mirror of
https://github.com/nextcloud/all-in-one.git
synced 2026-05-22 19:30:11 +00:00
Compare commits
50 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
1630867fb3 | ||
|
|
23755a0371 | ||
|
|
c19ba34cdf | ||
|
|
784da23323 | ||
|
|
5d2cc65aa0 | ||
|
|
02cc5f04ca | ||
|
|
22fdaa57ce | ||
|
|
276cd7d9d8 | ||
|
|
bdff564e2e | ||
|
|
409777cb7a | ||
|
|
96ea32405d | ||
|
|
a8f6e7a336 | ||
|
|
b6ad2782e4 | ||
|
|
b786415cfb | ||
|
|
4acc9d8f41 | ||
|
|
d2242b2eba | ||
|
|
2148b60fc0 | ||
|
|
d971f86f0c | ||
|
|
baa653d711 | ||
|
|
f658318df0 | ||
|
|
ce7a10e4c0 | ||
|
|
4f5d257af5 | ||
|
|
93fcf2783c | ||
|
|
3199b84934 | ||
|
|
cdf39556c1 | ||
|
|
fd38942b2b | ||
|
|
b0058954a1 | ||
|
|
560674d3f0 | ||
|
|
3a6b54057b | ||
|
|
9408d145c9 | ||
|
|
8d51f16d38 | ||
|
|
63e971c32b | ||
|
|
f152b41037 | ||
|
|
70136188b9 | ||
|
|
2fc2be363a | ||
|
|
76ccf69a05 | ||
|
|
b046294801 | ||
|
|
41a867e7f2 | ||
|
|
75ea7c4f27 | ||
|
|
4b8dd232c5 | ||
|
|
0e1eb9d1a8 | ||
|
|
16f764941e | ||
|
|
d6d0086a66 | ||
|
|
c06a52e2be | ||
|
|
1ec07aeabd | ||
|
|
c4f6c89b67 | ||
|
|
ea789d2dca | ||
|
|
f2a5b2bdc7 | ||
|
|
c1f1207a0e | ||
|
|
1ef6769941 |
@@ -1,5 +1,5 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
FROM caddy:2.8.4-alpine AS caddy
|
||||
FROM caddy:2.9.1-alpine AS caddy
|
||||
|
||||
# From https://github.com/docker-library/httpd/blob/master/2.4/alpine/Dockerfile
|
||||
FROM httpd:2.4.62-alpine3.21
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
FROM alpine:3.21.1
|
||||
FROM alpine:3.21.2
|
||||
|
||||
RUN set -ex; \
|
||||
\
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
# Probably from this file: https://github.com/Cisco-Talos/clamav-docker/blob/main/clamav/1.3/alpine/Dockerfile
|
||||
FROM clamav/clamav:1.4.1-20
|
||||
FROM clamav/clamav:1.4.1-21
|
||||
|
||||
COPY clamav.conf /clamav.conf
|
||||
COPY --chmod=775 start.script /start.script
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
# From a file located probably somewhere here: https://github.com/CollaboraOnline/online/tree/master/docker
|
||||
FROM collabora/code:24.04.11.1.1
|
||||
FROM collabora/code:24.04.11.2.1
|
||||
|
||||
USER root
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
FROM haproxy:3.1.1-alpine
|
||||
FROM haproxy:3.1.2-alpine
|
||||
|
||||
# hadolint ignore=DL3002
|
||||
USER root
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
FROM alpine:3.21.1
|
||||
FROM alpine:3.21.2
|
||||
RUN set -ex; \
|
||||
apk upgrade --no-cache -a; \
|
||||
apk add --no-cache bash lighttpd netcat-openbsd; \
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
FROM golang:1.23.4-alpine3.21 AS go
|
||||
|
||||
ENV IMAGINARY_HASH=8f36a26c448be8c151a3878404b75fcd1cd3cf0c
|
||||
ENV IMAGINARY_HASH=1d4e251cfcd58ea66f8361f8721d7b8cc85002a3
|
||||
|
||||
RUN set -ex; \
|
||||
apk add --no-cache \
|
||||
@@ -13,7 +13,7 @@ RUN set -ex; \
|
||||
build-base; \
|
||||
go install github.com/h2non/imaginary@"$IMAGINARY_HASH";
|
||||
|
||||
FROM alpine:3.21.1
|
||||
FROM alpine:3.21.2
|
||||
RUN set -ex; \
|
||||
apk upgrade --no-cache -a; \
|
||||
apk add --no-cache \
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
# Docker CLI is a requirement
|
||||
FROM docker:27.4.1-cli AS docker
|
||||
FROM docker:27.5.0-cli AS docker
|
||||
|
||||
# Caddy is a requirement
|
||||
FROM caddy:2.8.4-alpine AS caddy
|
||||
FROM caddy:2.9.1-alpine AS caddy
|
||||
|
||||
# From https://github.com/docker-library/php/blob/master/8.3/alpine3.21/fpm/Dockerfile
|
||||
FROM php:8.3.15-fpm-alpine3.21
|
||||
|
||||
@@ -283,6 +283,15 @@ if [ "$?" = 6 ]; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if auth.docker.io is reachable
|
||||
# Solves issues like https://github.com/nextcloud/all-in-one/discussions/5268
|
||||
if ! curl https://auth.docker.io/token | grep -q token; then
|
||||
print_red "Could not reach https://auth.docker.io."
