diff options
| -rw-r--r-- | user/nextcloud/APKBUILD | 257 | ||||
| -rw-r--r-- | user/nextcloud/disable-integrity-check-as-default.patch | 15 | ||||
| -rw-r--r-- | user/nextcloud/dont-update-htaccess.patch | 32 | ||||
| -rw-r--r-- | user/nextcloud/fpm-pool.conf | 198 | ||||
| -rw-r--r-- | user/nextcloud/iconv-ascii-translit-not-supported.patch | 13 | ||||
| -rw-r--r-- | user/nextcloud/nextcloud-config.php | 45 | ||||
| -rw-r--r-- | user/nextcloud/nextcloud-initscript.post-install | 24 | ||||
| -rw-r--r-- | user/nextcloud/nextcloud.confd | 8 | ||||
| -rw-r--r-- | user/nextcloud/nextcloud.cron | 6 | ||||
| -rw-r--r-- | user/nextcloud/nextcloud.logrotate | 6 | ||||
| -rw-r--r-- | user/nextcloud/nextcloud.post-upgrade | 8 | ||||
| -rw-r--r-- | user/nextcloud/nextcloud.pre-install | 6 | ||||
| -rw-r--r-- | user/nextcloud/nextcloud14-dont-chmod.patch | 44 | ||||
| -rw-r--r-- | user/nextcloud/occ | 10 | ||||
| -rw-r--r-- | user/nextcloud/use-external-docs-if-local-not-avail.patch | 65 |
15 files changed, 737 insertions, 0 deletions
diff --git a/user/nextcloud/APKBUILD b/user/nextcloud/APKBUILD new file mode 100644 index 000000000..6f86863ac --- /dev/null +++ b/user/nextcloud/APKBUILD @@ -0,0 +1,257 @@ +# Contributor: Jakub Jirutka <jakub@jirutka.cz> +# Contributor: Leonardo Arena <rnalrd@alpinelinux.org> +# Maintainer: Max Rees <maxcrees@me.com> +pkgname=nextcloud +pkgver=14.0.3 +pkgrel=0 +pkgdesc="Self-hosted file sync and groupware server" +url="https://nextcloud.com" +arch="noarch" +options="!check" # No test suite. +license="AGPL-3.0+ AND AGPL-3.0-only AND MIT AND Apache-2.0 AND (MIT OR GPL-2.0-only) AND BSD-3-Clause AND (Apache-2.0 OR GPL-2.0-only) AND GPL-3.0+ AND BSD-2-Clause AND PHP-3.0 AND (Apache-2.0 OR MPL-2.0)" +depends=" + ca-certificates + php7 + php7-ctype + php7-curl + php7-dom + php7-fileinfo + php7-gd + php7-iconv + php7-intl + php7-json + php7-mbstring + php7-openssl + php7-pcntl + php7-pdo + php7-posix + php7-session + php7-simplexml + php7-xml + php7-xmlreader + php7-xmlwriter + php7-zip + $pkgname-sqlite +" +makedepends="libxml2-utils" +provides=" + $pkgname-accessibility=$pkgver-r$pkgrel + $pkgname-dav=$pkgver-r$pkgrel + $pkgname-federatedfilesharing=$pkgver-r$pkgrel + $pkgname-files=$pkgver-r$pkgrel + $pkgname-provisioning_api=$pkgver-r$pkgrel + $pkgname-support=$pkgver-r$pkgrel +" +install="$pkgname.pre-install $pkgname.post-upgrade + $pkgname-initscript.post-install" +pkgusers="nextcloud" +pkggroups="www-data" +subpackages="$pkgname-doc $pkgname-initscript $pkgname-mysql $pkgname-pgsql + $pkgname-sqlite $pkgname-default-apps:_default_apps" +source="https://download.nextcloud.com/server/releases/$pkgname-$pkgver.zip + nextcloud14-dont-chmod.patch + dont-update-htaccess.patch + disable-integrity-check-as-default.patch + iconv-ascii-translit-not-supported.patch + use-external-docs-if-local-not-avail.patch + + $pkgname-config.php + $pkgname.logrotate + $pkgname.confd + $pkgname.cron + fpm-pool.conf + occ +" +builddir="$srcdir/$pkgname" + +# List of bundled apps to separate into subpackages. Keep it in sync! +# Note: Don't add "files", "dav", and "provisioning_api" here, these should +# be always installed. +_apps="activity + admin_audit + comments + encryption + federation + files_external + files_pdfviewer + files_sharing + files_texteditor + files_trashbin + files_versions + files_videoplayer + firstrunwizard + gallery + logreader + lookup_server_connector + nextcloud_announcements + notifications + oauth2 + password_policy + serverinfo + sharebymail + survey_client + systemtags + theming + twofactor_backupcodes + user_external + user_ldap + workflowengine +" +for _i in $_apps; do + subpackages="$subpackages $pkgname-$_i:_package_app" +done + +# Directory for apps shipped with Nextcloud. +_appsdir="usr/share/webapps/$pkgname/apps" + +build() { + cd "$builddir" +} + +package() { + local basedir="var/lib/$pkgname" + local datadir="$basedir/data" + local wwwdir="usr/share/webapps/$pkgname" + local confdir="etc/$pkgname" + + mkdir -p "$pkgdir/${wwwdir%/*}" + cp -a "$builddir" "$pkgdir/$wwwdir" + + chmod +x "$pkgdir/$wwwdir/occ" + chmod 664 "$pkgdir/$wwwdir/.htaccess" "$pkgdir/$wwwdir/.user.ini" + + # Let's not ship upstream's 'updatenotification' app and updater, which + # has zero chance of working and a big chance of blowing things up. + rm -r "$pkgdir/$wwwdir/apps/updatenotification" \ + "$pkgdir/$wwwdir/lib/private/Updater" + + # Replace bundled CA bundle with ours. + ln -sf /etc/ssl/certs/ca-certificates.crt \ + "$pkgdir/$wwwdir/resources/config/ca-bundle.crt" + + install -dm 770 -o nextcloud -g www-data \ + "$pkgdir/$confdir" "$pkgdir/$datadir" "$pkgdir/$basedir/appstore" + install -dm 775 -o nextcloud -g www-data "$pkgdir/var/log/$pkgname" + + # Create symlink from web root to site-apps, so web server can find + # assets w/o explicit configuration for this layout. + ln -s "/$basedir/appstore" "$pkgdir/$wwwdir/appstore" + + mv $pkgdir/$wwwdir/config/* "$pkgdir/$confdir/" + rm -r "$pkgdir/$wwwdir/config" + ln -s "/$confdir" "$pkgdir/$wwwdir/config" + + mkdir -p "$pkgdir/usr/share/doc/$pkgname" + mv "$pkgdir/$wwwdir/core/doc" "$pkgdir/usr/share/doc/$pkgname/core" + + install -m 660 -o nextcloud -g www-data \ + "$srcdir/$pkgname-config.php" "$pkgdir/$confdir/config.php" + + install -Dm 644 "$srcdir/$pkgname.logrotate" "$pkgdir/etc/logrotate.d/$pkgname" + install -Dm 755 "$srcdir/occ" "$pkgdir/usr/bin/occ" + + install -dm 700 -o nextcloud "$pkgdir/var/log/nextcloud" + + # Clean some unnecessary files. + find "$pkgdir" -name '.gitignore' -delete \ + -o -name '.bower.json' -delete \ + -o -name 'README*' -delete \ + -o -name 'CHANGELOG*' -delete \ + -o -name 'CONTRIBUTING*' -delete + find . -name '.github' -type d -prune -exec rm -r {} \; +} + +doc() { + default_doc + + local target="$subpkgdir/usr/share/webapps/$pkgname/core/doc" + mkdir -p "${target%/*}" + ln -s "/usr/share/doc/$pkgname/core" "$target" +} + +initscript() { + pkgdesc="Init script that runs Nextcloud with php-fpm" + depends="$pkgname php7-fpm" + + install -Dm 644 "$srcdir/fpm-pool.conf" "$subpkgdir/etc/php/php-fpm.d/$pkgname.conf" + install -Dm 644 "$srcdir/$pkgname.confd" "$subpkgdir/etc/conf.d/$pkgname" + install -Dm 755 "$srcdir/$pkgname.cron" "$subpkgdir/etc/periodic/15min/$pkgname" + + mkdir -p "$subpkgdir/etc/init.d" + ln -s php-fpm "$subpkgdir/etc/init.d/$pkgname" + + install -dm 700 -o nextcloud "$subpkgdir/var/tmp/$pkgname" +} + +pgsql() { + pkgdesc="Nextcloud PostgreSQL support" + depends="$pkgname php7-pgsql php7-pdo_pgsql" + mkdir -p "$subpkgdir" +} + +sqlite() { + pkgdesc="Nextcloud SQLite support" + depends="$pkgname php7-sqlite3 php7-pdo_sqlite" + mkdir -p "$subpkgdir" +} + +mysql() { + pkgdesc="Nextcloud MySQL support" + depends="$pkgname php7-pdo_mysql" + mkdir -p "$subpkgdir" +} + +_default_apps() { + pkgdesc="Nextcloud default apps" + depends="$pkgname" + + local path; for path in $pkgdir/$_appsdir/*; do + if grep -q '<default_enable\s*/>' "$path/appinfo/info.xml"; then + depends="$depends $pkgname-${path##*/}" + fi + done + + mkdir -p "$subpkgdir" +} + +_package_app() { + local appname="${subpkgname#$pkgname-}" + local appinfo="$pkgdir/$_appsdir/$appname/appinfo/info.xml" + + local name="$(xmllint --xpath '//info/name/text()' "$appinfo" 2>/dev/null)" + pkgdesc="Nextcloud ${name:-$appname} app" + + case "$appname" in + encryption) php_deps="php7-openssl";; + files_external) php_deps="php7-ftp";; + # TODO: add php7-imap, php7-smbclient + user_external) php_deps="php7-ftp";; + user_ldap) php_deps="php7-ldap";; + esac + + case "$appname" in + files_sharing) app_deps="$pkgname-federatedfilesharing";; + # Announcements are delivered via the notifications pane + nextcloud_announcements) app_deps="$pkgname-notifications";; + # workflowengine provides admin panel to manage systemtags + systemtags) app_deps="$pkgname-workflowengine";; + esac + + depends="$pkgname $php_deps $app_deps" + + mkdir -p "$subpkgdir/$_appsdir" + mv "$pkgdir/$_appsdir/$appname" "$subpkgdir/$_appsdir/" +} + +sha512sums="f3b8bf22f4c17e038352a9f6c202d79220b5d9a19a2148c486cf22558d626095ab5c35f02ddf64292165e34572e199c72a44318b5c19a6dd5113f0ee0f6e937f nextcloud-14.0.3.zip +63690b8d8ffe6d4896c5b666aa9d493b501aa3e171c6557e7a003599049f0d36f266a2a257a9535dea055bca1e84208b219c6cd5e4ecd70dd064e1dd1007203a nextcloud14-dont-chmod.patch +aef3c92497d738d6968e0f0b0d415b4953500db24ae14af41ef972665cf7eff00cb6c53dc953845fdbb389c3c965a75b8b14b9247513c05cf4130fe1cfc61731 dont-update-htaccess.patch +d2100a837fef1eeae5f706650ab4c985d9e00f61efa5526ef76c7c1f5811c3906eb6c3c13c151eff9677a0c303faab64411a5a84d6792728bc520d2c618d7d5b disable-integrity-check-as-default.patch +de1b433c2fb2582b599cb25e718e454fc4b93543a5a60eee39a03bcccf35d281594611395bdebe02319bedd9a894507eef97010ebdfca381e0f1a09df283d375 iconv-ascii-translit-not-supported.patch +478f5cd7c5d30380ea619d3e8ec623217a06a09b27534266f00297545c7d276b068c5d984673eebc5676e8bac7f45112549498944ce3fa678ac8a69541d7c430 use-external-docs-if-local-not-avail.patch +4d01c89d5fd86190fb3bd6a5ca97bc623ec55d92cbf030c18c5811d711cea557485d334a6588e458eea4e0b3ad82f4defd7cb5a9d4f393ce4d5b32abf45db596 nextcloud-config.php +7388458a9e8b7afd3d3269718306410ffa59c3c23da4bef367a4d7f6d2570136fae9dd421b19c1441e7ffb15a5405e18bb5da67b1a15f9f45e8b98d3fda532ba nextcloud.logrotate +dcc57735d7d4af4a7ebbdd1186d301e51d2ae4675022aea6bf1111222dfa188a3a490ebd6e7c8a7ac30046cb7d93f81cec72a51acbc60d0c10b7fb64630c637a nextcloud.confd +921b0e5f087f24e705dce62c078dea4d2f524c40a746ed7b19f1cff3405b9ea489c10a6dbcea87be6068f575be565b77b02c9f2c3ae6a7fb85367dbe3b7300c5 nextcloud.cron +b829ed942916660065dd1030f9f35fa2f8c45a36dc791417108761c15b081777c302f305fd6490ea47d0ae41b8589c8d62e01e0f163105bd6b29fd3bed36ddcd fpm-pool.conf +959852e34f010e635470829d66713f3e22c47717ec2c6487759eed2b6aeff9fd1421fe0271d494a02781bd1c98beb2823583623ee2cf03057cd5db794627d6c2 occ" diff --git a/user/nextcloud/disable-integrity-check-as-default.patch b/user/nextcloud/disable-integrity-check-as-default.patch new file mode 100644 index 000000000..54ea7a51e --- /dev/null +++ b/user/nextcloud/disable-integrity-check-as-default.patch @@ -0,0 +1,15 @@ +We patch some files and Nextcloud's integrity check doesn't like it... +APK ensures integrity of all installed files, so this Nextcloud's integrity +check doesn't add any value. + +--- a/lib/private/IntegrityCheck/Checker.php ++++ b/lib/private/IntegrityCheck/Checker.php +@@ -111,7 +111,7 @@ + */ + $isIntegrityCheckDisabled = false; + if ($this->config !== null) { +- $isIntegrityCheckDisabled = $this->config->getSystemValue('integrity.check.disabled', false); ++ $isIntegrityCheckDisabled = $this->config->getSystemValue('integrity.check.disabled', true); + } + if ($isIntegrityCheckDisabled === true) { + return false; diff --git a/user/nextcloud/dont-update-htaccess.patch b/user/nextcloud/dont-update-htaccess.patch new file mode 100644 index 000000000..aecaebc71 --- /dev/null +++ b/user/nextcloud/dont-update-htaccess.patch @@ -0,0 +1,32 @@ +Don't mess with .htaccess files. + +Patch ported from https://src.fedoraproject.org/cgit/rpms/nextcloud.git/tree/nextcloud-9.1.0-dont_update_htacess.patch + +--- a/core/register_command.php ++++ b/core/register_command.php +@@ -135,7 +135,6 @@ + $application->add(new OC\Core\Command\Maintenance\Mimetype\UpdateDB(\OC::$server->getMimeTypeDetector(), \OC::$server->getMimeTypeLoader())); + $application->add(new OC\Core\Command\Maintenance\Mimetype\UpdateJS(\OC::$server->getMimeTypeDetector())); + $application->add(new OC\Core\Command\Maintenance\Mode(\OC::$server->getConfig())); +- $application->add(new OC\Core\Command\Maintenance\UpdateHtaccess()); + $application->add(new OC\Core\Command\Maintenance\UpdateTheme(\OC::$server->getMimeTypeDetector(), \OC::$server->getMemCacheFactory())); + + $application->add(new OC\Core\Command\Upgrade(\OC::$server->getConfig(), \OC::$server->getLogger(), \OC::$server->query(\OC\Installer::class))); + +--- a/lib/private/Updater.php ++++ b/lib/private/Updater.php +@@ -233,14 +233,6 @@ + throw new \Exception('Updates between multiple major versions and downgrades are unsupported.'); + } + +- // Update .htaccess files +- try { +- Setup::updateHtaccess(); +- Setup::protectDataDirectory(); +- } catch (\Exception $e) { +- throw new \Exception($e->getMessage()); +- } +- + // create empty file in data dir, so we can later find + // out that this is indeed an ownCloud data directory + // (in case it didn't exist before) diff --git a/user/nextcloud/fpm-pool.conf b/user/nextcloud/fpm-pool.conf new file mode 100644 index 000000000..189962928 --- /dev/null +++ b/user/nextcloud/fpm-pool.conf @@ -0,0 +1,198 @@ +; vi: ft=dosini +[global] +; Error log file +; Default Value: log/php-fpm.log +error_log = /var/log/nextcloud/php-fpm.log + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +log_level = warning + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +emergency_restart_threshold = 10 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +emergency_restart_interval = 1m + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +process_control_timeout = 10s + + +[nextcloud] +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket (the path is *not* +; relative to chroot!) +; Note: This value is mandatory. +listen = /run/nextcloud/fastcgi.sock + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0666 +listen.mode = 0660 + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static ... a fixed number of child processes. +; dynamic ... the number of child processes are set dynamically. +; ondemand ... no children are created at startup; children will be forked +; when new requests will connect. +; Note: This value is mandatory. +pm = ondemand + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 10 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +pm.process_idle_timeout = 120s + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +pm.status_path = + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +ping.path = /ping + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +; Note: the path is *not* relative to chroot. +;slowlog = /var/log/nextcloud/php-fpm.slow.log + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. +; +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. +; +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/lib/php7.x) + +; Allow HTTP file uploads. +php_admin_flag[file_uploads] = true + +; Maximal size of a file that can be uploaded via web interface. +php_admin_value[memory_limit] = 512M +php_admin_value[post_max_size] = 513M +php_admin_value[upload_max_filesize] = 513M + +; Where to store temporary files. +php_admin_value[session.save_path] = /var/tmp/nextcloud +php_admin_value[sys_temp_dir] = /var/tmp/nextcloud +php_admin_value[upload_tmp_dir] = /var/tmp/nextcloud + +; Log errors to specified file. +php_admin_flag[log_errors] = on +php_admin_value[error_log] = /var/log/nextcloud/php.error.log + +; OPcache error_log file name. Empty string assumes "stderr" +php_admin_value[opcache.error_log] = /var/log/nextcloud/php.error.log + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; This must be disabled for ownCloud. +php_admin_flag[output_buffering] = false + +; Overload(replace) single byte functions by mbstring functions. +; This must be disabled for ownCloud. +php_admin_flag[mbstring.func_overload] = false + +; Never populate the $HTTP_RAW_POST_DATA variable. +; http://php.net/always-populate-raw-post-data +php_admin_value[always_populate_raw_post_data] = -1 + +; Disable certain functions for security reasons. +; http://php.net/disable-functions +php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,curl_multi_exec,show_source + +; Set recommended settings for OpCache. +; https://docs.nextcloud.com/server/13/admin_manual/configuration_server/server_tuning.html#enable-php-opcache +php_admin_flag[opcache.enable] = true +php_admin_flag[opcache.enable_cli] = true +php_admin_flag[opcache.save_comments] = true +php_admin_value[opcache.interned_strings_buffer] = 8 +php_admin_value[opcache.max_accelerated_files] = 