Merge pull request 'Add Nextcloud Dockerfile' (#4) from dev into main

Reviewed-on: #4

.gitignore

@@ -34,3 +34,7 @@ docker-compose.yml
 
 # 2024-01-24 Hide static files for Hyperling.com.
 Config/Hyperling.com/files/*
+
+# Ignore things like Config/Hyperling.com-Stage/
+*-Stage
+Stage-*

Config/DynamicDNS/README.md

@@ -10,7 +10,7 @@ product's self-built solutions can be found below.
 1. Install this project.
 
     ```
-    git clone https://github.com/Hyperling/docker $PROJECT_DIR
+    git clone https://git.hyperling.com/me/env-docker $PROJECT_DIR
     ```
 
 1. Add your user key to `$PROJECT_DIR/Config/DynamicDNS/private.key`. The key can

Config/Hyperling.com/Dockerfile

@@ -6,7 +6,7 @@
 FROM node:lts-slim
 
 # Cache System Dependencies
-RUN apt-get update && apt-get install -y git php-cli
+RUN apt-get update && apt-get install -y git php-cli sudo curl
 
 # Cache Node Dependencies
 RUN mkdir -p /var/www/api
@@ -17,9 +17,9 @@ RUN npm install
 # Install + Run Website
 CMD cd /var/www/api && \
     rm -rfv pages main.js run.sh && \
-    git clone https://github.com/Hyperling/Website website && \
+    git clone https://git.hyperling.com/me/nodejs-website website && \
     rm -rfv website/files && \
     mv -v website/* ./ && \
     rm -rfv website && \
-    echo "Starting Website" && \
+    echo "Starting Website's Run Script" && \
     ./run.sh

Config/Hyperling.com/env.example

@@ -0,0 +1,9 @@
+# This file should be renamed '.env' and have any private values modified.
+
+## 2025-06-16
+## Performance Notes for Enabling BAKE
+# Compose by itself takes about 35s to build this project.
+# Enabling this setting first cause the build to take 80s.
+# Subsequent builds consistently take less than 2 seconds.
+# Testing was done on the micro server, not a workstation.
+COMPOSE_BAKE=true

Config/Nextcloud/Dockerfile

@@ -0,0 +1,11 @@
+# 2025-06-16 Hyperling
+# Tired of running fixes.sh to install extra packages. Bake them in!
+
+FROM nextcloud:stable
+
+# Cache System Dependencies
+RUN apt-get update && apt-get install -y sudo libmagickcore-6.q16-6-extra htop \
+    iputils-ping dnsutils vim bzip2 libbz2-dev
+
+# Configure PHP Dependency
+RUN docker-php-ext-install bz2

Config/Nextcloud/cron.sh

@@ -4,19 +4,64 @@
 # This should be added to root's crontab with the full path, such as:
 #   */5 * * * * /opt/Docker/Config/Nextcloud/cron.ksh
 
-# Check if a job is already going.
+DIR="$(dirname -- "${BASH_SOURCE[0]}")"
 PROG="$(basename -- "${BASH_SOURCE[0]}")"
+
+# Check if a job is already going.
 RUNNING=`ps -ef | grep $PROG | grep -v grep | grep -v $$ | grep -v "sh -c" | wc -l`
 if (( $RUNNING > 0 )); then
 	exit $RUNNING
 fi
 
-# 2023-08-25 From crontab.
+# Usage function for when -h or bad parameters are passed.
-sh -c "docker exec -u www-data nc-app php cron.php --define apc.enable_cli=1"
+function usage() {
+	cat <<- EOF
+		Script to help with scheduling Nextcloud's cron requirements.
+		Usage: $PROG [-h|-v]
+			-h ) Display the usage and help text.
+				| --help
+			-v) Pass a verbose request to cron.php.
+				| --verbose
+	EOF
+	exit $1
+}
 
-# 2023-08-25 From fixes.sh, keep ownership correct and apps up to date.
+# Check for any parameters.
-sh -c "docker exec -it nc-app chown -Rc www-data:www-data ."
+verbose=""
+case "$1" in
+	"") ;;
+	"-h"|"--help")
+		usage 0
+		;;
+	"-v"|"--verbose")
+		verbose="-v"
+		;;
+	*)
+		echo -e "ERROR: Unknown parameter '$1'. Exiting.\n"
+		usage 1
+		;;
+esac
+
+# Keep ownership correct and apps up to date. Also exists in fixes.sh.
+sh -c "docker exec -i nc-app chown -Rc www-data:www-data ."
 # No longer update apps in advance of NC updates, allow the upgrade process to do it.
 #sh -c "docker exec -itu www-data nc-app ./occ app:update --all"
 
