From 3a5103b8da9ec764e27e9ef9456e4a6640e9152c Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Thu, 20 Jul 2023 19:46:26 +0200 Subject: [PATCH 1/6] Solve #39461 and use php8.1 in older stable devcontainer --- .devcontainer/Dockerfile | 97 ++++++++++++++++++++++++++++------------ 1 file changed, 68 insertions(+), 29 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 4374d03954f71..e0836d7ab0875 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,34 +1,56 @@ -FROM ubuntu:focal +FROM ubuntu:jammy ARG DEBIAN_FRONTEND=noninteractive # PHP -RUN apt-get update -y +RUN apt-get update -y && \ + apt install -y apache2 vim software-properties-common sudo nano gnupg2 + RUN apt-get install --no-install-recommends -y \ - php7.4 \ - php7.4-gd \ - php7.4-zip \ - php7.4-curl \ - php7.4-xml \ - php7.4-mbstring \ - php7.4-sqlite \ - php7.4-xdebug \ - php7.4-pgsql \ - php7.4-intl \ - php7.4-imagick \ - php7.4-gmp \ - php7.4-apcu \ - php7.4-bcmath \ + php8.1 \ + php8.1-common \ + php8.1-gd \ + php8.1-zip \ + php8.1-curl \ + php8.1-xml \ + php8.1-xmlrpc \ + php8.1-mbstring \ + php8.1-sqlite \ + php8.1-xdebug \ + php8.1-pgsql \ + php8.1-intl \ + php8.1-imagick \ + php8.1-gmp \ + php8.1-apcu \ + php8.1-bcmath \ + php8.1-redis \ + php8.1-soap \ + php8.1-imap \ + php8.1-opcache \ + php8.1-cli \ + php8.1-dev \ libmagickcore-6.q16-3-extra \ curl \ - vim \ lsof \ make \ - nodejs \ - npm + unzip + +# Composer +RUN curl -sS https://getcomposer.org/installer -o /tmp/composer-setup.php && \ + curl -sS https://composer.github.io/installer.sig -o /tmp/composer-setup.sig && \ + php -r "if (hash_file('sha384', '/tmp/composer-setup.php') !== trim(file_get_contents('/tmp/composer-setup.sig'))) { echo 'Composer installation failed, invalid hash'; exit(1); }" && \ + php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer && \ + rm /tmp/composer-setup.php /tmp/composer-setup.sig -RUN echo "xdebug.remote_enable = 1" >> /etc/php/7.4/cli/conf.d/20-xdebug.ini -RUN echo "xdebug.remote_autostart = 1" >> /etc/php/7.4/cli/conf.d/20-xdebug.ini +RUN echo "xdebug.remote_enable = 1" >> /etc/php/8.1/cli/conf.d/20-xdebug.ini && \ + echo "xdebug.remote_autostart = 1" >> /etc/php/8.1/cli/conf.d/20-xdebug.ini && \ + echo "apc.enable_cli=1" >> /etc/php/8.1/cli/conf.d/20-apcu.ini + +# Autostart XDebug for apache +RUN { \ + echo "xdebug.mode=debug"; \ + echo "xdebug.start_with_request=yes"; \ +} >> /etc/php/8.1/apache2/conf.d/20-xdebug.ini # Docker RUN apt-get -y install \ @@ -36,12 +58,29 @@ RUN apt-get -y install \ ca-certificates \ curl \ gnupg-agent \ - software-properties-common -RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - -RUN add-apt-repository \ - "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ + software-properties-common && \ + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \ + add-apt-repository \ + "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ - stable" -RUN apt-get update -y -RUN apt-get install -y docker-ce docker-ce-cli containerd.io -RUN ln -s /var/run/docker-host.sock /var/run/docker.sock + stable" && \ + apt-get update -y && \ + apt-get install -y docker-ce docker-ce-cli containerd.io && \ + ln -s /var/run/docker-host.sock /var/run/docker.sock + +# Dedicated DevContainer user runs Apache +ENV APACHE_RUN_USER=devcontainer +ENV APACHE_RUN_GROUP=devcontainer +RUN useradd -ms /bin/bash ${APACHE_RUN_USER} && \ + adduser ${APACHE_RUN_USER} sudo && \ + echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers && \ + sed -ri "s/^export APACHE_RUN_USER=.*$/export APACHE_RUN_USER=${APACHE_RUN_USER}/" "/etc/apache2/envvars" && \ + sed -ri "s/^export APACHE_RUN_GROUP=.