP_DIRECTORY="$MOUNT_DIR/borg" # necessary even when remote to store the aio-lockfile
@@ -48,7 +59,7 @@ fi
rm -f "/nextcloud_aio_volumes/nextcloud_aio_database_dump/backup-is-running"
# Get a list of all available borg archives
if borg list &>/dev/null; then
if borg "$BORG_LOG_LEVEL_FLAG" list &>/dev/null; then
borg list | grep "nextcloud-aio" | awk -F " " '{print $1","$3,$4}' > "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/backup_archives.list"
else
echo "" > "/nextcloud_aio_volumes/nextcloud_aio_mastercontainer/data/backup_archives.list"

4
Containers/clamav/healthcheck.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [ "$(echo "PING" | nc 127.0.0.1 3310)" != "PONG" ]; then
echo "ERROR: Unable to contact server"
exit 1

4
Containers/clamav/start.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
# Print out clamav version for compliance reasons
clamscan --version

2
Containers/clamav/supervisord.conf
View File

@@ -5,7 +5,7 @@ pidfile=/var/run/supervisord/supervisord.pid
childlogdir=/var/log/supervisord/
logfile_maxbytes=50MB
logfile_backups=10
loglevel=error
loglevel=%(ENV_AIO_LOG_LEVEL)s
[program:freshclam]
stdout_logfile=/dev/stdout

3
Containers/collabora/Dockerfile
View File

@@ -5,6 +5,7 @@ FROM collabora/code:25.04.9.4.1
USER root
ARG DEBIAN_FRONTEND=noninteractive
COPY --chmod=775 start.sh /start.sh
COPY --chmod=775 healthcheck.sh /healthcheck.sh
USER 1001
@@ -18,3 +19,5 @@ LABEL com.centurylinklabs.watchtower.enable="false" \
org.opencontainers.image.source="https://github.com/nextcloud/all-in-one" \
org.opencontainers.image.vendor="Nextcloud" \
org.opencontainers.image.documentation="https://github.com/nextcloud/all-in-one/blob/main/readme.md"
ENTRYPOINT ["/start.sh"]

17
Containers/collabora/start.sh Normal file
View File

@@ -0,0 +1,17 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [ "$AIO_LOG_LEVEL" = "warn" ]; then
COLLABORA_LOG_LEVEL="warning"
else
COLLABORA_LOG_LEVEL="$AIO_LOG_LEVEL"
fi
# Replace the hardcoded log level in extra_params with the translated one
extra_params+=" --o:logging.level=$COLLABORA_LOG_LEVEL --o:logging.level_startup=$COLLABORA_LOG_LEVEL"
export extra_params
exec /start-collabora-online.sh "$@"

4
Containers/docker-socket-proxy/healthcheck.sh
View File

@@ -1,4 +1,8 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
nc -z "$NEXTCLOUD_HOST" 9001 || exit 0
nc -z 127.0.0.1 2375 || exit 1

8
Containers/docker-socket-proxy/start.sh
View File

@@ -1,5 +1,9 @@
#!/bin/sh
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
# Only start container if nextcloud is accessible
while ! nc -z "$NEXTCLOUD_HOST" 9001; do
echo "Waiting for Nextcloud to start..."
@@ -18,6 +22,8 @@ else
HAPROXYFILE="$(sed "s# || { src NC_IPV6_PLACEHOLDER }##g" /tmp/haproxy.cfg)"
fi
echo "$HAPROXYFILE" > /tmp/haproxy.cfg
set +x
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
haproxy -f /tmp/haproxy.cfg -db

18
Containers/domaincheck/start.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [ -z "$INSTANCE_ID" ]; then
echo "You need to provide an instance id."
exit 1
@@ -14,6 +18,20 @@ fi
CONF_FILE="$(sed "s|ipv6-placeholder|\[::\]:$APACHE_PORT|" /lighttpd.conf)"
echo "$CONF_FILE" > /etc/lighttpd/lighttpd.conf
# shellcheck disable=SC2235
if ([ "$AIO_LOG_LEVEL" = 'debug' ] || [ "$AIO_LOG_LEVEL" = 'info' ]) && ! grep -q debug.log-request-handling /etc/lighttpd/lighttpd.conf; then
cat << CONF_FILE >> /etc/lighttpd/lighttpd.conf
debug.log-request-handling = "enable"
CONF_FILE
fi
if [ "$AIO_LOG_LEVEL" = 'debug' ] && ! grep -q debug.log-request-header /etc/lighttpd/lighttpd.conf; then
cat << CONF_FILE >> /etc/lighttpd/lighttpd.conf
debug.log-request-header = "enable"
debug.log-response-header = "enable"
CONF_FILE
fi
# Check config file
lighttpd -tt -f /etc/lighttpd/lighttpd.conf

3
Containers/fulltextsearch/Dockerfile
View File

@@ -13,6 +13,7 @@ RUN set -ex; \
; \
microdnf clean all;
COPY --chmod=775 start.sh /start.sh
COPY --chmod=775 healthcheck.sh /healthcheck.sh
USER 1000:0
@@ -27,3 +28,5 @@ LABEL com.centurylinklabs.watchtower.enable="false" \
org.opencontainers.image.vendor="Nextcloud" \
org.opencontainers.image.documentation="https://github.com/nextcloud/all-in-one/blob/main/readme.md"
ENV ES_JAVA_OPTS="-Xms512M -Xmx512M"
ENTRYPOINT ["/start.sh"]

4
Containers/fulltextsearch/healthcheck.sh
View File

@@ -1,3 +1,7 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
curl -fs "http://127.0.0.1:9200/_cluster/health?filter_path=status" | grep -qE '"status":"(green|yellow)"' || exit 1