|
||||
echo "Most likely is something blocking access to it."
|
||||
echo "You should be able to fix this by using https://github.com/nextcloud/all-in-one/tree/main/manual-install"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check that no changes have been made to timezone settings since AIO only supports running in Etc/UTC timezone
|
||||
if [ -n "$TZ" ]; then
|
||||
print_red "The environmental variable TZ has been set which is not supported by AIO since it only supports running in the default Etc/UTC timezone!"
|
||||
|
||||
@@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud
|
||||
ENV REDIS_DB_INDEX=0
|
||||
|
||||
# AIO settings start # Do not remove or change this line!
|
||||
ENV NEXTCLOUD_VERSION=30.0.4
|
||||
ENV NEXTCLOUD_VERSION=30.0.5
|
||||
ENV AIO_TOKEN=123456
|
||||
ENV AIO_URL=localhost
|
||||
# AIO settings end # Do not remove or change this line!
|
||||
@@ -147,7 +147,7 @@ RUN set -ex; \
|
||||
\
|
||||
{ \
|
||||
echo 'session.save_handler = redis'; \
|
||||
echo 'session.save_path = "tcp://${REDIS_HOST}:6379/${REDIS_DB_INDEX}?auth=${REDIS_HOST_PASSWORD}"'; \
|
||||
echo 'session.save_path = "tcp://${REDIS_HOST}:6379?database=${REDIS_DB_INDEX}${REDIS_USER_AUTH}&auth[]=${REDIS_HOST_PASSWORD}"'; \
|
||||
echo 'redis.session.locking_enabled = 1'; \
|
||||
echo 'redis.session.lock_retries = -1'; \
|
||||
echo 'redis.session.lock_wait_time = 10000'; \
|
||||
|
||||
@@ -18,4 +18,8 @@ if (getenv('REDIS_HOST')) {
|
||||
if (getenv('REDIS_DB_INDEX')) {
|
||||
$CONFIG['redis']['dbindex'] = (int) getenv('REDIS_DB_INDEX');
|
||||
}
|
||||
|
||||
if (getenv('REDIS_USER_AUTH') !== false) {
|
||||
$CONFIG['redis']['user'] = str_replace("&auth[]=", "", getenv('REDIS_USER_AUTH'));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -864,17 +864,20 @@ else
|
||||
fi
|
||||
|
||||
# Docker socket proxy
|
||||
# app_api is a shipped app
|
||||
if [ -d "/var/www/html/custom_apps/app_api" ]; then
|
||||
php /var/www/html/occ app:disable app_api
|
||||
rm -r "/var/www/html/custom_apps/app_api"
|
||||
fi
|
||||
if [ "$DOCKER_SOCKET_PROXY_ENABLED" = 'yes' ]; then
|
||||
if ! [ -d "/var/www/html/custom_apps/app_api" ]; then
|
||||
php /var/www/html/occ app:install app_api
|
||||
elif [ "$(php /var/www/html/occ config:app:get app_api enabled)" != "yes" ]; then
|
||||
if [ "$(php /var/www/html/occ config:app:get app_api enabled)" != "yes" ]; then
|
||||
php /var/www/html/occ app:enable app_api
|
||||
elif [ "$SKIP_UPDATE" != 1 ]; then
|
||||
php /var/www/html/occ app:update app_api
|
||||
fi
|
||||
else
|
||||
if [ "$REMOVE_DISABLED_APPS" = yes ] && [ -d "/var/www/html/custom_apps/app_api" ]; then
|
||||
php /var/www/html/occ app:remove app_api
|
||||
if [ "$REMOVE_DISABLED_APPS" = yes ]; then
|
||||
if [ "$(php /var/www/html/occ config:app:get app_api enabled)" != "no" ]; then
|
||||
php /var/www/html/occ app:disable app_api
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# syntax=docker/dockerfile:latest
|
||||
FROM alpine:3.21.1
|
||||
FROM alpine:3.21.2
|
||||
|
||||
COPY --chmod=775 start.sh /start.sh
|
||||
COPY --chmod=775 healthcheck.sh /healthcheck.sh
|
||||
|
||||
@@ -62,7 +62,7 @@ fi
|
||||
|
||||
# Set sensitive values as env
|
||||