*$/export APACHE_RUN_GROUP=${APACHE_RUN_GROUP}/" "/etc/apache2/envvars" + +USER devcontainer + +# NVM +RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash +RUN bash --login -i -c 'source /home/devcontainer/.bashrc && nvm install 16' + +WORKDIR /var/www/html From fe7dccb5e8a107df67d84acceab9546da4f427ae Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 18 Aug 2023 11:49:44 +0200 Subject: [PATCH 2/6] Use newest setup since V25 with DB creation --- .devcontainer/Dockerfile | 1 + .devcontainer/docker-compose.yml | 4 +++- .devcontainer/setup.sh | 25 +++++++++++++++++++++++++ .htaccess | 26 ++++++++++++++++++++++++++ config/.htaccess | 25 ------------------------- 5 files changed, 55 insertions(+), 26 deletions(-) delete mode 100644 config/.htaccess diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index e0836d7ab0875..b21fb6951c048 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -57,6 +57,7 @@ RUN apt-get -y install \ apt-transport-https \ ca-certificates \ curl \ + jq \ gnupg-agent \ software-properties-common && \ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \ diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index ada819429f442..3c350de79601e 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -5,7 +5,9 @@ services: volumes: - .:/workspace:cached - /var/run/docker.sock:/var/run/docker-host.sock - command: /bin/sh -c "while sleep 1000; do :; done" + - ..:/var/www/html + - ../../customapps:/var/www/html/customapps + command: /var/www/html/.devcontainer/entrypoint.sh ports: - 80:80 - 8080:8080 diff --git a/.devcontainer/setup.sh b/.devcontainer/setup.sh index 9d2e3d73f98e8..83ec173545d31 100755 --- a/.devcontainer/setup.sh +++ b/.devcontainer/setup.sh @@ -6,3 +6,28 @@ git submodule update --init # Codespace config cp .devcontainer/codespace.config.php config/codespace.config.php + +# VSCode debugger profile +mkdir -p .vscode && cp .devcontainer/launch.json .vscode/launch.json + +# Onetime installation setup +if [[ ! $(sudo -u ${APACHE_RUN_USER} php occ status) =~ installed:[[:space:]]*true ]]; then + echo "Running NC installation" + sudo -u ${APACHE_RUN_USER} php occ maintenance:install \ + --verbose \ + --database=pgsql \ + --database-name=postgres \ + --database-host=127.0.0.1 \ + --database-port=5432 \ + --database-user=postgres \ + --database-pass=postgres \ + --admin-user admin \ + --admin-pass admin + + # add MagentaCLOUD convenience setup + source .devcontainer/nmcsetup.sh +fi + + + +sudo service apache2 restart diff --git a/.htaccess b/.htaccess index 956e29ea7c40f..e82e3b88e1b06 100644 --- a/.htaccess +++ b/.htaccess @@ -104,3 +104,29 @@ AddDefaultCharset utf-8 Options -Indexes +#### DO NOT CHANGE ANYTHING ABOVE THIS LINE #### + +ErrorDocument 403 /index.php/error/403 +ErrorDocument 404 /index.php/error/404 + + Options -MultiViews + RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1] + RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1] + RewriteCond %{REQUEST_FILENAME} !\.(css|js|mjs|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|map|webm|mp4|mp3|ogg|wav|wasm|tflite)$ + RewriteCond %{REQUEST_FILENAME} !/core/ajax/update\.php + RewriteCond %{REQUEST_FILENAME} !/core/img/(favicon\.ico|manifest\.json)$ + RewriteCond %{REQUEST_FILENAME} !/(cron|public|remote|status)\.php + RewriteCond %{REQUEST_FILENAME} !/ocs/v(1|2)\.php + RewriteCond %{REQUEST_FILENAME} !/robots\.txt + RewriteCond %{REQUEST_FILENAME} !/(ocm-provider|ocs-provider|updater)/ + RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.* + RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$ + RewriteRule . index.php [PT,E=PATH_INFO:$1] + RewriteBase / + + SetEnv front_controller_active true + + DirectorySlash off + + + diff --git a/config/.htaccess b/config/.htaccess deleted file mode 100644 index 13ca28758cfa4..0000000000000 --- a/config/.htaccess +++ /dev/null @@ -1,25 +0,0 @@ -# Section for Apache 2.4 to 2.6 - - Require all denied - - - Order Allow,Deny - Deny from all - Satisfy All - - -# Section for Apache 2.2 - - - - Order Allow,Deny - Deny from all - - Satisfy All - - - -# Section for Apache 2.2 to 2.6 - - IndexIgnore * - From 1707bccbf9ccba03f939dfaf012174a8ad36ed3c Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 18 Aug 2023 11:59:16 +0200 Subject: [PATCH 3/6] Use V27 setup fro customisation test --- .devcontainer/entrypoint.sh | 5 +++++ 1 file changed, 5 insertions(+) create mode 100755 .devcontainer/entrypoint.sh diff --git a/.devcontainer/entrypoint.sh b/.devcontainer/entrypoint.sh new file mode 100755 index 0000000000000..952f6f8aad65a --- /dev/null +++ b/.devcontainer/entrypoint.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +sudo service apache2 start + +while sleep 1000; do :; done From 3c89f005711d2af6e3da3708217622290e4603c9 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 18 Aug 2023 11:59:51 +0200 Subject: [PATCH 4/6] Add dedicated nmc setup for container --- .devcontainer/apps.config.php | 15 ++++++++++++++ .devcontainer/nmc.config.php | 12 +++++++++++ .devcontainer/nmcsetup.sh | 37 ++++++++++++++++++++++++++++++++++ .devcontainer/theme.config.php | 5 +++++ 4 files changed, 69 insertions(+) create mode 100644 .devcontainer/apps.config.php create mode 100644 .devcontainer/nmc.config.php create mode 100755 .devcontainer/nmcsetup.sh create mode 100644 .devcontainer/theme.config.php diff --git a/.devcontainer/apps.config.php b/.devcontainer/apps.config.php new file mode 100644 index 0000000000000..986c3a4d66d6f --- /dev/null +++ b/.devcontainer/apps.config.php @@ -0,0 +1,15 @@ + array ( + 0 => array ( + 'path' => OC::$SERVERROOT.'/customapps', + 'url' => '/customapps', + 'writable' => true, + ), + 1 => array ( + 'path' => OC::$SERVERROOT.'/apps', + 'url' => '/apps', + 'writable' => true, + ), + ), +); diff --git a/.devcontainer/nmc.config.php b/.devcontainer/nmc.config.php new file mode 100644 index 0000000000000..acbb4cd1a7d96 --- /dev/null +++ b/.devcontainer/nmc.config.php @@ -0,0 +1,12 @@ + '/', + 'default_language' => 'de_DE', + 'integrity.check.disabled' => true, // not recommended for prod, but for customisation + # 'config_is_read_only' => true, + 'auth.authtoken.v1.disabled' => true, + 'sharing.force_share_accept' => true, + 'status-email-message-provider' => '\\OCA\\EmailTemplateExample\\MessageProvider', + 'mail_template_class' => 'OCA\\EmailTemplateExample\\EMailTemplate', + // "logfile_office_report" => "/var/log/nextcloud/office.log", +); \ No newline at end of file diff --git a/.devcontainer/nmcsetup.sh b/.devcontainer/nmcsetup.sh new file mode 100755 index 0000000000000..ba7ee23250d0b --- /dev/null +++ b/.devcontainer/nmcsetup.sh @@ -0,0 +1,37 @@ +#!