9
Containers/fulltextsearch/start.sh Normal file
View File

@@ -0,0 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
ELASTIC_LOG_LEVEL="$(echo "$AIO_LOG_LEVEL" | tr '[:lower:]' '[:upper:]')"
exec env "logger.level=$ELASTIC_LOG_LEVEL" /usr/local/bin/docker-entrypoint.sh "$@"

3
Containers/imaginary/Dockerfile
View File

@@ -33,7 +33,8 @@ COPY --from=go /go/bin/imaginary /usr/local/bin/imaginary
COPY --chmod=775 start.sh /start.sh
COPY --chmod=775 healthcheck.sh /healthcheck.sh
ENV PORT=9000
ENV PORT=9000 \
AIO_LOG_LEVEL=warn
USER 65534

4
Containers/imaginary/healthcheck.sh
View File

@@ -1,3 +1,7 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
nc -z 127.0.0.1 "$PORT" || exit 1

15
Containers/imaginary/start.sh
View File

@@ -1,5 +1,20 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
GOLANG_LOG="$(case "$AIO_LOG_LEVEL" in
debug) printf 'info' ;;
info) printf 'info' ;;
warn) printf 'warning' ;;
error) printf 'error' ;;
esac)"
export GOLANG_LOG
if [ "$AIO_LOG_LEVEL" = "debug" ]; then
export DEBUG='*'
fi
echo "Imaginary has started"
IMAGINARY_ARGS=(-return-size -max-allowed-resolution 222.2)

2
Containers/mastercontainer/acme.Caddyfile
View File

@@ -10,7 +10,7 @@
}
log {
level ERROR
level {$CADDY_LOG_LEVEL}
# We need to exclude the remote-host plugin from logging as it would spam the logs
# See https://github.com/nextcloud/all-in-one/pull/7006#issuecomment-4003238239
exclude http.matchers.remote_host

4
Containers/mastercontainer/backup-time-file-watcher.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
restart_process() {
echo "Restarting cron.sh because daily backup time was set, changed or unset."
pkill cron.sh

6
Containers/mastercontainer/cron.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
while true; do
if [ -f "/mnt/docker-aio-config/data/daily_backup_time" ]; then
set -x
@@ -17,7 +21,9 @@ while true; do
else
export SEND_SUCCESS_NOTIFICATIONS=0
fi
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
if [ -f "/mnt/docker-aio-config/data/daily_backup_running" ]; then
export LOCK_FILE_PRESENT=1
else

4
Containers/mastercontainer/daily-backup.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
echo "Daily backup script has started"
# Check if initial configuration has been done, otherwise this script should do nothing.

4
Containers/mastercontainer/healthcheck.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [ -f "/mnt/docker-aio-config/data/configuration.json" ]; then
nc -z 127.0.0.1 80 || exit 1
nc -z 127.0.0.1 8080 || exit 1

2
Containers/mastercontainer/internal.Caddyfile
View File

@@ -9,7 +9,7 @@
}
log {
level ERROR
level {$CADDY_LOG_LEVEL}
# We need to exclude the remote-host plugin from logging as it would spam the logs
# See https://github.com/nextcloud/all-in-one/pull/7006#issuecomment-4003238239
exclude http.matchers.remote_host

4
Containers/mastercontainer/session-deduplicator.sh
View File

@@ -16,6 +16,10 @@ compare_times() {
fi
}
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
while true; do
compare_times
sleep 2

22
Containers/mastercontainer/start.sh
View File

@@ -20,6 +20,10 @@ case "${1}" in
esac
}
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
# Check if running as root user
if [ "$EUID" != "0" ]; then
print_red "Container does not run as root user. This is not supported."
@@ -333,6 +337,24 @@ else
export NEXTCLOUD_DRI_GID=""
fi
# Log level logics
if [ -n "$AIO_LOG_LEVEL" ] && ! grep -q "^debug$\|^info$\|^warn$\|^error$"; then
print_red "AIO_LOG_LEVEL must be one of 'debug', 'info', 'warn' or 'error'.
It is set to '$AIO_LOG_LEVEL'".
exit 1
fi
if [ -z "$AIO_LOG_LEVEL" ]; then
export AIO_LOG_LEVEL="warn"
fi
CADDY_LOG_LEVEL="$(echo "$AIO_LOG_LEVEL" | tr '[:lower:]' '[:upper:]')"
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
export SUPERVISORD_STDOUT=/dev/stdout
else
export SUPERVISORD_STDOUT=NONE
fi
export CADDY_LOG_LEVEL
# Check if ghcr.io is reachable
# Solves issues like https://github.com/nextcloud/all-in-one/discussions/5268
if ! curl --no-progress-meter https://ghcr.io/v2/ >/dev/null; then

8
Containers/mastercontainer/supervisord.conf
View File

@@ -5,12 +5,12 @@ pidfile=/var/run/supervisord/supervisord.pid
childlogdir=/var/log/supervisord/
logfile_maxbytes=50MB
logfile_backups=10
loglevel=error
loglevel=%(ENV_AIO_LOG_LEVEL)s
user=root
[program:php-fpm]
# Stdout logging is disabled as otherwise the logs are spammed
stdout_logfile=NONE
stdout_logfile=%(ENV_SUPERVISORD_STDOUT)s
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=php-fpm
@@ -58,7 +58,7 @@ user=root
[program:domain-validator]
# Logging is disabled as otherwise all attempts will be logged which spams the logs
stdout_logfile=NONE
stderr_logfile=NONE
stdout_logfile=%(ENV_SUPERVISORD_STDOUT)s
stderr_logfile=%(ENV_SUPERVISORD_STDOUT)s
command=php -S 127.0.0.1:9876 /var/www/docker-aio/php/domain-validator.php
user=www-data