10000 +php_admin_value[opcache.memory_consumption] = 128 +php_admin_value[opcache.revalidate_freq] = 1 diff --git a/user/nextcloud/iconv-ascii-translit-not-supported.patch b/user/nextcloud/iconv-ascii-translit-not-supported.patch new file mode 100644 index 000000000..bb13a9514 --- /dev/null +++ b/user/nextcloud/iconv-ascii-translit-not-supported.patch @@ -0,0 +1,13 @@ +iconv on Alpine does not support conversion to ASCII//TRANSLIT + +--- a/apps/user_ldap/lib/Access.php ++++ b/apps/user_ldap/lib/Access.php +@@ -1318,7 +1318,7 @@ + } + + // Transliteration to ASCII +- $transliterated = @iconv('UTF-8', 'ASCII//TRANSLIT', $name); ++ $transliterated = @iconv('UTF-8', 'ASCII', $name); + if($transliterated !== false) { + // depending on system config iconv can work or not + $name = $transliterated; diff --git a/user/nextcloud/nextcloud-config.php b/user/nextcloud/nextcloud-config.php new file mode 100644 index 000000000..83b1400e6 --- /dev/null +++ b/user/nextcloud/nextcloud-config.php @@ -0,0 +1,45 @@ +<?php +$CONFIG = array ( + 'datadirectory' => '/var/lib/nextcloud/data', + 'logfile' => '/var/log/nextcloud/nextcloud.log', + 'apps_paths' => array ( + // Read-only location for apps shipped with Nextcloud and installed by apk. + 0 => array ( + 'path' => '/usr/share/webapps/nextcloud/apps', + 'url' => '/apps', + 'writable' => false, + ), + // Writable location for apps installed from AppStore. + 1 => array ( + 'path' => '/var/lib/nextcloud/appstore', + 'url' => '/appstore', + 'writable' => true, + ), + ), + 'updatechecker' => false, + + // Uncomment to enable pretty URLs: + //'overwrite.cli.url' => 'http://localhost/nextcloud/', + //'htaccess.RewriteBase' => '/nextcloud/', + + // Addtionally, for nginx and lighttpd pretty URLs: + //'check_for_working_htaccess' => false, + // Additionally, for lighttpd pretty URLs: + //'htaccess.IgnoreFrontController' => true, + + // Uncomment to enable Zend APCu memcache: + //'memcache.local' => '\OC\Memcache\APCu', + + // Uncomment this and add user nextcloud to the redis group to enable Redis + // cache for file locking. This is highly recommended, see + // https://github.com/nextcloud/server/issues/9305. + //'memcache.locking' => '\OC\Memcache\Redis', + //'redis' => array( + // 'host' => '/run/redis/redis.sock', + // 'port' => 0, + // 'dbindex' => 0, + // 'timeout' => 1.5, + //), + + 'installed' => false, +); diff --git a/user/nextcloud/nextcloud-initscript.post-install b/user/nextcloud/nextcloud-initscript.post-install new file mode 100644 index 000000000..6b7fdf671 --- /dev/null +++ b/user/nextcloud/nextcloud-initscript.post-install @@ -0,0 +1,24 @@ +#!/bin/sh + +# It's not needed to be writable for www-data group when running with php-fpm. +for dir in /etc/nextcloud \ + /etc/nextcloud/config.php \ + /var/lib/nextcloud/data \ + /var/lib/nextcloud/appstore +do + chmod g-w $dir +done +chgrp root /etc/nextcloud/config.php + +# This must be writable (only) by nextcloud user. +chmod 750 /var/log/nextcloud + +cat <<"EOF" +* +* Point your web server to /run/nextcloud/fastcgi.sock and start +* Nextcloud with `service nextcloud start`. You can modify php-fpm +* settings in /etc/php7/fpm.d/nextcloud.conf. +* +EOF + +exit 0 diff --git