From 3a5103b8da9ec764e27e9ef9456e4a6640e9152c Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Thu, 20 Jul 2023 19:46:26 +0200 Subject: [PATCH 01/14] Solve #39461 and use php8.1 in older stable devcontainer --- .devcontainer/Dockerfile | 97 ++++++++++++++++++++++++++++------------ 1 file changed, 68 insertions(+), 29 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 4374d03954f71..e0836d7ab0875 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,34 +1,56 @@ -FROM ubuntu:focal +FROM ubuntu:jammy ARG DEBIAN_FRONTEND=noninteractive # PHP -RUN apt-get update -y +RUN apt-get update -y && \ + apt install -y apache2 vim software-properties-common sudo nano gnupg2 + RUN apt-get install --no-install-recommends -y \ - php7.4 \ - php7.4-gd \ - php7.4-zip \ - php7.4-curl \ - php7.4-xml \ - php7.4-mbstring \ - php7.4-sqlite \ - php7.4-xdebug \ - php7.4-pgsql \ - php7.4-intl \ - php7.4-imagick \ - php7.4-gmp \ - php7.4-apcu \ - php7.4-bcmath \ + php8.1 \ + php8.1-common \ + php8.1-gd \ + php8.1-zip \ + php8.1-curl \ + php8.1-xml \ + php8.1-xmlrpc \ + php8.1-mbstring \ + php8.1-sqlite \ + php8.1-xdebug \ + php8.1-pgsql \ + php8.1-intl \ + php8.1-imagick \ + php8.1-gmp \ + php8.1-apcu \ + php8.1-bcmath \ + php8.1-redis \ + php8.1-soap \ + php8.1-imap \ + php8.1-opcache \ + php8.1-cli \ + php8.1-dev \ libmagickcore-6.q16-3-extra \ curl \ - vim \ lsof \ make \ - nodejs \ - npm + unzip + +# Composer +RUN curl -sS https://getcomposer.org/installer -o /tmp/composer-setup.php && \ + curl -sS https://composer.github.io/installer.sig -o /tmp/composer-setup.sig && \ + php -r "if (hash_file('sha384', '/tmp/composer-setup.php') !== trim(file_get_contents('/tmp/composer-setup.sig'))) { echo 'Composer installation failed, invalid hash'; exit(1); }" && \ + php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer && \ + rm /tmp/composer-setup.php /tmp/composer-setup.sig -RUN echo "xdebug.remote_enable = 1" >> /etc/php/7.4/cli/conf.d/20-xdebug.ini -RUN echo "xdebug.remote_autostart = 1" >> /etc/php/7.4/cli/conf.d/20-xdebug.ini +RUN echo "xdebug.remote_enable = 1" >> /etc/php/8.1/cli/conf.d/20-xdebug.ini && \ + echo "xdebug.remote_autostart = 1" >> /etc/php/8.1/cli/conf.d/20-xdebug.ini && \ + echo "apc.enable_cli=1" >> /etc/php/8.1/cli/conf.d/20-apcu.ini + +# Autostart XDebug for apache +RUN { \ + echo "xdebug.mode=debug"; \ + echo "xdebug.start_with_request=yes"; \ +} >> /etc/php/8.1/apache2/conf.d/20-xdebug.ini # Docker RUN apt-get -y install \ @@ -36,12 +58,29 @@ RUN apt-get -y install \ ca-certificates \ curl \ gnupg-agent \ - software-properties-common -RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - -RUN add-apt-repository \ - "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ + software-properties-common && \ + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \ + add-apt-repository \ + "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ - stable" -RUN apt-get update -y -RUN apt-get install -y docker-ce docker-ce-cli containerd.io -RUN ln -s /var/run/docker-host.sock /var/run/docker.sock + stable" && \ + apt-get update -y && \ + apt-get install -y docker-ce docker-ce-cli containerd.io && \ + ln -s /var/run/docker-host.sock /var/run/docker.sock + +# Dedicated DevContainer user runs Apache +ENV APACHE_RUN_USER=devcontainer +ENV APACHE_RUN_GROUP=devcontainer +RUN useradd -ms /bin/bash ${APACHE_RUN_USER} && \ + adduser ${APACHE_RUN_USER} sudo && \ + echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers && \ + sed -ri "s/^export APACHE_RUN_USER=.*$/export APACHE_RUN_USER=${APACHE_RUN_USER}/" "/etc/apache2/envvars" && \ + sed -ri "s/^export APACHE_RUN_GROUP=.