+# Prepare the variables being passed to the execution command.
+if [[ -f $DIR/.env ]]; then
+	source $DIR/.env
+else
+	PHP_MEMORY_LIMIT=256M
+fi
+
+# Main part of what would go in the crontab.
+sh -c "
+	docker exec nc-app \
+	sudo -u www-data \
+	php \
+	-d apc.enable_cli=1 \
+	-d memory_limit=$PHP_MEMORY_LIMIT \
+	-f cron.php $verbose \
+"
+
 exit 0

Config/Nextcloud/docker-compose.micro.yml

@@ -72,7 +72,8 @@ services:
   ## Nextcloud ##
   nc-app:
     container_name: nc-app
-    image: nextcloud:stable
+    build:
+      context: ./
     restart: always
     ports:
       - 8080:80

Config/Nextcloud/docker-compose.standard.yml

@@ -73,7 +73,8 @@ services:
   ## Nextcloud ##
   nc-app:
     container_name: nc-app
-    image: nextcloud:stable
+    build:
+      context: ./
     restart: always
     ports:
       - 8080:80

Config/Nextcloud/env.micro

@@ -1,5 +1,6 @@
-# Example environment file for Nextcloud stack, should be copied as `.env`. The
+# Example environment file for Nextcloud stack, should be copied as `.env`.
-#   variables here only apply to the compose file. If you need it passed to a
+
+# The variables here only apply to the compose file. If you need it passed to a
 #   container then it also needs specified in its `environment:` operator.
 #
 # ** All usernames and passwords need changed before running in production! **
@@ -7,6 +8,17 @@
 # Full guide on the Nextcloud parameters which may be supplied:
 #   https://github.com/docker-library/docs/blob/master/nextcloud/README.md#auto-configuration-via-environment-variables
 
+#
+## Docker ##
+#
+
+# 20250616 - Performance testing was done on an old workstation.
+#   Only Compose: 3.8, 2.5, 1.8, 1.8, 2.1, 2.0, 1.7 seconds
+#   Compose Bake: 3.7, 0.9, 2.3, 2.0, 3.1, 2.1, 1.8 seconds
+# Not really needed but also not harmful and will eliminate the warning.
+# Timings do not include the initial pull for either method.
+COMPOSE_BAKE=true
+
 #
 ## Nextcloud ##
 #

Config/Nextcloud/env.standard

@@ -1,5 +1,6 @@
-# Example environment file for Nextcloud stack, should be copied as `.env`. The
+# Example environment file for Nextcloud stack, should be copied as `.env`.
-#   variables here only apply to the compose file. If you need it passed to a
+
+# The variables here only apply to the compose file. If you need it passed to a
 #   container then it also needs specified in its `environment:` operator.
 #
 # ** All usernames and passwords need changed before running in production! **
@@ -7,6 +8,17 @@
 # Full guide on the Nextcloud parameters which may be supplied:
 #   https://github.com/docker-library/docs/blob/master/nextcloud/README.md#auto-configuration-via-environment-variables
 
+#
+## Docker ##
+#
+
+# 20250616 - Performance testing was done on an old workstation.
+#   Only Compose: 3.8, 2.5, 1.8, 1.8, 2.1, 2.0, 1.7 seconds
+#   Compose Bake: 3.7, 0.9, 2.3, 2.0, 3.1, 2.1, 1.8 seconds
+# Not really needed but also not harmful and will eliminate the warning.
+# Timings do not include the initial pull for either method.
+COMPOSE_BAKE=true
+
 #
 ## Nextcloud ##
 #

Config/Nextcloud/maintenance.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # 2022-09-25 Hyperling
-# Put fixes in a file so they do not need remembered.
+# Put maintenance needs into a file so the commands do not need remembered.
 
 ## Setup ##
 
@@ -11,19 +11,20 @@ source $DIR/../../source.env
 
 ## Main ##
 
-echo -e "\n*** APT ***"
+##### 20250616 - Apt and PHP commands now baked into the Dockerfile!! :D #####
-
+###echo -e "\n*** APT ***"
-echo -e "\n`date` - Update Apt Cache"
+###
-docker exec -it nc-app apt update -y
+###echo -e "\n`date` - Update Apt Cache"
-
+###docker exec -it nc-app apt update -y
-echo -e "\n`date` - Install Additional Software"
+###
-docker exec -it nc-app apt install -y sudo libmagickcore-6.q16-6-extra htop \
+###echo -e "\n`date` - Install Additional Software"
-	iputils-ping dnsutils vim bzip2 libbz2-dev # php-bz2
+###docker exec -it nc-app apt install -y sudo libmagickcore-6.q16-6-extra htop \
-
+###	iputils-ping dnsutils vim bzip2 libbz2-dev # php-bz2
-# 20240130
+###
-# https://help.nextcloud.com/t/docker-image-setup-warning-missing-bz2-after-update-to-nc-28-0-0/176605
+#### 20240130
-echo -e "\n`date` - Compile PHP Modules"
+#### https://help.nextcloud.com/t/docker-image-setup-warning-missing-bz2-after-update-to-nc-28-0-0/176605
-docker exec -it nc-app docker-php-ext-install bz2
+###echo -e "\n`date` - Compile PHP Modules"
+###docker exec -it nc-app docker-php-ext-install bz2
 