/bin/bash +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../" >/dev/null 2>&1 && pwd )" + +cd $DIR/ + +# after installation, do some MagentaCLOUD specific setups to start closer to production + +# customapps directory split +cp .devcontainer/apps.config.php config/apps.config.php +cp .devcontainer/nmc.config.php config/nmc.config.php + +# disable user themeing +sudo -u ${APACHE_RUN_USER} php occ theming:config disable-user-theming yes + +# fixed themeing for MagentaCLOUD +cp .devcontainer/theme.config.php config/theme.config.php + +# refresh .htaccess for short URL notation +sudo -u ${APACHE_RUN_USER} php occ maintenance:update:htaccess + +# "Organisational" setting +sudo -u ${APACHE_RUN_USER} php occ theming:config color "#e20074" # don't use uppercase letters! +sudo -u ${APACHE_RUN_USER} php occ theming:config name MagentaCLOUD +sudo -u ${APACHE_RUN_USER} php occ theming:config slogan "Alle Dateien sicher an einem Ort" +sudo -u ${APACHE_RUN_USER} php occ theming:config imprintUrl "http://www.telekom.de/impressum" +sudo -u ${APACHE_RUN_USER} php occ theming:config privacyUrl "https://static.magentacloud.de/Datenschutz" + +# app settings +sudo -u ${APACHE_RUN_USER} php occ config:app:set theming AndroidClientUrl --value \ + "https://play.google.com/store/apps/details?=com.t_systems.android.webdav" +sudo -u ${APACHE_RUN_USER} php occ config:app:set theming iTunesAppId --value "312838242" +sudo -u ${APACHE_RUN_USER} php occ config:app:set theming iOSClientUrl --value \ + "https://apps.apple.com/us/app/magentacloud-cloud-speicher/id312838242" + +# enable/disable apps +sudo -u ${APACHE_RUN_USER} php occ app:enable nmctheme +sudo -u ${APACHE_RUN_USER} php occ app:disable dashboard # may remove as soon as dashboard CR is implemented \ No newline at end of file diff --git a/.devcontainer/theme.config.php b/.devcontainer/theme.config.php new file mode 100644 index 0000000000000..208ab66f85637 --- /dev/null +++ b/.devcontainer/theme.config.php @@ -0,0 +1,5 @@ + 'default', // or any other theme contained in the app + 'theme' => '', // disable old themeing +); \ No newline at end of file From 320eb2736c45471eea1bf8744914c848fa9b0686 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 18 Aug 2023 12:15:30 +0200 Subject: [PATCH 5/6] Generate htaccess on setup --- .htaccess | 132 ------------------------------------------------------ 1 file changed, 132 deletions(-) delete mode 100644 .htaccess diff --git a/.htaccess b/.htaccess deleted file mode 100644 index e82e3b88e1b06..0000000000000 --- a/.htaccess +++ /dev/null @@ -1,132 +0,0 @@ - - - - SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 - RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION - - - SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1 - - - SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 - RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION - - - - - # Add security and privacy related headers - - # Avoid doubled headers by unsetting headers in "onsuccess" table, - # then add headers to "always" table: https://github.com/nextcloud/server/pull/19002 - Header onsuccess unset Referrer-Policy - Header always set Referrer-Policy "no-referrer" - - Header onsuccess unset X-Content-Type-Options - Header always set X-Content-Type-Options "nosniff" - - Header onsuccess unset X-Frame-Options - Header always set X-Frame-Options "SAMEORIGIN" - - Header onsuccess unset X-Permitted-Cross-Domain-Policies - Header always set X-Permitted-Cross-Domain-Policies "none" - - Header onsuccess unset X-Robots-Tag - Header always set X-Robots-Tag "noindex, nofollow" - - Header onsuccess unset X-XSS-Protection - Header always set X-XSS-Protection "1; mode=block" - - SetEnv modHeadersAvailable true - - - # Add cache control for static resources - - - Header set Cache-Control "max-age=15778463, immutable" - - - Header set Cache-Control "max-age=15778463" - - - - # Let browsers cache WOFF files for a week - - Header set Cache-Control "max-age=604800" - - - -# PHP 7.x - - php_value mbstring.func_overload 0 - php_value default_charset 'UTF-8' - php_value