export DATABASE_URL="$DATABASE_TYPE://oc_$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB"
|
||||
export REDIS_URL="redis://:$REDIS_HOST_PASSWORD@$REDIS_HOST/$REDIS_DB_INDEX"
|
||||
export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST/$REDIS_DB_INDEX"
|
||||
|
||||
# Run it
|
||||
/nextcloud/custom_apps/notify_push/bin/"$CPU_ARCH"/notify_push \
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
FROM nats:2.10.24-scratch AS nats
|
||||
FROM eturnal/eturnal:1.12.1 AS eturnal
|
||||
FROM strukturag/nextcloud-spreed-signaling:2.0.1 AS signaling
|
||||
FROM alpine:3.21.1 AS janus
|
||||
FROM alpine:3.21.2 AS janus
|
||||
|
||||
ARG JANUS_VERSION=v1.3.0
|
||||
WORKDIR /src
|
||||
@@ -34,7 +34,7 @@ RUN set -ex; \
|
||||
make configs; \
|
||||
rename -v ".jcfg.sample" ".jcfg" /usr/local/etc/janus/*.jcfg.sample
|
||||
|
||||
FROM alpine:3.21.1
|
||||
FROM alpine:3.21.2
|
||||
ENV ETURNAL_ETC_DIR="/conf"
|
||||
COPY --from=janus --chmod=777 --chown=1000:1000 /usr/local /usr/local
|
||||
COPY --from=eturnal --chmod=777 --chown=1000:1000 /opt/eturnal /opt/eturnal
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
# From https://github.com/containrrr/watchtower/blob/main/dockerfiles/Dockerfile.self-contained
|
||||
FROM containrrr/watchtower:1.7.1 AS watchtower
|
||||
|
||||
FROM alpine:3.21.1
|
||||
FROM alpine:3.21.2
|
||||
|
||||
RUN set -ex; \
|
||||
apk upgrade --no-cache -a; \
|
||||
|
||||
@@ -11,7 +11,7 @@ if [ -z "$REDIS_DB_INDEX" ]; then
|
||||
REDIS_DB_INDEX=0
|
||||
fi
|
||||
|
||||
export REDIS_URL="redis://:$REDIS_HOST_PASSWORD@$REDIS_HOST/$REDIS_DB_INDEX"
|
||||
export REDIS_URL="redis://$REDIS_USER:$REDIS_HOST_PASSWORD@$REDIS_HOST/$REDIS_DB_INDEX"
|
||||
|
||||
# Run it
|
||||
exec npm run server:start
|
||||
|
||||
37
community-containers/calcardbackup/calcardbackup.json
Normal file
37
community-containers/calcardbackup/calcardbackup.json
Normal file
@@ -0,0 +1,37 @@
|
||||
{
|
||||
"aio_services_v1": [
|
||||
{
|
||||
"container_name": "nextcloud-aio-calcardbackup",
|
||||
"display_name": "Calendar and contacts backup",
|
||||
"documentation": "https://github.com/nextcloud/all-in-one/tree/main/community-containers/calcardbackup",
|
||||
"image": "waja/calcardbackup",
|
||||
"image_tag": "latest",
|
||||
"restart": "unless-stopped",
|
||||
"environment": [
|
||||
"CRON_TIME=0 0 * * *",
|
||||
"INIT_BACKUP=yes",
|
||||
"BACKUP_DIR=/backup",
|
||||
"NC_DIR=/nextcloud",
|
||||
"NC_HOST=%NC_DOMAIN%",
|
||||
"DB_HOST=nextcloud-aio-database",
|
||||
"DB_PORT=5432",
|
||||
"CALCARD_OPTS=-ltm 5"
|
||||
],
|
||||
"volumes": [
|
||||
{
|
||||
"source": "nextcloud_aio_calcardbackup",
|
||||
"destination": "/backup",
|
||||
"writeable": true
|
||||
},
|
||||
{
|
||||
"source": "nextcloud_aio_nextcloud",
|
||||
"destination": "/nextcloud",
|
||||
"writeable": false
|
||||
}
|
||||
],
|
||||
"backup_volumes": [
|
||||
"nextcloud_aio_calcardbackup"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
15
community-containers/calcardbackup/readme.md
Normal file
15
community-containers/calcardbackup/readme.md
Normal file
@@ -0,0 +1,15 @@
|
||||
## calcardbackup
|
||||
This container packages calcardbackup which is a tool that exports calendars and addressbooks from Nextcloud to .ics and .vcf files and saves them to a compressed file.