5
Containers/nextcloud/cron.sh
View File

@@ -1,4 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
wait_for_cron() {
set -x
while [ -n "$(pgrep -f /var/www/html/cron.php)" ]; do

24
Containers/nextcloud/entrypoint.sh
View File

@@ -10,6 +10,10 @@ directory_empty() {
[ -z "$(ls -A "$1/")" ]
}
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
run_upgrade_if_needed_due_to_app_update() {
if php /var/www/html/occ status | grep maintenance | grep -q true; then
php /var/www/html/occ maintenance:mode --off
@@ -20,6 +24,14 @@ run_upgrade_if_needed_due_to_app_update() {
fi
}
NEXTCLOUD_LOG_LEVEL="$(case "$AIO_LOG_LEVEL" in
debug) printf '0' ;;
info) printf '1' ;;
warn) printf '2' ;;
error) printf '3' ;;
esac)"
export NEXTCLOUD_LOG_LEVEL
# Create cert bundle
if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then
@@ -75,7 +87,9 @@ if env | grep -q NEXTCLOUD_TRUSTED_CERTIFICATES_; then
cat "$CERTIFICATE_BUNDLE"
# Disable debug mode
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
fi
# Adjust DATABASE_TYPE to by Nextcloud supported value
@@ -222,8 +236,10 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
if grep -q appstoreurl /var/www/html/config/config.php; then
set -x
APPSTORE_URL="$(grep appstoreurl /var/www/html/config/config.php | grep -oP 'https://.*v[0-9]+')"
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
fi
# Default appstoreurl parameter in config.php defaults to 'https://apps.nextcloud.com/api/v1' so we check for the apps.json file stored in there
CURL_STATUS="$(curl -LI "$APPSTORE_URL"/apps.json -o /dev/null -w '%{http_code}\n' -s)"
if [[ "$CURL_STATUS" = "200" ]]
@@ -289,8 +305,10 @@ if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then
"$SOURCE_LOCATION/custom_apps/" \
/var/www/html/custom_apps/
done
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
fi
# Copy these from Nextcloud archive if they don't exist yet (i.e. new install)
for dir in config data custom_apps themes; do
@@ -442,7 +460,7 @@ EOF
# Apply log settings
echo "Applying default settings..."
mkdir -p /var/www/html/data
php /var/www/html/occ config:system:set loglevel --value="2" --type=integer
php /var/www/html/occ config:system:set loglevel --value="$NEXTCLOUD_LOG_LEVEL" --type=integer
if [ "$NEXTCLOUD_LOG_TYPE" = "errorlog" ]; then
php /var/www/html/occ config:system:set log_type --value="errorlog"
php /var/www/html/occ config:system:set log_type_audit --value="errorlog"
@@ -764,7 +782,9 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then
if echo "$COLLABORA_HOST" | grep -q "nextcloud-.*-collabora"; then
COLLABORA_HOST="$NC_DOMAIN"
fi
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
# Remove richdcoumentscode if it should be incorrectly installed
if [ -d "/var/www/html/custom_apps/richdocumentscode" ]; then
php /var/www/html/occ app:remove richdocumentscode
@@ -885,7 +905,9 @@ if [ "$TALK_ENABLED" = 'yes' ]; then
if [ -z "$TURN_DOMAIN" ]; then
TURN_DOMAIN="$TALK_HOST"
fi
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
if ! [ -d "/var/www/html/custom_apps/spreed" ]; then
php /var/www/html/occ app:install spreed
elif [ "$(php /var/www/html/occ config:app:get spreed enabled)" != "yes" ]; then

4
Containers/nextcloud/healthcheck.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
# Set a default value for POSTGRES_PORT
if [ -z "$POSTGRES_PORT" ]; then
POSTGRES_PORT=5432

4
Containers/nextcloud/notify-all.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [[ "$EUID" = 0 ]]; then
COMMAND=(sudo -E -u www-data php /var/www/html/occ)
else

4
Containers/nextcloud/notify.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [[ "$EUID" = 0 ]]; then
COMMAND=(sudo -E -u www-data php /var/www/html/occ)
else

4
Containers/nextcloud/run-exec-commands.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
# Wait until the apache container is ready
while ! nc -z "$APACHE_HOST" "$APACHE_PORT"; do
echo "Waiting for $APACHE_HOST to become available..."

12
Containers/nextcloud/start.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
# Set a default value for POSTGRES_PORT
if [ -z "$POSTGRES_PORT" ]; then
POSTGRES_PORT=5432
@@ -53,7 +57,9 @@ if ! [ -f "/dev-dri-group-was-added" ] && [ -n "$(find /dev -maxdepth 1 -mindept
usermod -aG "$GROUP" www-data
touch "/dev-dri-group-was-added"
fi
set +x
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
# Check datadir permissions
sudo -E -u www-data touch "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" &>/dev/null
@@ -170,6 +176,8 @@ if [ "$THIS_IS_AIO" = "true" ] && [ "$APACHE_PORT" = 443 ]; then
sed -i "/^listen.allowed_clients/s/,$//" /usr/local/etc/php-fpm.d/www.conf
grep listen.allowed_clients /usr/local/etc/php-fpm.d/www.conf
fi
set +x
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
exec "$@"

2
Containers/nextcloud/supervisord.conf
View File

@@ -6,7 +6,7 @@ pidfile=/var/run/supervisord/supervisord.pid
childlogdir=/var/log/supervisord/
logfile_maxbytes=50MB ; maximum size of logfile before rotation
logfile_backups=10 ; number of backed up logfiles
loglevel=error
loglevel=%(ENV_AIO_LOG_LEVEL)s
user=root
[program:php-fpm]