*$/export APACHE_RUN_GROUP=${APACHE_RUN_GROUP}/" "/etc/apache2/envvars" + +USER devcontainer + +# NVM +RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash +RUN bash --login -i -c 'source /home/devcontainer/.bashrc && nvm install 16' + +WORKDIR /var/www/html From fe7dccb5e8a107df67d84acceab9546da4f427ae Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 18 Aug 2023 11:49:44 +0200 Subject: [PATCH 02/14] Use newest setup since V25 with DB creation --- .devcontainer/Dockerfile | 1 + .devcontainer/docker-compose.yml | 4 +++- .devcontainer/setup.sh | 25 +++++++++++++++++++++++++ .htaccess | 26 ++++++++++++++++++++++++++ config/.htaccess | 25 ------------------------- 5 files changed, 55 insertions(+), 26 deletions(-) delete mode 100644 config/.htaccess diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index e0836d7ab0875..b21fb6951c048 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -57,6 +57,7 @@ RUN apt-get -y install \ apt-transport-https \ ca-certificates \ curl \ + jq \ gnupg-agent \ software-properties-common && \ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \ diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index ada819429f442..3c350de79601e 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -5,7 +5,9 @@ services: volumes: - .:/workspace:cached - /var/run/docker.sock:/var/run/docker-host.sock - command: /bin/sh -c "while sleep 1000; do :; done" + - ..:/var/www/html + - ../../customapps:/var/www/html/customapps + command: /var/www/html/.devcontainer/entrypoint.sh ports: - 80:80 - 8080:8080 diff --git a/.devcontainer/setup.sh b/.devcontainer/setup.sh index 9d2e3d73f98e8..83ec173545d31 100755 --- a/.devcontainer/setup.sh +++ b/.devcontainer/setup.sh @@ -6,3 +6,28 @@ git submodule update --init # Codespace config cp .devcontainer/codespace.config.php config/codespace.config.php + +# VSCode debugger profile +mkdir -p .vscode && cp .devcontainer/launch.json .vscode/launch.json + +# Onetime installation setup +if [[ ! $(sudo -u ${APACHE_RUN_USER} php occ status) =~ installed:[[:space:]]*true ]]; then + echo "Running NC installation" + sudo -u ${APACHE_RUN_USER} php occ maintenance:install \ + --verbose \ + --database=pgsql \ + --database-name=postgres \ + --database-host=127.0.0.1 \ + --database-port=5432 \ + --database-user=postgres \ + --database-pass=postgres \ + --admin-user admin \ + --admin-pass admin + + # add MagentaCLOUD convenience setup + source .devcontainer/nmcsetup.sh +fi + + + +sudo service apache2 restart diff --git a/.htaccess b/.htaccess index 956e29ea7c40f..e82e3b88e1b06 100644 --- a/.htaccess +++ b/.htaccess @@ -104,3 +104,29 @@ AddDefaultCharset utf-8 Options -Indexes +#### DO NOT CHANGE ANYTHING ABOVE THIS LINE #### + +ErrorDocument 403 /index.php/error/403 +ErrorDocument 404 /index.php/error/404 + + Options -MultiViews + RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1] + RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1] + RewriteCond %{REQUEST_FILENAME} !\.(css|js|mjs|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|map|webm|mp4|mp3|ogg|wav|wasm|tflite)$ + RewriteCond %{REQUEST_FILENAME} !/core/ajax/update\.php + RewriteCond %{REQUEST_FILENAME} !/core/img/(favicon\.ico|manifest\.json)$ + RewriteCond %{REQUEST_FILENAME} !/(cron|public|remote|status)\.php + RewriteCond %{REQUEST_FILENAME} !/ocs/v(1|2)\.php + RewriteCond %{REQUEST_FILENAME} !/robots\.txt + RewriteCond %{REQUEST_FILENAME} !/(ocm-provider|ocs-provider|updater)/ + RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.* + RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$ + RewriteRule . index.php [PT,E=PATH_INFO:$1] + RewriteBase / + + SetEnv front_controller_active true + + DirectorySlash off + + + diff --git a/config/.htaccess b/config/.htaccess deleted file mode 100644 index 13ca28758cfa4..0000000000000 --- a/config/.htaccess +++ /dev/null @@ -1,25 +0,0 @@ -# Section for Apache 2.4 to 2.6 - - Require all denied - - - Order Allow,Deny - Deny from all - Satisfy All - - -# Section for Apache 2.2 - - - - Order Allow,Deny - Deny from all - - Satisfy All - - - -# Section for Apache 2.2 to 2.6 - - IndexIgnore * - From 1707bccbf9ccba03f939dfaf012174a8ad36ed3c Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 18 Aug 2023 11:59:16 +0200 Subject: [PATCH 03/14] Use V27 setup fro customisation test --- .devcontainer/entrypoint.sh | 5 +++++ 1 file changed, 5 insertions(+) create mode 100755 .devcontainer/entrypoint.sh diff --git a/.devcontainer/entrypoint.sh b/.devcontainer/entrypoint.sh new file mode 100755 index 0000000000000..952f6f8aad65a --- /dev/null +++ b/.devcontainer/entrypoint.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +sudo service apache2 start + +while sleep 1000; do :; done From 3c89f005711d2af6e3da3708217622290e4603c9 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 18 Aug 2023 11:59:51 +0200 Subject: [PATCH 04/14] Add dedicated nmc setup for container --- .devcontainer/apps.config.php | 15 ++++++++++++++ .devcontainer/nmc.config.php | 12 +++++++++++ .devcontainer/nmcsetup.sh | 37 ++++++++++++++++++++++++++++++++++ .devcontainer/theme.config.php | 5 +++++ 4 files changed, 69 insertions(+) create mode 100644 .devcontainer/apps.config.php create mode 100644 .devcontainer/nmc.config.php create mode 100755 .devcontainer/nmcsetup.sh create mode 100644 .devcontainer/theme.config.php diff --git a/.devcontainer/apps.config.php b/.devcontainer/apps.config.php new file mode 100644 index 0000000000000..986c3a4d66d6f --- /dev/null +++ b/.devcontainer/apps.config.php @@ -0,0 +1,15 @@ + array ( + 0 => array ( + 'path' => OC::$SERVERROOT.'/customapps', + 'url' => '/customapps', + 'writable' => true, + ), + 1 => array ( + 'path' => OC::$SERVERROOT.'/apps', + 'url' => '/apps', + 'writable' => true, + ), + ), +); diff --git a/.devcontainer/nmc.config.php b/.devcontainer/nmc.config.php new file mode 100644 index 0000000000000..acbb4cd1a7d96 --- /dev/null +++ b/.devcontainer/nmc.config.php @@ -0,0 +1,12 @@ + '/', + 'default_language' => 'de_DE', + 'integrity.check.disabled' => true, // not recommended for prod, but for customisation + # 'config_is_read_only' => true, + 'auth.authtoken.v1.disabled' => true, + 'sharing.force_share_accept' => true, + 'status-email-message-provider' => '\\OCA\\EmailTemplateExample\\MessageProvider', + 'mail_template_class' => 'OCA\\EmailTemplateExample\\EMailTemplate', + // "logfile_office_report" => "/var/log/nextcloud/office.log", +); \ No newline at end of file diff --git a/.devcontainer/nmcsetup.sh b/.devcontainer/nmcsetup.sh new file mode 100755 index 0000000000000..ba7ee23250d0b --- /dev/null +++ b/.devcontainer/nmcsetup.sh @@ -0,0 +1,37 @@ +#!/bin/bash +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../" >/dev/null 2>&1 && pwd )" + +cd $DIR/ + +# after installation, do some MagentaCLOUD specific setups to start closer to production + +# customapps directory split +cp .devcontainer/apps.config.php config/apps.config.php +cp .devcontainer/nmc.config.php config/nmc.config.php + +# disable user themeing +sudo -u ${APACHE_RUN_USER} php occ theming:config disable-user-theming yes + +# fixed themeing for MagentaCLOUD +cp .devcontainer/theme.config.php config/theme.config.php + +# refresh .htaccess for short URL notation +sudo -u ${APACHE_RUN_USER} php occ maintenance:update:htaccess + +# "Organisational" setting +sudo -u ${APACHE_RUN_USER} php occ theming:config color "#e20074" # don't use uppercase letters! +sudo -u ${APACHE_RUN_USER} php occ theming:config name MagentaCLOUD +sudo -u ${APACHE_RUN_USER} php occ theming:config slogan "Alle Dateien sicher an einem Ort" +sudo -u ${APACHE_RUN_USER} php occ theming:config imprintUrl "http://www.telekom.de/impressum" +sudo -u ${APACHE_RUN_USER} php occ theming:config privacyUrl "https://static.magentacloud.de/Datenschutz" + +# app settings +sudo -u ${APACHE_RUN_USER} php occ config:app:set theming AndroidClientUrl --value \ + "https://play.google.com/store/apps/details?