a/user/nextcloud/nextcloud.confd b/user/nextcloud/nextcloud.confd new file mode 100644 index 000000000..b24f26d7f --- /dev/null +++ b/user/nextcloud/nextcloud.confd @@ -0,0 +1,8 @@ +# Config file for /etc/init.d/nextcloud + +name="Nextcloud" +user="nextcloud" +group="www-data" + +# Uncomment if you use Nextcloud with Redis for caching. +#rc_need="redis" diff --git a/user/nextcloud/nextcloud.cron b/user/nextcloud/nextcloud.cron new file mode 100644 index 000000000..21a5b566a --- /dev/null +++ b/user/nextcloud/nextcloud.cron @@ -0,0 +1,6 @@ +#!/bin/sh + +# Run only when nextcloud service is started. +if rc-service nextcloud -q status >/dev/null 2>&1; then + su nextcloud -s /bin/sh -c 'php -f /usr/share/webapps/nextcloud/cron.php' +fi diff --git a/user/nextcloud/nextcloud.logrotate b/user/nextcloud/nextcloud.logrotate new file mode 100644 index 000000000..19e17fdf4 --- /dev/null +++ b/user/nextcloud/nextcloud.logrotate @@ -0,0 +1,6 @@ +/var/log/nextcloud/*.log { + daily + compress + copytruncate + su nextcloud www-data +} diff --git a/user/nextcloud/nextcloud.post-upgrade b/user/nextcloud/nextcloud.post-upgrade new file mode 100644 index 000000000..e4ad291ac --- /dev/null +++ b/user/nextcloud/nextcloud.post-upgrade @@ -0,0 +1,8 @@ +#!/bin/sh + +ver_new="$1" +ver_old="$2" + +if [ "${ver_new%-r*}" != "${ver_old%-r*}" ]; then + echo '* Run "occ upgrade" to finish upgrade of your NextCloud instance!' >&2 +fi diff --git a/user/nextcloud/nextcloud.pre-install b/user/nextcloud/nextcloud.pre-install new file mode 100644 index 000000000..e9cf53919 --- /dev/null +++ b/user/nextcloud/nextcloud.pre-install @@ -0,0 +1,6 @@ +#!/bin/sh + +addgroup -S -g 82 www-data 2>/dev/null +adduser -S -D -H -h /var/lib/nextcloud -s /sbin/nologin -G www-data -g Nextcloud nextcloud 2>/dev/null + +exit 0 diff --git a/user/nextcloud/nextcloud14-dont-chmod.patch b/user/nextcloud/nextcloud14-dont-chmod.patch new file mode 100644 index 000000000..13b5e3efb --- /dev/null +++ b/user/nextcloud/nextcloud14-dont-chmod.patch @@ -0,0 +1,44 @@ +--- a/lib/private/Config.php ++++ b/lib/private/Config.php +@@ -240,9 +240,6 @@ + touch ($this->configFilePath); + $filePointer = fopen($this->configFilePath, 'r+'); + +- // Prevent others not to read the config +- chmod($this->configFilePath, 0640); +- + // File does not exist, this can happen when doing a fresh install + if(!is_resource ($filePointer)) { + // TODO fix this via DI once it is very clear that this doesn't cause side effects due to initialization order +--- a/lib/private/Log/File.php ++++ b/lib/private/Log/File.php +@@ -134,9 +134,6 @@ + } + $entry = json_encode($entry, JSON_PARTIAL_OUTPUT_ON_ERROR); + $handle = @fopen($this->logFile, 'a'); +- if ((fileperms($this->logFile) & 0777) != 0640) { +- @chmod($this->logFile, 0640); +- } + if ($handle) { + fwrite($handle, $entry."\n"); + fclose($handle); +--- a/lib/private/TempManager.php ++++ b/lib/private/TempManager.php +@@ -95,7 +95,6 @@ + if($postFix !== '') { + $fileNameWithPostfix = $this->buildFileNameWithSuffix($file, $postFix); + touch($fileNameWithPostfix); +- chmod($fileNameWithPostfix, 0600); + $this->current[] = $fileNameWithPostfix; + return $fileNameWithPostfix; + } +--- a/lib/private/legacy/util.php ++++ b/lib/private/legacy/util.php +@@ -1008,7 +1008,6 @@ + . ' cannot be listed by other users.'); + $perms = substr(decoct(@fileperms($dataDirectory)), -3); + if (substr($perms, -1) !