output_buffering 0 - - SetEnv htaccessWorking true - - - -# PHP 8+ - - php_value mbstring.func_overload 0 - php_value default_charset 'UTF-8' - php_value output_buffering 0 - - SetEnv htaccessWorking true - - - - - AddType image/svg+xml svg svgz - AddType application/wasm wasm - AddEncoding gzip svgz - - - - DirectoryIndex index.php index.html - - - - ModPagespeed Off - - - - RewriteEngine on - RewriteCond %{HTTP_USER_AGENT} DavClnt - RewriteRule ^$ /remote.php/webdav/ [L,R=302] - RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}] - RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L] - RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L] - RewriteRule ^remote/(.*) remote.php [QSA,L] - RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L] - RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L] - RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L] - - -AddDefaultCharset utf-8 -Options -Indexes -#### DO NOT CHANGE ANYTHING ABOVE THIS LINE #### - -ErrorDocument 403 /index.php/error/403 -ErrorDocument 404 /index.php/error/404 - - Options -MultiViews - RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1] - RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1] - RewriteCond %{REQUEST_FILENAME} !\.(css|js|mjs|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|map|webm|mp4|mp3|ogg|wav|wasm|tflite)$ - RewriteCond %{REQUEST_FILENAME} !/core/ajax/update\.php - RewriteCond %{REQUEST_FILENAME} !/core/img/(favicon\.ico|manifest\.json)$ - RewriteCond %{REQUEST_FILENAME} !/(cron|public|remote|status)\.php - RewriteCond %{REQUEST_FILENAME} !/ocs/v(1|2)\.php - RewriteCond %{REQUEST_FILENAME} !/robots\.txt - RewriteCond %{REQUEST_FILENAME} !/(ocm-provider|ocs-provider|updater)/ - RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.* - RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$ - RewriteRule . index.php [PT,E=PATH_INFO:$1] - RewriteBase / - - SetEnv front_controller_active true - - DirectorySlash off - - - From 8b1f468c85e63a4c6e3a459dac848458fa5beba9 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Sat, 19 Aug 2023 13:54:53 +0200 Subject: [PATCH 6/6] Bugfix with latest V27 files --- .devcontainer/devcontainer.json | 27 ++++++++++++++++----------- .devcontainer/launch.json | 14 ++++++++++++++ 2 files changed, 30 insertions(+), 11 deletions(-) create mode 100644 .devcontainer/launch.json diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index f86a8cf34302e..3fb1bf42e4406 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -8,15 +8,20 @@ 8080, 8025 ], - "runArgs": [ - "--privileged" - ], - "extensions": [ - "felixfbecker.php-debug", - "felixfbecker.php-intellisense", - "ms-azuretools.vscode-docker" - ], - "settings": { - "php.suggest.basic": false, - } + "customizations": { + "vscode": { + "extensions": [ + "felixfbecker.php-debug", + "felixfbecker.php-intellisense", + "ms-azuretools.vscode-docker", + "xdebug.php-debug", + "donjayamanne.githistory" + ], + "settings": { + "php.suggest.basic": false + } + } + }, + "workspaceFolder": "/var/www/html", + "remoteUser": "devcontainer" } diff --git a/.devcontainer/launch.json b/.devcontainer/launch.json new file mode 100644 index 0000000000000..8103dd29461d2 --- /dev/null +++ b/.devcontainer/launch.json @@ -0,0 +1,14 @@ +{ + // Use IntelliSense to learn about possible attributes. + // Hover to view descriptions of existing attributes. + // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 + "version": "0.2.0", + "configurations": [ + { + "name": "Listen for Xdebug", + "type": "php", + "request": "launch", + "port": 9003 + } + ] +}