 # 2023-12-04 Make sure cron and chmod commands get run.
 echo -e "\n*** CRON ***"
@@ -69,7 +70,7 @@ docker exec -itu www-data nc-app ./occ files:scan-app-data
 echo -e "\n`date` - Theme Update"
 docker exec -itu www-data nc-app ./occ maintenance:theme:update
 echo -e "\n`date` - Repair"
-docker exec -itu www-data nc-app ./occ maintenance:repair
+docker exec -itu www-data nc-app ./occ maintenance:repair --include-expensive
 
 # May also be useful but do not have much experience with them.
 echo -e "\n`date` - Clean Versions"

Config/ReverseProxy/config/conf.d/git.example.com

@@ -48,6 +48,10 @@ server {
         root /etc/nginx/letsencrypt/;
     }
 
+    # Allow decent sized uploads.
+    client_max_body_size 0;
+    client_body_buffer_size 100M;
+
     # Send traffic to upstream server
     location / {
         ## General format is PROTOCOL://SERVER:PORT.

Config/ReverseProxy/config/conf.d/nextcloud.example.com

@@ -0,0 +1,75 @@
+# 2025-01-02 Hyperling
+# A dummy test file since true scripts are being kept private.
+# This should help others understand how to get Nextcloud working.
+
+## Instructions ##
+# Add this without the comment to your /etc/hosts to test that it is working,
+#   YOUR_DOCKER_SERVER_IP cloud.example.com
+# If testing locally on a workstation,
+#   127.0.0.1 cloud.example.com
+# Then to test, first start the container,
+#   cd $DOCKER_HOME/Config/ReverseProxy && docker compose build && docker compose up -d
+# Then from the system with the modified /etc/hosts,
+#   curl --insecure cloud.example.com
+# You should see activity in the container log as well as the contents of the
+# proxied website in the terminal, NOT cloud.example.com. If using a browser then you
+# should notice that the URL is still cloud.example.com but the website is correct.
+
+server {
+    listen 80;
+    server_name cloud.example.com nextcloud.example.com;
+
+    location /.well-known/acme-challenge/ {
+        default_type "text/plain";
+        root /etc/nginx/letsencrypt/;
+    }
+
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl;
+    server_name cloud.example.com nextcloud.example.com;
+
+    ssl_certificate /etc/nginx/certs/nextcloud.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/nginx/certs/nextcloud.example.com/privkey.pem; # managed by Certbot
+
+    # https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#nginx
+    rewrite ^/\.well-known/carddav https://$server_name/remote.php/dav/ redirect;
+    rewrite ^/\.well-known/caldav https://$server_name/remote.php/dav/ redirect;
+
+    location /.well-known/acme-challenge/ {
+        default_type "text/plain";
+        root /etc/nginx/letsencrypt/;
+    }
+
+    # Attempt to make OnlyOffice work both internally and externally.
+    # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header X-Forwarded-Host $http_host/office;
+
+    # Send traffic to upstream server
+    location / {
+        expires epoch;
+        add_header Pragma public;
+        add_header Cache-Control "private, no-store";
+        add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload";
+
+        # Fix upload errors (HTTP Error: Request Entity Too Large).
+        client_max_body_size 0;
+        client_body_buffer_size 100M;
+
+        # Attempt to make OnlyOffice work both internally and externally.
+        # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.asp
+        proxy_pass_header Server;
+        proxy_pass http://example-cloud;
+    }
+
+    # Attempt to make OnlyOffice work both internally and externally.
+    # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx
+    location /office/ {
+       proxy_pass http://example-office-http;
+    }
+}

Config/ReverseProxy/config/hosts/example.com

@@ -13,3 +13,13 @@ upstream example-git-site {
     #server 127.0.0.1:3000;
     server hyperling.com;
 }
+
+upstream example-cloud {
+    #server 127.0.0.1:8081;
+    server hyperling.com;
+}
+
+upstream example-office-http {
+    #server 127.0.0.1:8082;
+    server hyperling.com;
+}

README.md

@@ -24,7 +24,7 @@ apt install git bash
 
 Clone the project. You may choose anywhere, but `/opt/Docker` is recommended.
 ```
-git clone https://github.com/Hyperling/Docker /opt/Docker
+git clone https://git.hyperling.com/me/env-docker /opt/Docker
 ```
 
 Load the environment variables from wherever you chose to put the project.