4
Containers/notify-push/healthcheck.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if ! nc -z "$NEXTCLOUD_HOST" 9001; then
exit 0
fi

6
Containers/notify-push/start.sh
View File

@@ -1,5 +1,11 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
export RUST_LOG="$AIO_LOG_LEVEL"
if [ -z "$NEXTCLOUD_HOST" ]; then
echo "NEXTCLOUD_HOST needs to be provided. Exiting!"
exit 1

4
Containers/onlyoffice/healthcheck.sh
View File

@@ -1,3 +1,7 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
nc -z 127.0.0.1 80 || exit 1

4
Containers/postgresql/healthcheck.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
test -f "/mnt/data/backup-is-running" && exit 0
PGPASSWORD="$POSTGRES_PASSWORD" psql -h 127.0.0.1 -p 11000 -U "oc_$POSTGRES_USER" -d "$POSTGRES_DB" -c "select now()" && exit 0

5
Containers/postgresql/init-user-db.sh
View File

@@ -1,4 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
set -ex
touch "$DUMP_DIR/initialization.failed"

22
Containers/postgresql/start.sh
View File

@@ -1,5 +1,17 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
POSTGRES_LOG_MIN_MESSAGES="$(case "$AIO_LOG_LEVEL" in
debug) printf 'debug1' ;;
info) printf 'info' ;;
warn) printf 'warning' ;;
error) printf 'error' ;;
esac)"
export POSTGRES_LOG_MIN_MESSAGES
# Variables
DATADIR="/var/lib/postgresql/data"
export DUMP_DIR="/mnt/data"
@@ -166,6 +178,12 @@ if [ -f "/var/lib/postgresql/data/postgresql.conf" ]; then
sed -i 's|#log_checkpoints.*|log_checkpoints = off|' "$PGCONF"
fi
if grep -q "^#\?log_min_messages" /var/lib/postgresql/data/postgresql.conf; then
sed -i "s|^#\?log_min_messages.*|log_min_messages = $POSTGRES_LOG_MIN_MESSAGES|" /var/lib/postgresql/data/postgresql.conf
else
echo "log_min_messages = $POSTGRES_LOG_MIN_MESSAGES" >> /var/lib/postgresql/data/postgresql.conf
fi
# Closing idling connections automatically seems to break any logic so was reverted again to default where it is disabled
if grep -q "^idle_session_timeout" "$PGCONF"; then
sed -i 's|^idle_session_timeout.*|#idle_session_timeout|' "$PGCONF"
@@ -223,12 +241,16 @@ do_database_dump() {
pg_ctl stop -m fast
rm "$DUMP_DIR/export.failed"
echo 'Database dump successful!'
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
exit 0
else
pg_ctl stop -m fast
echo "Database dump unsuccessful!"
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
exit 1
fi
}

4
Containers/redis/healthcheck.sh
View File

@@ -1,3 +1,7 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
redis-cli -a "$REDIS_HOST_PASSWORD" PING || exit 1

13
Containers/redis/start.sh
View File

@@ -1,5 +1,16 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [ "$AIO_LOG_LEVEL" = "warn" ]; then
REDIS_LOG_LEVEL="warning"
else
REDIS_LOG_LEVEL="$AIO_LOG_LEVEL"
fi
export REDIS_LOG_LEVEL
# Show wiki if vm.overcommit is disabled
if [ "$(sysctl -n vm.overcommit_memory)" != "1" ]; then
echo "Memory overcommit is disabled but necessary for safe operation"
@@ -16,7 +27,7 @@ fi
# Build the redis-server argument list.
REDIS_ARGS=(
--loglevel warning
--loglevel "$REDIS_LOG_LEVEL"
--save "" # Disable RDB persistence (Redis is used as a pure cache/lock store)
--maxmemory-policy allkeys-lru # Evict least-recently-used keys when memory is full
--lazyfree-lazy-eviction yes # Perform evictions in a background thread

13
Containers/talk-recording/Dockerfile
View File

@@ -4,12 +4,13 @@ FROM python:3.14.3-alpine3.23
COPY --chmod=775 start.sh /start.sh
COPY --chmod=775 healthcheck.sh /healthcheck.sh
ENV RECORDING_VERSION=v0.2.1
ENV ALLOW_ALL=false
ENV HPB_PROTOCOL=https
ENV NC_PROTOCOL=https
ENV SKIP_VERIFY=false
ENV HPB_PATH=/standalone-signaling/
ENV RECORDING_VERSION=v0.2.1 \
ALLOW_ALL=false \
HPB_PROTOCOL=https \
NC_PROTOCOL=https \
SKIP_VERIFY=false \
HPB_PATH=/standalone-signaling/ \
AIO_LOG_LEVEL=warn
RUN set -ex; \
apk upgrade --no-cache -a; \

4
Containers/talk-recording/healthcheck.sh
View File

@@ -1,3 +1,7 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
nc -z 127.0.0.1 1234 || exit 1

14
Containers/talk-recording/start.sh
View File

@@ -1,5 +1,17 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
TALK_RECORDING_LOG_LEVEL="$(case "$AIO_LOG_LEVEL" in
debug) printf '10' ;;
info) printf '20' ;;
warn) printf '30' ;;
error) printf '40' ;;
esac)"
export TALK_RECORDING_LOG_LEVEL
# Variables
if [ -z "$NC_DOMAIN" ]; then
echo "You need to provide the NC_DOMAIN."
@@ -49,7 +61,7 @@ fi
cat << RECORDING_CONF > "/conf/recording.conf"
[logs]
# 30 means Warning
level = 30
level = ${TALK_RECORDING_LOG_LEVEL}
[http]
listen = 0.0.0.0:1234

