daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-30 07:20:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add dnsmasq community container for LAN DNS, remove ddclient, add NC_DOMAIN Docker alias

Browse Source 
Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/7bd0c60a-c5df-404a-a8a5-5cbb97c7a48c

Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-24 20:42:47 +00:00
committed by GitHub
parent 7c5abc978d
commit 5b72d17438
12 changed files with 130 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
php/src/Controller/DesecController.php
View File

@@ -60,6 +60,9 @@ readonly class DesecController {
if (!in_array('caddy', $enabled, true)) {
$enabled[] = 'caddy';
}
if (!in_array('dnsmasq', $enabled, true)) {
$enabled[] = 'dnsmasq';
}
$this->configurationManager->aioCommunityContainers = $enabled;
$this->configurationManager->commitTransaction();
@@ -132,7 +135,7 @@ readonly class DesecController {
if (is_array($data) && isset($data['email'])) {
throw new \Exception(
'This email address is already registered at deSEC. '
. 'Please log in at https://desec.io to retrieve your token and configure ddclient manually.',
. 'Please log in at https://desec.io to retrieve your token and set up your domain manually.',
);
}
throw new \Exception('Registration at deSEC failed (HTTP 400): ' . $body);

25
php/src/Docker/DockerActionManager.php
View File

@@ -805,7 +805,7 @@ readonly class DockerActionManager {
}
}
private function ConnectContainerIdToNetwork(string $id, string $internalPort, string $network = 'nextcloud-aio', bool $createNetwork = true, string $alias = ''): void {
private function ConnectContainerIdToNetwork(string $id, string $internalPort, string $network = 'nextcloud-aio', bool $createNetwork = true, array $aliases = []): void {
if ($internalPort === 'host') {
return;
}
@@ -837,8 +837,8 @@ readonly class DockerActionManager {
sprintf('networks/%s/connect', $network)
);
$jsonPayload = ['Container' => $id];
if ($alias !== '') {
$jsonPayload['EndpointConfig'] = ['Aliases' => [$alias]];
if (count($aliases) > 0) {
$jsonPayload['EndpointConfig'] = ['Aliases' => $aliases];
}
try {
@@ -864,17 +864,30 @@ readonly class DockerActionManager {
}
public function ConnectContainerToNetwork(Container $container): void {
$aliases = [];
// Add a secondary alias for domaincheck container, to keep it as similar to actual apache controller as possible.
// If a reverse-proxy is relying on container name as hostname this allows it to operate as usual and still validate the domain
// The domaincheck container and apache container are never supposed to be active at the same time because they use the same APACHE_PORT anyway, so this doesn't add any new constraints.
$alias = ($container->identifier === 'nextcloud-aio-domaincheck') ? 'nextcloud-aio-apache' : '';
if ($container->identifier === 'nextcloud-aio-domaincheck') {
$aliases[] = 'nextcloud-aio-apache';
}
$this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, alias: $alias);
// Add NC_DOMAIN as a Docker network alias so that intra-network traffic for the Nextcloud
// domain is forwarded directly to this container without leaving the Docker network.
if ($container->identifier === 'nextcloud-aio-apache' || $container->identifier === 'nextcloud-aio-domaincheck') {
$domain = $this->configurationManager->domain;
if ($domain !== '') {
$aliases[] = $domain;
}
}
$this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, aliases: $aliases);
if ($container->identifier === 'nextcloud-aio-apache' || $container->identifier === 'nextcloud-aio-domaincheck') {
$apacheAdditionalNetwork = $this->configurationManager->getApacheAdditionalNetwork();
if ($apacheAdditionalNetwork !== '') {
$this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, $apacheAdditionalNetwork, false, $alias);
$this->ConnectContainerIdToNetwork($container->identifier, $container->internalPorts, $apacheAdditionalNetwork, false, $aliases);
}
}
}