|
||||
|
||||
### Notes
|
||||
- Backups will be created at 00:00 CEST every day. Make sure that this does not conflict with the configured daily backups inside AIO.
|
||||
- All the exports will be included in AIOs backup solution
|
||||
- You can find the exports in the nextcloud_aio_calcardbackup volume
|
||||
- See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack
|
||||
|
||||
### Repository
|
||||
https://github.com/waja/docker-calcardbackup
|
||||
|
||||
### Maintainer
|
||||
https://github.com/pailloM
|
||||
|
||||
@@ -25,6 +25,11 @@
|
||||
"source": "nextcloud_aio_vaultwarden_logs",
|
||||
"destination": "/vaultwarden",
|
||||
"writeable": false
|
||||
},
|
||||
{
|
||||
"source": "nextcloud_aio_jellyfin",
|
||||
"destination": "/jellyfin",
|
||||
"writeable": false
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
## Fail2ban
|
||||
This container bundles fail2ban and auto-configures it for you in order to block ip-addresses automatically. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden, if installed.
|
||||
This container bundles fail2ban and auto-configures it for you in order to block ip-addresses automatically. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden and https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin, if installed.
|
||||
|
||||
### Notes
|
||||
- If you get an error like `"ip6tables v1.8.9 (legacy): can't initialize ip6tables table filter': Table does not exist (do you need to insmod?)"`, you need to enable ip6tables on your host via `sudo modprobe ip6table_filter`.
|
||||
|
||||
@@ -8,6 +8,7 @@ This container bundles Jellyfin and auto-configures it for you.
|
||||
- In order to access your Jellyfin outside the local network, you have to set up your own reverse proxy. You can set up a reverse proxy following [these instructions](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md) and [Jellyfin's networking documentation](https://jellyfin.org/docs/general/networking/#running-jellyfin-behind-a-reverse-proxy), OR use the [Caddy](https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy) community container that will automatically configure `media.$NC_DOMAIN` to redirect to your Jellyfin.
|
||||
- ⚠️ After the initial start, Jellyfin shows a configuration page to set up the root password, etc. **Be careful to initialize your Jellyfin before adding the DNS record.**
|
||||
- If you have a firewall like ufw configured, you might need to open all Jellyfin ports in there first in order to make it work. Especially port 8096 is important!
|
||||
- If you want to secure the installation with fail2ban, you might want to check out https://github.com/nextcloud/all-in-one/tree/main/community-containers/fail2ban
|
||||
- The data of Jellyfin will be automatically included in AIO's backup solution!
|
||||
- See [here](https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers) how to add it to the AIO stack.
|
||||
|
||||
|
||||
@@ -6,11 +6,13 @@ You can run the containers that are build for AIO with docker-compose. This come
|
||||
- You can run it without a container having access to the docker socket
|
||||
- You can modify all values on your own
|
||||
- You can run the containers with docker swarm
|
||||
- You can run this in environments where access to docker.io is not possible. See [this issue](https://github.com/nextcloud/all-in-one/discussions/5268).