3
Containers/talk/Dockerfile
View File

@@ -37,7 +37,8 @@ RUN set -ex; \
FROM alpine:3.23.4
ENV ETURNAL_ETC_DIR="/conf"
ENV SKIP_CERT_VERIFY=false
ENV SKIP_CERT_VERIFY=false \
AIO_LOG_LEVEL=warn
COPY --from=janus --chmod=777 --chown=1000:1000 /usr/local /usr/local
COPY --from=eturnal --chmod=777 --chown=1000:1000 /opt/eturnal /opt/eturnal
COPY --from=nats --chmod=777 --chown=1000:1000 /nats-server /usr/local/bin/nats-server

4
Containers/talk/healthcheck.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
nc -z 127.0.0.1 8081 || exit 1
nc -z 127.0.0.1 8188 || exit 1
nc -z 127.0.0.1 4222 || exit 1

30
Containers/talk/start.sh
View File

@@ -1,5 +1,23 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
if [ "$AIO_LOG_LEVEL" = "warn" ]; then
ETURNAL_LOG_LEVEL="warning"
else
ETURNAL_LOG_LEVEL="$AIO_LOG_LEVEL"
fi
export ETURNAL_LOG_LEVEL
JANUS_LOG_LEVEL="$(case "$AIO_LOG_LEVEL" in
debug) printf '7' ;;
info) printf '4' ;;
warn) printf '3' ;;
error) printf '1' ;;
esac)"
export JANUS_LOG_LEVEL
# Variables
if [ -z "$NC_DOMAIN" ]; then
echo "You need to provide the NC_DOMAIN."
@@ -31,7 +49,9 @@ if mountpoint -q /usr/local/share/ca-certificates; then
fi
done
export SSL_CERT_FILE=/tmp/ca-certificates.crt
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
fi
set -x
@@ -40,7 +60,9 @@ IPv4_ADDRESS_TALK_RELAY="$(hostname -i | grep -oP '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]
IPv4_ADDRESS_TALK="$(dig "$TALK_HOST" IN A +short +search | grep '^[0-9.]\+$' | sort | head -n1)"
# shellcheck disable=SC2153
IPv6_ADDRESS_TALK="$(dig "$TALK_HOST" AAAA +short +search | grep '^[0-9a-f:]\+$' | sort | head -n1)"
set +x
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
if [ -n "$IPv4_ADDRESS_TALK" ] && [ "$IPv4_ADDRESS_TALK_RELAY" = "$IPv4_ADDRESS_TALK" ]; then
IPv4_ADDRESS_TALK=""
@@ -53,7 +75,9 @@ if grep -q "1" /sys/module/ipv6/parameters/disable \
|| grep -q "1" /proc/sys/net/ipv6/conf/default/disable_ipv6; then
IP_BINDING="0.0.0.0"
fi
set +x
if [ "$AIO_LOG_LEVEL" != 'debug' ]; then
set +x
fi
# Turn
cat << TURN_CONF > "/conf/eturnal.yml"
@@ -66,7 +90,7 @@ eturnal:
port: $TALK_PORT
transport: tcp
log_dir: stdout
log_level: warning
log_level: ${ETURNAL_LOG_LEVEL}
secret: "$TURN_SECRET"
relay_ipv4_addr: "$IPv4_ADDRESS_TALK_RELAY"
relay_ipv6_addr: "$IPv6_ADDRESS_TALK"

5
Containers/talk/supervisord.conf
View File

@@ -5,7 +5,7 @@ pidfile=/var/run/supervisord/supervisord.pid
childlogdir=/var/log/supervisord/
logfile_maxbytes=50MB
logfile_backups=10
loglevel=error
loglevel=%(ENV_AIO_LOG_LEVEL)s
[program:nats-server]
stdout_logfile=/dev/stdout
@@ -30,8 +30,7 @@ stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
# debug-level 3 means warning
command=janus --config=/conf/janus.jcfg --disable-colors --log-stdout --full-trickle --debug-level 3
command=janus --config=/conf/janus.jcfg --disable-colors --log-stdout --full-trickle --debug-level %(ENV_JANUS_LOG_LEVEL)s
# Start alongside eturnal; signaling connects to Janus via WebSocket
priority=20

6
Containers/watchtower/start.sh
View File

@@ -1,5 +1,9 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
# Check if socket is available and readable
if ! [ -e "/var/run/docker.sock" ]; then
echo "Docker socket is not available. Cannot continue."
@@ -17,7 +21,7 @@ if [ -f /run/.containerenv ]; then
fi
if [ -n "$CONTAINER_TO_UPDATE" ]; then
exec /watchtower --cleanup --debug --run-once "$CONTAINER_TO_UPDATE"
exec /watchtower --cleanup --log-level "$AIO_LOG_LEVEL" --run-once "$CONTAINER_TO_UPDATE"
else
echo "'CONTAINER_TO_UPDATE' is not set. Cannot update anything."
exit 1

4
Containers/whiteboard/healthcheck.sh
View File

@@ -1,4 +1,8 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
nc -z "$REDIS_HOST" "$REDIS_PORT" || exit 0
nc -z 127.0.0.1 3002 || exit 1

6
Containers/whiteboard/start.sh
View File

@@ -1,5 +1,11 @@
#!/bin/bash
if [ "$AIO_LOG_LEVEL" = 'debug' ]; then
set -x
fi
export LOG_LEVEL="$AIO_LOG_LEVEL"
# Only start container if nextcloud is accessible
while ! nc -z "$REDIS_HOST" "$REDIS_PORT"; do
echo "Waiting for redis to start..."