== '0') { +- chmod($dataDirectory, 0770); + clearstatcache(); + $perms = substr(decoct(@fileperms($dataDirectory)), -3); + if ($perms[2] !== '0') { diff --git a/user/nextcloud/occ b/user/nextcloud/occ new file mode 100644 index 000000000..1e3c095ad --- /dev/null +++ b/user/nextcloud/occ @@ -0,0 +1,10 @@ +#!/bin/sh + +NEXTCLOUD_DIR='/usr/share/webapps/nextcloud' +: ${NEXTCLOUD_USER:="nextcloud"} + +if [ "$(id -un)" != "$NEXTCLOUD_USER" ]; then + exec su -s /bin/sh "$NEXTCLOUD_USER" -c '$0 "$@"' -- $NEXTCLOUD_DIR/occ "$@" +else + exec $NEXTCLOUD_DIR/occ "$@" +fi diff --git a/user/nextcloud/use-external-docs-if-local-not-avail.patch b/user/nextcloud/use-external-docs-if-local-not-avail.patch new file mode 100644 index 000000000..19145b5ce --- /dev/null +++ b/user/nextcloud/use-external-docs-if-local-not-avail.patch @@ -0,0 +1,65 @@ +From: Jakub Jirutka <jakub@jirutka.cz> +Date: Tue, 27 Jun 2017 02:07:00 +0200 +Subject: [PATCH] Show link to external docs if local is not installed + +--- a/settings/help.php ++++ b/settings/help.php +@@ -34,22 +34,36 @@ + OC_Util::addStyle( "settings", "settings" ); + \OC::$server->getNavigationManager()->setActiveEntry('help'); + ++$localDocs = true; + + if(isset($_GET['mode']) and $_GET['mode'] === 'admin') { +- $url=\OCP\Util::linkToAbsolute( 'core', 'doc/admin/index.html' ); ++ if (file_exists(\OC::$SERVERROOT . '/core/doc/admin/index.html')) { ++ $url=\OCP\Util::linkToAbsolute( 'core', 'doc/admin/index.html' ); ++ } else { ++ $url=\OC::$server->query(\OCP\Defaults::class)->buildDocLinkToKey('admin-manual'); ++ $localDocs=false; ++ } + $style1=''; + $style2=' active'; + }else{ + $url=\OCP\Util::linkToAbsolute( 'core', 'doc/user/index.html' ); ++ if (file_exists( \OC::$SERVERROOT . '/core/doc/user/index.html' )) { ++ $url=\OCP\Util::linkToAbsolute( 'core', 'doc/user/index.html' ); ++ } else { ++ $url=\OC::$server->query(\OCP\Defaults::class)->buildDocLinkToKey('user-manual'); ++ $localDocs=false; ++ } + $style1=' active'; + $style2=''; + } + ++ + $url1=\OC::$server->getURLGenerator()->linkToRoute('settings_help').'?mode=user'; + $url2=\OC::$server->getURLGenerator()->linkToRoute('settings_help').'?mode=admin'; + + $tmpl = new OC_Template( "settings", "help", "user" ); + $tmpl->assign( "admin", OC_User::isAdminUser(OC_User::getUser())); ++$tmpl->assign( "localDocs", $localDocs ); + $tmpl->assign( "url", $url ); + $tmpl->assign( "url1", $url1 ); + $tmpl->assign( "url2", $url2 ); + +--- a/settings/templates/help.php ++++ b/settings/templates/help.php +@@ -42,6 +42,17 @@ + </div> + + <div id="app-content" class="help-includes"> ++<?php if ($_['localDocs']) { ?> + <iframe src="<?php print_unescaped($_['url']); ?>" class="help-iframe"> + </iframe> ++<?php } else { ?> ++ <div class="section"> ++ <h2>Local documentation is not installed</h2> ++ <p>Please use ++ <a href="<?php print_unescaped($_['url']); ?>" target="_blank" rel="noreferrer"> ++ <?php p($l->t('online documentation')); ?> ↗ ++ </a> ++ </p> ++ </div> ++<?php } ?> + </div> |