|
||||
|
||||
### Disadvantages
|
||||
- You lose the AIO interface
|
||||
- You lose update notifications and automatic updates
|
||||
- You lose all AIO backup and restore features
|
||||
- You lose the built-in [Docker Socket Proxy container](https://github.com/nextcloud/docker-socket-proxy#readme) (needed for [Nextcloud App API](https://github.com/nextcloud/app_api#nextcloud-appapi))
|
||||
- You lose all community containers: https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers
|
||||
- **You need to know what you are doing, especially when modifying the compose.yaml file**
|
||||
- For updating, you need to strictly follow the at the bottom described update routine
|
||||
|
||||
@@ -37,5 +37,5 @@ NEXTCLOUD_STARTUP_APPS="deck twofactor_totp tasks calendar contacts notes"
|
||||
NEXTCLOUD_TRUSTED_CACERTS_DIR=/usr/local/share/ca-certificates/my-custom-ca # Nextcloud container will trust all the Certification Authorities, whose certificates are included in the given directory.
|
||||
NEXTCLOUD_UPLOAD_LIMIT=16G # This allows to change the upload limit of the Nextcloud container
|
||||
REMOVE_DISABLED_APPS=yes # Setting this to no keep Nextcloud apps that are disabled via their switch and not uninstall them if they should be installed in Nextcloud.
|
||||
TALK_PORT=3478 # This allows to adjust the port that the talk container is using.
|
||||
TALK_PORT=3478 # This allows to adjust the port that the talk container is using. It should be set to something higher than 1024! Otherwise it might not work!
|
||||
UPDATE_NEXTCLOUD_APPS="no" # When setting to "yes" (with quotes), it will automatically update all installed Nextcloud apps upon container startup on saturdays.
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
name: nextcloud-aio-helm-chart
|
||||
description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose
|
||||
version: 10.2.0
|
||||
version: 10.3.0
|
||||
apiVersion: v2
|
||||
keywords:
|
||||
- latest
|
||||
|
||||
@@ -61,7 +61,21 @@ spec:
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
- name: WHITEBOARD_HOST
|
||||
value: nextcloud-aio-whiteboard
|
||||
image: nextcloud/aio-apache:20250106_094420
|
||||
image: nextcloud/aio-apache:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- /healthcheck.sh
|
||||
failureThreshold: 3
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- /healthcheck.sh
|
||||
failureThreshold: 3
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 30
|
||||
name: nextcloud-aio-apache
|
||||
ports:
|
||||
- containerPort: {{ .Values.APACHE_PORT }}
|
||||
|
||||
@@ -61,7 +61,7 @@ spec:
|
||||
value: "{{ .Values.NEXTCLOUD_UPLOAD_LIMIT }}"
|
||||
- name: TZ
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
image: nextcloud/aio-clamav:20250106_094420
|
||||
image: nextcloud/aio-clamav:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -34,7 +34,7 @@ spec:
|
||||
value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true {{ .Values.COLLABORA_SECCOMP_POLICY }} --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json --o:net.post_allow.host[0]=.+
|
||||
- name: server_name
|
||||
value: "{{ .Values.NC_DOMAIN }}"
|
||||
image: nextcloud/aio-collabora:20250106_094420
|
||||
image: nextcloud/aio-collabora:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -64,7 +64,7 @@ spec:
|
||||
value: nextcloud
|
||||
- name: TZ
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
image: nextcloud/aio-postgresql:20250106_094420
|
||||
image: nextcloud/aio-postgresql:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -54,7 +54,7 @@ spec:
|
||||
value: basic
|
||||
- name: xpack.security.enabled
|
||||
value: "false"
|
||||
image: nextcloud/aio-fulltextsearch:20250106_094420
|
||||
image: nextcloud/aio-fulltextsearch:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -38,7 +38,7 @@ spec:
|
||||
value: "{{ .Values.IMAGINARY_SECRET }}"
|
||||
- name: TZ
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
image: nextcloud/aio-imaginary:20250106_094420
|
||||
image: nextcloud/aio-imaginary:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -180,7 +180,7 @@ spec:
|
||||
value: "{{ .Values.WHITEBOARD_ENABLED }}"
|
||||
- name: WHITEBOARD_SECRET
|
||||
value: "{{ .Values.WHITEBOARD_SECRET }}"
|
||||
image: nextcloud/aio-nextcloud:20250106_094420
|
||||
image: nextcloud/aio-nextcloud:20250114_092611
|
||||
{{- if eq (.Values.RPSS_ENABLED | default "no") "yes" }} # AIO-config - do not change this comment!