=com.t_systems.android.webdav" +sudo -u ${APACHE_RUN_USER} php occ config:app:set theming iTunesAppId --value "312838242" +sudo -u ${APACHE_RUN_USER} php occ config:app:set theming iOSClientUrl --value \ + "https://apps.apple.com/us/app/magentacloud-cloud-speicher/id312838242" + +# enable/disable apps +sudo -u ${APACHE_RUN_USER} php occ app:enable nmctheme +sudo -u ${APACHE_RUN_USER} php occ app:disable dashboard # may remove as soon as dashboard CR is implemented \ No newline at end of file diff --git a/.devcontainer/theme.config.php b/.devcontainer/theme.config.php new file mode 100644 index 0000000000000..208ab66f85637 --- /dev/null +++ b/.devcontainer/theme.config.php @@ -0,0 +1,5 @@ + 'default', // or any other theme contained in the app + 'theme' => '', // disable old themeing +); \ No newline at end of file From 320eb2736c45471eea1bf8744914c848fa9b0686 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 18 Aug 2023 12:15:30 +0200 Subject: [PATCH 05/14] Generate htaccess on setup --- .htaccess | 132 ------------------------------------------------------ 1 file changed, 132 deletions(-) delete mode 100644 .htaccess diff --git a/.htaccess b/.htaccess deleted file mode 100644 index e82e3b88e1b06..0000000000000 --- a/.htaccess +++ /dev/null @@ -1,132 +0,0 @@ - - - - SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 - RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION - - - SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1 - - - SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 - RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION - - - - - # Add security and privacy related headers - - # Avoid doubled headers by unsetting headers in "onsuccess" table, - # then add headers to "always" table: https://github.com/nextcloud/server/pull/19002 - Header onsuccess unset Referrer-Policy - Header always set Referrer-Policy "no-referrer" - - Header onsuccess unset X-Content-Type-Options - Header always set X-Content-Type-Options "nosniff" - - Header onsuccess unset X-Frame-Options - Header always set X-Frame-Options "SAMEORIGIN" - - Header onsuccess unset X-Permitted-Cross-Domain-Policies - Header always set X-Permitted-Cross-Domain-Policies "none" - - Header onsuccess unset X-Robots-Tag - Header always set X-Robots-Tag "noindex, nofollow" - - Header onsuccess unset X-XSS-Protection - Header always set X-XSS-Protection "1; mode=block" - - SetEnv modHeadersAvailable true - - - # Add cache control for static resources - - - Header set Cache-Control "max-age=15778463, immutable" - - - Header set Cache-Control "max-age=15778463" - - - - # Let browsers cache WOFF files for a week - - Header set Cache-Control "max-age=604800" - - - -# PHP 7.x - - php_value mbstring.func_overload 0 - php_value default_charset 'UTF-8' - php_value output_buffering 0 - - SetEnv htaccessWorking true - - - -# PHP 8+ - - php_value mbstring.func_overload 0 - php_value default_charset 'UTF-8' - php_value output_buffering 0 - - SetEnv htaccessWorking true - - - - - AddType image/svg+xml svg svgz - AddType application/wasm wasm - AddEncoding gzip svgz - - - - DirectoryIndex index.php index.html - - - - ModPagespeed Off - - - - RewriteEngine on - RewriteCond %{HTTP_USER_AGENT} DavClnt - RewriteRule ^$ /remote.php/webdav/ [L,R=302] - RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}] - RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L] - RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L] - RewriteRule ^remote/(.