1
compose.yaml
View File

@@ -22,6 +22,7 @@ services:
# APACHE_IP_BINDING: 127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# APACHE_ADDITIONAL_NETWORK: frontend_net # (Optional) Connect the apache container to an additional docker network. Needed when behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) running in a different docker network on same server. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
# AIO_LOG_LEVEL: warn # Allows to globally adjust the log level of the included AIO components. Supported values: debug, info, warn, error. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-log-level-for-aio-components
# COLLABORA_SECCOMP_DISABLED: false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
# DOCKER_API_VERSION: 1.44 # You can adjust the internally used docker api version with this variable. ⚠️⚠️⚠️ Warning: please note that only the default api version (unset this variable) is supported and tested by the maintainers of Nextcloud AIO. So use this on your own risk and things might break without warning. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-internally-used-docker-api-version
# FULLTEXTSEARCH_JAVA_OPTIONS: "-Xms1024M -Xmx1024M" # Allows to adjust the fulltextsearch java options. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-fulltextsearch-java-options

1
manual-install/sample.conf
View File

@@ -25,6 +25,7 @@ APACHE_IP_BINDING=0.0.0.0 # This can be changed to e.g. 127.0.0.1 if yo
APACHE_MAX_SIZE=17179869184 # This needs to be an integer and in sync with NEXTCLOUD_UPLOAD_LIMIT
APACHE_PORT=443 # Changing this to a different value than 443 will allow you to run it behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else).
ADDITIONAL_COLLABORA_OPTIONS=['--o:security.seccomp=true'] # You can add additional collabora options here by using the array syntax.
AIO_LOG_LEVEL=warn # Allows to adjust the global AIO log level. Valid values are debug, info, warn and error.
COLLABORA_DICTIONARIES="de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru" # You can change this in order to enable other dictionaries for collabora
FULLTEXTSEARCH_JAVA_OPTIONS="-Xms512M -Xmx512M" # Allows to adjust the fulltextsearch java options.
INSTALL_LATEST_MAJOR=no # Setting this to yes will install the latest Major Nextcloud version upon the first installation

1
manual-install/update-yaml.sh
View File

@@ -100,6 +100,7 @@ sed -i 's|NC_DOMAIN=|NC_DOMAIN=yourdomain.com # TODO! Needs to be chang
sed -i 's|NEXTCLOUD_PASSWORD=|NEXTCLOUD_PASSWORD= # TODO! This is the password of the initially created Nextcloud admin with username "admin".|' sample.conf
sed -i 's|TIMEZONE=|TIMEZONE=Europe/Berlin # TODO! This is the timezone that your containers will use.|' sample.conf
sed -i 's|COLLABORA_SECCOMP_POLICY=|COLLABORA_SECCOMP_POLICY=--o:security.seccomp=true # Changing the value to false allows to disable the seccomp feature of the Collabora container.|' sample.conf
sed -i 's|AIO_LOG_LEVEL=|AIO_LOG_LEVEL=warning # Allows to adjust the global AIO log level. Valid values are debug, info, warn and error.|' sample.conf
sed -i 's|FULLTEXTSEARCH_JAVA_OPTIONS=|FULLTEXTSEARCH_JAVA_OPTIONS="-Xms512M -Xmx512M" # Allows to adjust the fulltextsearch java options.|' sample.conf
sed -i 's|NEXTCLOUD_STARTUP_APPS=|NEXTCLOUD_STARTUP_APPS="deck twofactor_totp tasks calendar contacts notes" # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. You can also disable apps by using a hyphen in front of them. E.g. "-app_api"|' sample.conf
sed -i 's|NEXTCLOUD_ADDITIONAL_APKS=|NEXTCLOUD_ADDITIONAL_APKS=imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value.|' sample.conf