|
||||
securityContext:
|
||||
# The items below only work in container context
|
||||
|
||||
@@ -53,7 +53,7 @@ spec:
|
||||
value: nextcloud-aio-redis
|
||||
- name: REDIS_HOST_PASSWORD
|
||||
value: "{{ .Values.REDIS_PASSWORD }}"
|
||||
image: nextcloud/aio-notify-push:20250106_094420
|
||||
image: nextcloud/aio-notify-push:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -42,7 +42,7 @@ spec:
|
||||
value: "{{ .Values.ONLYOFFICE_SECRET }}"
|
||||
- name: TZ
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
image: nextcloud/aio-onlyoffice:20250106_094420
|
||||
image: nextcloud/aio-onlyoffice:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -39,7 +39,7 @@ spec:
|
||||
value: "{{ .Values.REDIS_PASSWORD }}"
|
||||
- name: TZ
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
image: nextcloud/aio-redis:20250106_094420
|
||||
image: nextcloud/aio-redis:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -52,7 +52,7 @@ spec:
|
||||
value: "{{ .Values.TURN_SECRET }}"
|
||||
- name: TZ
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
image: nextcloud/aio-talk:20250106_094420
|
||||
image: nextcloud/aio-talk:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -44,7 +44,7 @@ spec:
|
||||
value: "{{ .Values.RECORDING_SECRET }}"
|
||||
- name: TZ
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
image: nextcloud/aio-talk-recording:20250106_094420
|
||||
image: nextcloud/aio-talk-recording:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -46,7 +46,7 @@ spec:
|
||||
value: redis
|
||||
- name: TZ
|
||||
value: "{{ .Values.TIMEZONE }}"
|
||||
image: nextcloud/aio-whiteboard:20250106_094420
|
||||
image: nextcloud/aio-whiteboard:20250114_092611
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
|
||||
@@ -34,7 +34,7 @@ NEXTCLOUD_STARTUP_APPS: deck twofactor_totp tasks calendar contacts notes
|
||||
NEXTCLOUD_TRUSTED_CACERTS_DIR: # Setting this to any value allows to automatically import root certificates into the Nextcloud container
|
||||
NEXTCLOUD_UPLOAD_LIMIT: 16G # This allows to change the upload limit of the Nextcloud container
|
||||
REMOVE_DISABLED_APPS: yes # Setting this to no keep Nextcloud apps that are disabled via their switch and not uninstall them if they should be installed in Nextcloud.
|
||||
TALK_PORT: 3478 # This allows to adjust the port that the talk container is using.
|
||||
TALK_PORT: 3478 # This allows to adjust the port that the talk container is using. It should be set to something higher than 1024! Otherwise it might not work!
|
||||
UPDATE_NEXTCLOUD_APPS: no # When setting to yes (with quotes), it will automatically update all installed Nextcloud apps upon container startup on saturdays.
|
||||
|
||||
STORAGE_CLASS: # By setting this, you can adjust the storage class for your volumes
|
||||
|
||||
@@ -187,13 +187,6 @@
|
||||
"pattern": "^[a-z-]+$"
|
||||
}
|
||||
},
|
||||
"networks": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "string",
|
||||
"pattern": "^nextcloud-aio$"
|
||||
}
|
||||
},
|
||||
"read_only": {
|
||||
"type": "boolean"
|
||||
},
|
||||
|
||||
@@ -67,9 +67,6 @@
|
||||
"nextcloud_aio_nextcloud",
|
||||
"nextcloud_aio_apache"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"read_only": true,
|
||||
"tmpfs": [
|
||||
"/var/log/supervisord",
|
||||
@@ -130,9 +127,6 @@
|
||||
"nextcloud_aio_database",
|
||||
"nextcloud_aio_database_dump"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"read_only": true,
|
||||
"tmpfs": [
|
||||
"/var/run/postgresql"
|
||||
@@ -268,9 +262,6 @@
|
||||
"backup_volumes": [
|
||||
"nextcloud_aio_nextcloud"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"cap_drop": [
|
||||
"NET_RAW"
|
||||
]
|
||||
@@ -317,9 +308,6 @@
|
||||
"POSTGRES_USER=nextcloud"
|
||||
],
|
||||
"restart": "unless-stopped",
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"read_only": true,
|
||||
"cap_drop": [
|
||||
"NET_RAW"
|
||||
@@ -361,9 +349,6 @@
|
||||
"RECORDING_SECRET"
|
||||
],
|
||||
"restart": "unless-stopped",
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"read_only": true,
|
||||
"cap_drop": [
|
||||
"NET_RAW"
|
||||
@@ -404,9 +389,6 @@
|
||||
"profiles": [
|
||||
"collabora"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"cap_add": [
|
||||
"MKNOD",
|