*) remote.php [QSA,L] - RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L] - RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L] - RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L] - - -AddDefaultCharset utf-8 -Options -Indexes -#### DO NOT CHANGE ANYTHING ABOVE THIS LINE #### - -ErrorDocument 403 /index.php/error/403 -ErrorDocument 404 /index.php/error/404 - - Options -MultiViews - RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1] - RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1] - RewriteCond %{REQUEST_FILENAME} !\.(css|js|mjs|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|map|webm|mp4|mp3|ogg|wav|wasm|tflite)$ - RewriteCond %{REQUEST_FILENAME} !/core/ajax/update\.php - RewriteCond %{REQUEST_FILENAME} !/core/img/(favicon\.ico|manifest\.json)$ - RewriteCond %{REQUEST_FILENAME} !/(cron|public|remote|status)\.php - RewriteCond %{REQUEST_FILENAME} !/ocs/v(1|2)\.php - RewriteCond %{REQUEST_FILENAME} !/robots\.txt - RewriteCond %{REQUEST_FILENAME} !/(ocm-provider|ocs-provider|updater)/ - RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.* - RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$ - RewriteRule . index.php [PT,E=PATH_INFO:$1] - RewriteBase / - - SetEnv front_controller_active true - - DirectorySlash off - - - From 8b1f468c85e63a4c6e3a459dac848458fa5beba9 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Sat, 19 Aug 2023 13:54:53 +0200 Subject: [PATCH 06/14] Bugfix with latest V27 files --- .devcontainer/devcontainer.json | 27 ++++++++++++++++----------- .devcontainer/launch.json | 14 ++++++++++++++ 2 files changed, 30 insertions(+), 11 deletions(-) create mode 100644 .devcontainer/launch.json diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index f86a8cf34302e..3fb1bf42e4406 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -8,15 +8,20 @@ 8080, 8025 ], - "runArgs": [ - "--privileged" - ], - "extensions": [ - "felixfbecker.php-debug", - "felixfbecker.php-intellisense", - "ms-azuretools.vscode-docker" - ], - "settings": { - "php.suggest.basic": false, - } + "customizations": { + "vscode": { + "extensions": [ + "felixfbecker.php-debug", + "felixfbecker.php-intellisense", + "ms-azuretools.vscode-docker", + "xdebug.php-debug", + "donjayamanne.githistory" + ], + "settings": { + "php.suggest.basic": false + } + } + }, + "workspaceFolder": "/var/www/html", + "remoteUser": "devcontainer" } diff --git a/.devcontainer/launch.json b/.devcontainer/launch.json new file mode 100644 index 0000000000000..8103dd29461d2 --- /dev/null +++ b/.devcontainer/launch.json @@ -0,0 +1,14 @@ +{ + // Use IntelliSense to learn about possible attributes. + // Hover to view descriptions of existing attributes. + // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 + "version": "0.2.0", + "configurations": [ + { + "name": "Listen for Xdebug", + "type": "php", + "request": "launch", + "port": 9003 + } + ] +} From 09c672de4fc81ba4ca6e3806141958d6801249c1 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Sat, 19 Aug 2023 15:18:03 +0200 Subject: [PATCH 07/14] Move data and config from temp container storage to local disk --- .devcontainer/docker-compose.yml | 4 ++++ .devcontainer/nmc.config.php | 2 +- .devcontainer/setup.sh | 12 ++++++------ 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 3c350de79601e..25fbb4a0571ab 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -7,6 +7,8 @@ services: - /var/run/docker.sock:/var/run/docker-host.sock - ..:/var/www/html - ../../customapps:/var/www/html/customapps + - ../../data:/var/www/html/data + - ../../config:/var/www/html/config command: /var/www/html/.devcontainer/entrypoint.sh ports: - 80:80 @@ -18,6 +20,8 @@ services: restart: always environment: POSTGRES_PASSWORD: postgres + volumes: + - ../../data:/var/lib/postgresql/data network_mode: service:nextclouddev adminer: diff --git a/.devcontainer/nmc.config.php b/.devcontainer/nmc.config.php index acbb4cd1a7d96..8541c9a58ed8d 100644 --- a/.devcontainer/nmc.config.php +++ b/.devcontainer/nmc.config.php @@ -3,7 +3,7 @@ 'htaccess.RewriteBase' => '/', 'default_language' => 'de_DE', 'integrity.check.disabled' => true, // not recommended for prod, but for customisation - # 'config_is_read_only' => true, + 'config_is_read_only' => true, 'auth.authtoken.v1.disabled' => true, 'sharing.force_share_accept' => true, 'status-email-message-provider' => '\\OCA\\EmailTemplateExample\\MessageProvider', diff --git a/.devcontainer/setup.sh b/.devcontainer/setup.sh index 83ec173545d31..c7ed691825042 100755 --- a/.devcontainer/setup.sh +++ b/.devcontainer/setup.sh @@ -4,9 +4,6 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../" >/dev/null 2>&1 && pwd )" cd $DIR/ git submodule update --init -# Codespace config -cp .devcontainer/codespace.config.php config/codespace.config.php - # VSCode debugger profile mkdir -p .vscode && cp .devcontainer/launch.json .vscode/launch.json @@ -23,11 +20,14 @@ if [[ ! $(sudo -u ${APACHE_RUN_USER} php occ status) =~ installed:[[:space:]]*tr --database-pass=postgres \ --admin-user admin \ --admin-pass admin - - # add MagentaCLOUD convenience setup - source .devcontainer/nmcsetup.sh fi +# Codespace config; do it late to avoid duplication into config.php +# (which removed the conditional code!) +# may consider setting 'config_is_read_only' => true, +cp .devcontainer/codespace.config.php config/codespace.config.php +# add MagentaCLOUD convenience setup +source .devcontainer/nmcsetup.sh sudo service apache2 restart From c53a9b1429a5b3d0e69fd906367da57ea39afefc Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Sat, 19 Aug 2023 16:01:09 +0200 Subject: [PATCH 08/14] Fix install complaints --- .devcontainer/nmc.config.php | 2 +- .devcontainer/setup.sh | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.devcontainer/nmc.config.php b/.devcontainer/nmc.config.php index 8541c9a58ed8d..a229873231e62 100644 --- a/.devcontainer/nmc.config.php +++ b/.devcontainer/nmc.config.php @@ -3,7 +3,7 @@ 'htaccess.RewriteBase' => '/', 'default_language' => 'de_DE', 'integrity.check.disabled' => true, // not recommended for prod, but for customisation - 'config_is_read_only' => true, + // 'config_is_read_only' => true, 'auth.authtoken.v1.disabled' => true, 'sharing.force_share_accept' => true, 'status-email-message-provider' => '\\OCA\\EmailTemplateExample\\MessageProvider', diff --git a/.devcontainer/setup.sh b/.devcontainer/setup.sh index c7ed691825042..3e47b28a43393 100755 --- a/.devcontainer/setup.sh +++ b/.devcontainer/setup.sh @@ -10,6 +10,11 @@ mkdir -p .vscode && cp .devcontainer/launch.json .vscode/launch.json # Onetime installation setup if [[ ! $(sudo -u ${APACHE_RUN_USER} php occ status) =~ installed:[[:space:]]*true ]]; then echo "Running NC installation" + + # we could be faced with an externalized, empty config dir + touch config/CAN_INSTALL + + # this produces the plain config file without any overwriting sudo -u ${APACHE_RUN_USER} php occ maintenance:install \ --verbose \ --database=pgsql \ From 7d785ec5f30316719cd16b10d337434c394e4eb6 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Sat, 19 Aug 2023 16:06:11 +0200 Subject: [PATCH 09/14] Keep read_only is more secure --- .devcontainer/nmc.config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devcontainer/nmc.config.php