6
php/templates/containers.twig
View File

@@ -124,7 +124,7 @@
<details>
<summary>Click here for further hints</summary>
<p>If you do not have a domain yet, you can get one for free e.g. from duckdns.org and others. Recommended is to use <a target="_blank" href="https://github.com/nextcloud/all-in-one/discussions/6817">Tailscale</a></p>
<p>If you have a dynamic public IP-address, you can use e.g. <a target="_blank" href="https://ddclient.net/">DDclient</a> with a compatible domain provider for DNS updates.</p>
<p>If you have a dynamic public IP address, you can use e.g. a DDNS client with a compatible domain provider for DNS updates.</p>
<p>If you only want to install AIO locally without exposing it to the public internet or if you cannot do so, feel free to follow <a target="_blank" href="https://github.com/nextcloud/all-in-one/blob/main/local-instance.md">this documentation</a>.</p>
<p>If you should be using Cloudflare Proxy for your domain, make sure to disable the Proxy feature temporarily as it might block the domain validation attempts.</p>
{% if apache_port != '443' %}
@@ -134,7 +134,7 @@
</details>
<details>
<summary>Don't have a domain? Get a free one from deSEC</summary>
<p><a target="_blank" href="https://desec.io">deSEC</a> offers free dynamic DNS subdomains under <strong>dedyn.io</strong>. AIO can register an account and a subdomain for you automatically. The <strong>caddy</strong> community container will be enabled as a reverse proxy, and the mastercontainer will keep your DNS record up to date automatically. You can additionally enable the <strong>ddclient</strong> community container for continuous DNS monitoring between cron cycles.</p>
<p><a target="_blank" href="https://desec.io">deSEC</a> offers free dynamic DNS subdomains under <strong>dedyn.io</strong>. AIO can register an account and a subdomain for you automatically. The <strong>caddy</strong> community container will be enabled as a reverse proxy, the <strong>dnsmasq</strong> container will be enabled for local DNS resolution, and the mastercontainer will keep your DNS record up to date automatically.</p>
<p><strong>Requirements:</strong> Your server must be reachable from the internet (a public IP address is needed). Port 80 and 443 must be open/forwarded in your firewall/router.</p>
<p>Please enter your email address. A deSEC account and a random <em>subdomain.dedyn.io</em> domain will be created for you.</p>
<form method="POST" action="api/desec/register" class="xhr">
@@ -143,7 +143,7 @@
<input type="email" name="desec_email" placeholder="your@email.com" required />
<input type="submit" value="Register free domain via deSEC" />
</form>
<p><strong>Note:</strong> By submitting this form you agree to the <a target="_blank" href="https://desec.io/terms">deSEC terms of service</a>. The registered domain and your deSEC account credentials are stored in the AIO configuration. After registration, finish the setup by configuring the ddclient container as described in its <a target="_blank" href="https://github.com/nextcloud/all-in-one/tree/main/community-containers/ddclient">documentation</a>.</p>
<p><strong>Note:</strong> By submitting this form you agree to the <a target="_blank" href="https://desec.io/terms">deSEC terms of service</a>. The registered domain and your deSEC account credentials are stored in the AIO configuration. After registration, set your router's DHCP DNS server to this machine's local IP address so LAN devices resolve the domain locally (see the <a target="_blank" href="https://github.com/nextcloud/all-in-one/tree/main/community-containers/dnsmasq">dnsmasq documentation</a>).</p>
</details>
{% endif %}

2
php/templates/includes/community-containers.twig
View File

@@ -2,7 +2,7 @@
<p>In this section you can enable or disable optional Community Containers that are not included by default in the main installation. These containers are provided by the community and can be useful for various purposes and are automatically integrated in AIOs backup solution and update mechanisms.</p>
<p><strong>⚠️ Caution: </strong>Community Containers are maintained by the community and not officially by Nextcloud. Some containers may not be compatible with your system, may not work as expected or may discontinue. Use them at your own risk. Please read the documentation for each container first before adding any as some are also incompatible between each other! Never add all of them at the same time!</p>
{% if is_desec_domain == true %}
<p> Your Nextcloud domain (<strong>{{ domain }}</strong>) was registered via deSEC. The <strong>caddy</strong> community container has been automatically enabled as a reverse proxy. The mastercontainer keeps the DNS record up to date; you can optionally also enable the <strong>ddclient</strong> container for continuous DNS monitoring between cron cycles. Please see its <a target="_blank" href="https://github.com/nextcloud/all-in-one/tree/main/community-containers/ddclient"><strong>documentation</strong></a> for details.</p>
<p> Your Nextcloud domain (<strong>{{ domain }}</strong>) was registered via deSEC. The <strong>caddy</strong> community container has been automatically enabled as a reverse proxy and the <strong>dnsmasq</strong> container has been automatically enabled so that LAN devices can resolve your Nextcloud domain to the server's local IP address. Please <a target="_blank" href="https://github.com/nextcloud/all-in-one/tree/main/community-containers/dnsmasq"><strong>read the dnsmasq documentation</strong></a> for the required router change.</p>
{% endif %}
{% if isAnyRunning == true %}
<p><strong>Please note:</strong> You can enable or disable the options below only when your containers are stopped.</p>