||||
"SYS_ADMIN"
|
||||
@@ -466,9 +448,6 @@
|
||||
"talk",
|
||||
"talk-recording"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"read_only": true,
|
||||
"tmpfs": [
|
||||
"/var/log/supervisord",
|
||||
@@ -526,9 +505,6 @@
|
||||
"/dev/dri"
|
||||
],
|
||||
"enable_nvidia_gpu": true,
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"read_only": true,
|
||||
"tmpfs": [
|
||||
"/conf"
|
||||
@@ -690,9 +666,6 @@
|
||||
"profiles": [
|
||||
"clamav"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"read_only": true,
|
||||
"tmpfs": [
|
||||
"/var/lock",
|
||||
@@ -745,9 +718,6 @@
|
||||
"profiles": [
|
||||
"onlyoffice"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"cap_drop": [
|
||||
"NET_RAW"
|
||||
]
|
||||
@@ -785,9 +755,6 @@
|
||||
"profiles": [
|
||||
"imaginary"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"read_only": true,
|
||||
"tmpfs": [
|
||||
"/tmp"
|
||||
@@ -838,9 +805,6 @@
|
||||
"profiles": [
|
||||
"fulltextsearch"
|
||||
],
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"secrets": [
|
||||
"FULLTEXTSEARCH_PASSWORD"
|
||||
],
|
||||
@@ -910,9 +874,6 @@
|
||||
"whiteboard"
|
||||
],
|
||||
"read_only": true,
|
||||
"networks": [
|
||||
"nextcloud-aio"
|
||||
],
|
||||
"cap_drop": [
|
||||
"NET_RAW"
|
||||
]
|
||||
|
||||
@@ -340,9 +340,9 @@ class ConfigurationManager
|
||||
|
||||
if (!filter_var($dnsRecordIP, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
|
||||
if ($port === '443') {
|
||||
throw new InvalidSettingConfigurationException("It seems like the ip-address of the domain is set to an internal or reserved ip-address. This is not supported. (It was found to be set to '" . $dnsRecordIP . "'). Please set it to a public ip-address so that the domain validation can work!");
|
||||
throw new InvalidSettingConfigurationException("It seems like the ip-address of the domain is set to an internal or reserved ip-address. This is not supported by the domain validation. (It was found to be set to '" . $dnsRecordIP . "'). Please set it to a public ip-address so that the domain validation can work or skip the domain validation!");
|
||||
} else {
|
||||
error_log("It seems like the ip-address of " . $domain . " is set to an internal or reserved ip-address. (It was found to be set to '" . $dnsRecordIP . "')");
|
||||
error_log("Info: It seems like the ip-address of " . $domain . " is set to an internal or reserved ip-address. (It was found to be set to '" . $dnsRecordIP . "')");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -17,7 +17,7 @@
|
||||
|
||||
<div class="container">
|
||||
<main>
|
||||
<h1>Nextcloud AIO v10.3.0</h1>
|
||||
<h1>Nextcloud AIO v10.4.0</h1>
|
||||
|
||||
{# Add 2nd tab warning #}
|
||||
<script type="text/javascript" src="second-tab-warning.js"></script>
|
||||
|
||||
@@ -920,5 +920,6 @@ If something does not work, follow the steps below:
|
||||
1. If you use Cloudflare, you might need to skip the domain validation anyways since it is known that Cloudflare might block the validation attempts. In that case, see the last option below!
|
||||
1. If your reverse proxy is configured to use the host network (as recommended in the above docs) or running on the host, make sure that you've configured your firewall to open port 443 (and 80)!
|
||||
1. Check if you have a public IPv4- and public IPv6-address. If you only have a public IPv6-address (e.g. due to DS-Lite), make sure to enable IPv6 in Docker and your whole networking infrastructure (e.g. also by adding an AAAA DNS-entry to your domain)!
|
||||
1. [Enable Hairpin NAT in your router](https://github.com/nextcloud/all-in-one/discussions/5849) or [set up a local DNS server and add a custom dns-record](https://github.com/nextcloud/all-in-one#how-can-i-access-nextcloud-locally) that allows the server to reach itself locally
|
||||
1. Try to configure everything from scratch - if it still does not work by following https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance.
|
||||
1. As last resort, you may disable the domain validation by adding `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command. But only use this if you are completely sure that you've correctly configured everything!
|
||||
|
||||
Reference in New Issue
Block a user