b/.devcontainer/nmc.config.php index a229873231e62..8541c9a58ed8d 100644 --- a/.devcontainer/nmc.config.php +++ b/.devcontainer/nmc.config.php @@ -3,7 +3,7 @@ 'htaccess.RewriteBase' => '/', 'default_language' => 'de_DE', 'integrity.check.disabled' => true, // not recommended for prod, but for customisation - // 'config_is_read_only' => true, + 'config_is_read_only' => true, 'auth.authtoken.v1.disabled' => true, 'sharing.force_share_accept' => true, 'status-email-message-provider' => '\\OCA\\EmailTemplateExample\\MessageProvider', From 112078a044dbc3b25b51f2793098400dbda531cb Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Sat, 19 Aug 2023 18:36:01 +0200 Subject: [PATCH 10/14] Move db volume to sibling data dir --- .devcontainer/docker-compose.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 25fbb4a0571ab..3b381a7d90a9d 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -20,8 +20,9 @@ services: restart: always environment: POSTGRES_PASSWORD: postgres + PGDATA: /data/postgres volumes: - - ../../data:/var/lib/postgresql/data + - ../../data/db:/data/postgres network_mode: service:nextclouddev adminer: From 33f343563fac76afcd2f9000a694de038cf2b61c Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Sat, 19 Aug 2023 19:27:32 +0200 Subject: [PATCH 11/14] Use docker-composer not localhost --- .devcontainer/codespace.config.php | 12 ++++++++---- .devcontainer/setup.sh | 2 +- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.devcontainer/codespace.config.php b/.devcontainer/codespace.config.php index 2818a760edbf8..f1c7c2aaa3bef 100644 --- a/.devcontainer/codespace.config.php +++ b/.devcontainer/codespace.config.php @@ -1,18 +1,22 @@ 'no-reply', 'mail_smtpmode' => 'smtp', 'mail_sendmailmode' => 'smtp', 'mail_domain' => 'example.com', - 'mail_smtphost' => 'localhost', + 'mail_smtphost' => 'mailhog', 'mail_smtpport' => '1025', 'memcache.local' => '\OC\Memcache\APCu', ]; -if($cloudEnvironmentId !== true) { - $CONFIG['overwritehost'] = $cloudEnvironmentId . '-80.apps.codespaces.githubusercontent.com'; +if(is_string($codespaceName) && !empty($codespaceName) && is_string($codespaceDomain) && !empty($codespaceDomain)) { + $host = $codespaceName . '-80.' . $codespaceDomain; + $CONFIG['overwritehost'] = $host; + $CONFIG['overwrite.cli.url'] = 'https://' . $host; $CONFIG['overwriteprotocol'] = 'https'; + $CONFIG['trusted_domains'] = [ $host ]; } diff --git a/.devcontainer/setup.sh b/.devcontainer/setup.sh index 3e47b28a43393..620bc41e67d69 100755 --- a/.devcontainer/setup.sh +++ b/.devcontainer/setup.sh @@ -19,7 +19,7 @@ if [[ ! $(sudo -u ${APACHE_RUN_USER} php occ status) =~ installed:[[:space:]]*tr --verbose \ --database=pgsql \ --database-name=postgres \ - --database-host=127.0.0.1 \ + --database-host=db \ --database-port=5432 \ --database-user=postgres \ --database-pass=postgres \ From c2ec76ba3b6a51156e813e952728e44b34ff4812 Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Sat, 19 Aug 2023 20:42:12 +0200 Subject: [PATCH 12/14] Make network structure and dependencies reliable --- .devcontainer/docker-compose.yml | 18 +++++++++++++----- .devcontainer/nmc.config.php | 2 +- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 3b381a7d90a9d..436e323b850a2 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -12,8 +12,9 @@ services: command: /var/www/html/.devcontainer/entrypoint.sh ports: - 80:80 - - 8080:8080 - - 8025:8025 + depends_on: + - db + - mailhog db: image: postgres @@ -23,14 +24,21 @@ services: PGDATA: /data/postgres volumes: - ../../data/db:/data/postgres - network_mode: service:nextclouddev + expose: + - "5432" adminer: image: adminer restart: always - network_mode: service:nextclouddev + ports: + - 8080:8080 + depends_on: + - db mailhog: image: mailhog/mailhog restart: always - network_mode: service:nextclouddev + ports: + - 8025:8025 + + diff --git a/.devcontainer/nmc.config.php b/.devcontainer/nmc.config.php index 8541c9a58ed8d..a229873231e62 100644 --- a/.devcontainer/nmc.config.php +++ b/.devcontainer/nmc.config.php @@ -3,7 +3,7 @@ 'htaccess.RewriteBase' => '/', 'default_language' => 'de_DE', 'integrity.check.disabled' => true, // not recommended for prod, but for customisation - 'config_is_read_only' => true, + // 'config_is_read_only' => true, 'auth.authtoken.v1.disabled' => true, 'sharing.force_share_accept' => true, 'status-email-message-provider' => '\\OCA\\EmailTemplateExample\\MessageProvider', From f36b9e9b8ef45bed285bebd602e4befa9c0a6c4f Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Mon, 21 Aug 2023 12:14:16 +0200 Subject: [PATCH 13/14] Avoid lost configuration on NC apache restart --- .devcontainer/lock.config.php | 4 ++++ .devcontainer/nmc.config.php | 1 - .devcontainer/nmcsetup.sh | 8 +++++++- 3 files changed, 11 insertions(+), 2 deletions(-) create mode 100644 .devcontainer/lock.config.php diff --git a/.devcontainer/lock.config.php b/.devcontainer/lock.config.php new file mode 100644 index 0000000000000..f48baeb0e8c79 --- /dev/null +++ b/.devcontainer/lock.config.php @@ -0,0 +1,4 @@ + true, +); \ No newline at end of file diff --git a/.devcontainer/nmc.config.php b/.devcontainer/nmc.config.php index a229873231e62..719958cb9e73d 100644 --- a/.devcontainer/nmc.config.php +++ b/.devcontainer/nmc.config.php @@ -3,7 +3,6 @@ 'htaccess.RewriteBase' => '/', 'default_language' => 'de_DE', 'integrity.check.disabled' => true, // not recommended for prod, but for customisation - // 'config_is_read_only' => true, 'auth.authtoken.v1.disabled' => true, 'sharing.force_share_accept' => true, 'status-email-message-provider' => '\\OCA\\EmailTemplateExample\\MessageProvider', diff --git a/.devcontainer/nmcsetup.sh b/.devcontainer/nmcsetup.sh index ba7ee23250d0b..6de50d9413786 100755 --- a/.devcontainer/nmcsetup.sh +++ b/.devcontainer/nmcsetup.sh @@ -34,4 +34,10 @@ sudo -u ${APACHE_RUN_USER} php occ config:app:set theming iOSClientUrl --value \ # enable/disable apps sudo -u ${APACHE_RUN_USER} php occ app:enable nmctheme -sudo -u ${APACHE_RUN_USER} php occ app:disable dashboard # may remove as soon as dashboard CR is implemented \ No newline at end of file +sudo -u ${APACHE_RUN_USER} php occ app:disable dashboard # may remove as soon as dashboard CR is implemented + +# there are side effects when using devcontainer and +# doing the main settings via webapp. For the moment, the best +# workaround is to lock config and avoid overwrite by nextcloud +# esp. on container rebuild +cp .devcontainer/lock.config.php config/lock.config.php From 907c8f2dd5e7dd763c36c5f9684fd227edb33beb Mon Sep 17 00:00:00 2001 From: "Bernd.Rederlechner@t-systems.com" Date: Fri, 25 Aug 2023 17:22:49 +0200 Subject: [PATCH 14/14] Check db health to avoid start without db --- .devcontainer/docker-compose.yml | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 436e323b850a2..4dcce18b0b009 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -13,9 +13,11 @@ services: ports: - 80:80 depends_on: - - db - - mailhog - + db: + condition: service_healthy + mailhog: + condition: service_started + db: image: postgres restart: always @@ -26,14 +28,21 @@ services: - ../../data/db:/data/postgres expose: - "5432" - + healthcheck: + test: ["CMD-SHELL", "pg_isready"] + interval: 10s + timeout: 5s + retries: 10 + + adminer: image: adminer restart: always ports: - 8080:8080 depends_on: - - db + db: + condition: service_healthy mailhog: image: mailhog/mailhog