27
php/containers.json
View File

@@ -45,6 +45,7 @@
"COLLABORA_HOST=nextcloud-aio-collabora",
"TALK_HOST=nextcloud-aio-talk",
"APACHE_PORT=%APACHE_PORT%",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"ONLYOFFICE_HOST=nextcloud-aio-onlyoffice",
"TZ=%TIMEZONE%",
"APACHE_MAX_SIZE=%APACHE_MAX_SIZE%",
@@ -120,6 +121,7 @@
"POSTGRES_PASSWORD=%DATABASE_PASSWORD%",
"POSTGRES_DB=nextcloud_database",
"POSTGRES_USER=nextcloud",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"PGTZ=%TIMEZONE%"
],
@@ -222,6 +224,7 @@
"SIGNALING_SECRET=%SIGNALING_SECRET%",
"ONLYOFFICE_SECRET=%ONLYOFFICE_SECRET%",
"AIO_URL=%AIO_URL%",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"NC_AIO_VERSION=v%AIO_VERSION%",
"NEXTCLOUD_MOUNT=%NEXTCLOUD_MOUNT%",
"CLAMAV_ENABLED=%CLAMAV_ENABLED%",
@@ -311,6 +314,7 @@
],
"environment": [
"NEXTCLOUD_HOST=nextcloud-aio-nextcloud",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%"
],
"restart": "unless-stopped",
@@ -340,6 +344,7 @@
"internal_port": "6379",
"environment": [
"REDIS_HOST_PASSWORD=%REDIS_PASSWORD%",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%"
],
"volumes": [
@@ -381,8 +386,9 @@
"internal_port": "9980",
"environment": [
"aliasgroup1=https://%NC_DOMAIN%:443,http://nextcloud-aio-apache.nextcloud-aio:23973",
"extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.disable_server_audit=true --o:logging.level=warning --o:logging.level_startup=warning --o:welcome.enable=false --o:fetch_update_check=0 --o:allow_update_popup=false %COLLABORA_SECCOMP_POLICY% --o:remote_font_config.url=https://%NC_DOMAIN%/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+",
"extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:logging.disable_server_audit=true --o:welcome.enable=false --o:fetch_update_check=0 --o:allow_update_popup=false %COLLABORA_SECCOMP_POLICY% --o:remote_font_config.url=https://%NC_DOMAIN%/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+",
"dictionaries=%COLLABORA_DICTIONARIES%",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"server_name=%NC_DOMAIN%",
"DONT_GEN_SSL_CERT=1"
@@ -453,6 +459,7 @@
"TALK_HOST=nextcloud-aio-talk",
"TURN_SECRET=%TURN_SECRET%",
"SIGNALING_SECRET=%SIGNALING_SECRET%",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"TALK_PORT=%TALK_PORT%",
"INTERNAL_SECRET=%TALK_INTERNAL_SECRET%"
@@ -500,6 +507,7 @@
"internal_port": "1234",
"environment": [
"NC_DOMAIN=%NC_DOMAIN%",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"RECORDING_SECRET=%RECORDING_SECRET%",
"INTERNAL_SECRET=%TALK_INTERNAL_SECRET%"
@@ -543,6 +551,7 @@
"BORG_REMOTE_REPO=%BORGBACKUP_REMOTE_REPO%",
"BORG_PASSWORD=%BORGBACKUP_PASSWORD%",
"BORG_MODE=%BORGBACKUP_MODE%",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"SELECTED_RESTORE_TIME=%SELECTED_RESTORE_TIME%",
"RESTORE_EXCLUDE_PREVIEWS=%RESTORE_EXCLUDE_PREVIEWS%",
"BACKUP_RESTORE_PASSWORD=%BACKUP_RESTORE_PASSWORD%",
@@ -610,7 +619,8 @@
"image": "ghcr.io/nextcloud-releases/aio-watchtower",
"init": true,
"environment": [
"CONTAINER_TO_UPDATE=nextcloud-aio-mastercontainer"
"CONTAINER_TO_UPDATE=nextcloud-aio-mastercontainer",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%"
],
"volumes": [
{
@@ -641,7 +651,8 @@
"internal_port": "%APACHE_PORT%",
"environment": [
"INSTANCE_ID=%INSTANCE_ID%",
"APACHE_PORT=%APACHE_PORT%"
"APACHE_PORT=%APACHE_PORT%",
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%"
],
"secrets": [
"INSTANCE_ID"
@@ -676,6 +687,7 @@
],
"internal_port": "3310",
"environment": [
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"MAX_SIZE=%NEXTCLOUD_UPLOAD_LIMIT%"
],
@@ -721,6 +733,8 @@
],
"internal_port": "80",
"environment": [
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"JWT_ENABLED=true",
"JWT_HEADER=AuthorizationJwt",
@@ -764,6 +778,7 @@
],
"internal_port": "9000",
"environment": [
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"IMAGINARY_SECRET=%IMAGINARY_SECRET%"
],
@@ -805,12 +820,12 @@
],
"internal_port": "9200",
"environment": [
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"ES_JAVA_OPTS=%FULLTEXTSEARCH_JAVA_OPTIONS%",
"bootstrap.memory_lock=false",
"cluster.name=nextcloud-aio",
"discovery.type=single-node",
"logger.level=WARN",
"http.port=9200",
"xpack.license.self_generated.type=basic",
"xpack.security.enabled=false",
@@ -845,6 +860,7 @@
"init": true,
"internal_port": "2375",
"environment": [
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%"
],
"volumes": [
@@ -876,7 +892,7 @@
"environment": [
"HP_SHARED_KEY=%HP_SHARED_KEY%",
"NC_INSTANCE_URL=https://%NC_DOMAIN%",
"HP_LOG_LEVEL=warning",
"HP_LOG_LEVEL=%COLLABORA_LOG_LEVEL%",
"HP_FRP_DISABLE_TLS=true",
"TZ=%TIMEZONE%"
],
@@ -928,6 +944,7 @@
],
"internal_port": "3002",
"environment": [
"AIO_LOG_LEVEL=%AIO_LOG_LEVEL%",
"TZ=%TIMEZONE%",
"NEXTCLOUD_URL=https://%NC_DOMAIN%",
"JWT_SECRET_KEY=%WHITEBOARD_SECRET%",

6
php/src/Data/ConfigurationManager.php
View File

@@ -255,6 +255,11 @@ class ConfigurationManager
set { $this->set('docker_socket_path', $value); }
}
public string $aioLogLevel {
get => $this->getEnvironmentalVariableOrConfig('AIO_LOG_LEVEL', 'aio_log_level', 'warn');
set { $this->set('aio_log_level', $value); }
}
public string $trustedCacertsDir {
get => $this->getEnvironmentalVariableOrConfig('NEXTCLOUD_TRUSTED_CACERTS_DIR', 'trusted_cacerts_dir', '');
set { $this->set('trusted_cacerts_dir', $value); }
@@ -1066,6 +1071,7 @@ class ConfigurationManager
'NC_DOMAIN' => $this->domain,
'NC_BASE_DN' => $this->getBaseDN(),
'AIO_TOKEN' => $this->aioToken,
'AIO_LOG_LEVEL' => $this->aioLogLevel,
'BORGBACKUP_REMOTE_REPO' => $this->borgRemoteRepo,
'BORGBACKUP_MODE' => $this->backupMode,
'AIO_URL' => $this->aioUrl,

6
readme.md
View File

@@ -283,6 +283,7 @@ https://your-domain-that-points-to-this-server.tld:8443
- [Are there known problems when SELinux is enabled?](#are-there-known-problems-when-selinux-is-enabled)
- [Customization](#customization)
- [How to adjust the internally used docker api version?](#how-to-adjust-the-internally-used-docker-api-version)
- [How to adjust the log level for AIO components?](#how-to-adjust-the-log-level-for-aio-components)
- [How to change the default location of Nextcloud's Datadir?](#how-to-change-the-default-location-of-nextclouds-datadir)
- [How to configure custom UID/GID?](#how-to-configure-custom-uidgid)
- [How to move the appdata folder from the datadir to an ssd to improve the performance?](#how-to-move-the-appdata-folder-from-the-datadir-to-an-ssd-to-improve-the-performance)
@@ -509,6 +510,9 @@ Yes. If SELinux is enabled, you might need to add the `--security-opt label:disa
### How to adjust the internally used docker api version?
If you run an outdated or too new docker version, you might run into problems with the by AIO internally used docker api version. To fix this, you can specify the api version manually. You can do so by adding `--env DOCKER_API_VERSION=1.44` to the docker run command of the mastercontainer (but before the last line `ghcr.io/nextcloud-releases/all-in-one:latest`! If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command that you initially used). This variable excepts a string based on the pattern `[0-9].[0-9]+`, so e.g. `1.44`. ⚠️ However please note that only the default api version (unset this variable) is supported and tested by the maintainers of Nextcloud AIO. So use this on your own risk and things might break without warning.
### How to adjust the log level for AIO components?
You can globally adjust the log level of the included AIO components by adding `--env AIO_LOG_LEVEL=warn` to the docker run command of the mastercontainer. This setting is propagated from the mastercontainer to the built-in sibling containers. If it was started already, you will need to stop the mastercontainer, remove it (no data will be lost) and recreate it using the docker run command or compose file that you initially used. For troubleshooting, `debug` and `info` may additionally re-enable some supervisord child stdout or stderr streams that are normally suppressed in order to keep the default logs concise. Allowed values are `error`, `warn`, `info` and `debug`.
### How to change the default location of Nextcloud's Datadir?
> [!WARNING]
> Do not set or adjust this value after the initial Nextcloud installation is done! If you still want to do it afterwards, see [this](https://github.com/nextcloud/all-in-one/discussions/890#discussioncomment-3089903) on how to do it.
@@ -1283,7 +1287,7 @@ This project values stability over new features. That means that when a new majo
AIO ships its own update notifications implementation. It checks if container updates are available. If so, it sends a notification with the title `Container updates available!` on saturdays to Nextcloud users that are part of the `admin` group. If the Nextcloud container image should be older than 90 days (~3 months) and thus badly outdated, AIO sends a notification to all Nextcloud users with the title `AIO is outdated!`. Thus admins should make sure to update the container images at least once every 3 months in order to make sure that the instance gets all security bugfixes as soon as possible.
### Huge docker logs
If you should run into issues with huge docker logs, you can adjust the log size by following https://docs.docker.com/config/containers/logging/local/#usage. However for the included AIO containers, this should usually not be needed because almost all of them have the log level set to warn so they should not produce many logs.
If you should run into issues with huge docker logs, you can adjust the log size by following https://docs.docker.com/config/containers/logging/local/#usage. You can additionally reduce the verbosity of the included AIO containers by setting `AIO_LOG_LEVEL=error` on the mastercontainer. By default, AIO keeps the existing component-specific log defaults, so this should usually not be needed.
<details>

2
tests/QA/060-environmental-variables.md
View File

@@ -7,6 +7,8 @@
- [ ] Make also sure that reverse proxies work by following https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#reverse-proxy-documentation and following [001-initial-setup.md](./001-initial-setup.md) and [002-new-instance.md](./002-new-instance.md)
- [ ] When starting the mastercontainer with `--env SKIP_DOMAIN_VALIDATION=true` on a clean instance, it should skip the domain verification. So it should accept any domain that you type in then.
- [ ] When starting the mastercontainer with `--env DOCKER_API_VERSION=1.44` it should use the mentioned docker API version internally for all requests
- [ ] When starting the mastercontainer with `--env AIO_LOG_LEVEL=info` on a clean instance, the resulting sibling containers should receive the propagated global log-level variable and the configured components should no longer use their default warning or error levels. This should at least be verified for the mastercontainer, Apache, Nextcloud, Redis and Talk containers. In addition, previously suppressed supervisord stdout or stderr logs should become visible for the affected components.
- [ ] When starting the mastercontainer with an invalid `AIO_LOG_LEVEL` value like `warning` or `verbose`, the container startup should fail with a message that only `debug`, `info`, `warn` and `error` are allowed.
- [ ] When starting the mastercontainer with `--env NEXTCLOUD_DATADIR="/mnt/testdata"` it should map that location from `/mnt/testdata` to `/mnt/ncdata` inside the Nextcloud container. Not having adjusted the permissions correctly before starting the Nextcloud container the first time will not allow the Nextcloud container to start correctly. See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir for allowed values.
- [ ] When starting the mastercontainer with `--env NEXTCLOUD_MOUNT="/mnt/"` it should map `/mnt/` to `/mnt/` inside the Nextcloud container. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host for allowed values.
- [ ] When starting the mastercontainer with `--env NEXTCLOUD_UPLOAD_LIMIT=11G` it should change Nextclouds upload limit to 11G. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud for allowed values.