Block a user
nextcloud (latest)
Published 2024-08-04 12:27:03 +00:00 by steputatm
Installation
docker pull git.steputat-bsh.de/steputatm/nextcloud:latestsha256:54585b3c0396030990452216e765f2b9834ed896ef728beed580767b09f370f0About this package
All-in-one Nextcloud image, based on Alpine Linux
Image Layers
| ADD file:99093095d62d0421541d882f9ceeddb2981fe701ec0aa9d2c08480712d5fed21 in / |
| CMD ["/bin/sh"] |
| ENV PHPIZE_DEPS=autoconf dpkg-dev dpkg file g++ gcc libc-dev make pkgconf re2c |
| /bin/sh -c apk add --no-cache ca-certificates curl openssl tar xz |
| /bin/sh -c set -eux; adduser -u 82 -D -S -G www-data www-data |
| ENV PHP_INI_DIR=/usr/local/etc/php |
| /bin/sh -c set -eux; mkdir -p "$PHP_INI_DIR/conf.d"; [ ! -d /var/www/html ]; mkdir -p /var/www/html; chown www-data:www-data /var/www/html; chmod 1777 /var/www/html |
| ENV PHP_CFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 |
| ENV PHP_CPPFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 |
| ENV PHP_LDFLAGS=-Wl,-O1 -pie |
| ENV GPG_KEYS=39B641343D8C104B2B146DC3F9C39DC0B9698544 E60913E4DF209907D8E30D96659A97C9CF2A795A 1198C0117593497A5EC5C199286AF1F9897469DC |
| ENV PHP_VERSION=8.2.22 |
| ENV PHP_URL=https://www.php.net/distributions/php-8.2.22.tar.xz PHP_ASC_URL=https://www.php.net/distributions/php-8.2.22.tar.xz.asc |
| ENV PHP_SHA256=8566229bc88ad1f4aadc10700ab5fbcec81587c748999d985f11cf3b745462df |
| /bin/sh -c set -eux; apk add --no-cache --virtual .fetch-deps gnupg; mkdir -p /usr/src; cd /usr/src; curl -fsSL -o php.tar.xz "$PHP_URL"; if [ -n "$PHP_SHA256" ]; then echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; fi; if [ -n "$PHP_ASC_URL" ]; then curl -fsSL -o php.tar.xz.asc "$PHP_ASC_URL"; export GNUPGHOME="$(mktemp -d)"; for key in $GPG_KEYS; do gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; done; gpg --batch --verify php.tar.xz.asc php.tar.xz; gpgconf --kill all; rm -rf "$GNUPGHOME"; fi; apk del --no-network .fetch-deps |
| COPY file:ce57c04b70896f77cc11eb2766417d8a1240fcffe5bba92179ec78c458844110 in /usr/local/bin/ |
| /bin/sh -c set -eux; apk add --no-cache --virtual .build-deps $PHPIZE_DEPS argon2-dev coreutils curl-dev gnu-libiconv-dev libsodium-dev libxml2-dev linux-headers oniguruma-dev openssl-dev readline-dev sqlite-dev ; rm -vf /usr/include/iconv.h; export CFLAGS="$PHP_CFLAGS" CPPFLAGS="$PHP_CPPFLAGS" LDFLAGS="$PHP_LDFLAGS" PHP_BUILD_PROVIDER='https://github.com/docker-library/php' PHP_UNAME='Linux - Docker' ; docker-php-source extract; cd /usr/src/php; gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; ./configure --build="$gnuArch" --with-config-file-path="$PHP_INI_DIR" --with-config-file-scan-dir="$PHP_INI_DIR/conf.d" --enable-option-checking=fatal --with-mhash --with-pic --enable-mbstring --enable-mysqlnd --with-password-argon2 --with-sodium=shared --with-pdo-sqlite=/usr --with-sqlite3=/usr --with-curl --with-iconv=/usr --with-openssl --with-readline --with-zlib --disable-phpdbg --with-pear $(test "$gnuArch" = 'riscv64-linux-musl' && echo '--without-pcre-jit') --disable-cgi --enable-fpm --with-fpm-user=www-data --with-fpm-group=www-data ; make -j "$(nproc)"; find -type f -name '*.a' -delete; make install; find /usr/local -type f -perm '/0111' -exec sh -euxc ' strip --strip-all "$@" || : ' -- '{}' + ; make clean; cp -v php.ini-* "$PHP_INI_DIR/"; cd /; docker-php-source delete; runDeps="$( scanelf --needed --nobanner --format '%n#p' --recursive /usr/local | tr ',' '\n' | sort -u | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' )"; apk add --no-cache $runDeps; apk del --no-network .build-deps; pecl update-channels; rm -rf /tmp/pear ~/.pearrc; php --version |
| COPY multi:869bde9dbeae74886a05c9e2107b3e3b4877116db8c6d9adbaff2719f9fb5262 in /usr/local/bin/ |
| /bin/sh -c docker-php-ext-enable sodium |
| ENTRYPOINT ["docker-php-entrypoint"] |
| WORKDIR /var/www/html |
| /bin/sh -c set -eux; cd /usr/local/etc; if [ -d php-fpm.d ]; then sed 's!=NONE/!=!g' php-fpm.conf.default | tee php-fpm.conf > /dev/null; cp php-fpm.d/www.conf.default php-fpm.d/www.conf; else mkdir php-fpm.d; cp php-fpm.conf.default php-fpm.d/www.conf; { echo '[global]'; echo 'include=etc/php-fpm.d/*.conf'; } | tee php-fpm.conf; fi; { echo '[global]'; echo 'error_log = /proc/self/fd/2'; echo; echo '; https://github.com/docker-library/php/pull/725#issuecomment-443540114'; echo 'log_limit = 8192'; echo; echo '[www]'; echo '; php-fpm closes STDOUT on startup, so sending logs to /proc/self/fd/1 does not work.'; echo '; https://bugs.php.net/bug.php?id=73886'; echo 'access.log = /proc/self/fd/2'; echo; echo 'clear_env = no'; echo; echo '; Ensure worker stdout and stderr are sent to the main error log.'; echo 'catch_workers_output = yes'; echo 'decorate_workers_output = no'; } | tee php-fpm.d/docker.conf; { echo '[global]'; echo 'daemonize = no'; echo; echo '[www]'; echo 'listen = 9000'; } | tee php-fpm.d/zz-docker.conf; mkdir -p "$PHP_INI_DIR/conf.d"; { echo '; https://github.com/docker-library/php/issues/878#issuecomment-938595965'; echo 'fastcgi.logging = Off'; } > "$PHP_INI_DIR/conf.d/docker-fpm.ini" |
| STOPSIGNAL SIGQUIT |
| EXPOSE 9000 |
| CMD ["php-fpm"] |
| ARG SNUFFLEUPAGUS_VERSION=0.10.0 |
| RUN |1 SNUFFLEUPAGUS_VERSION=0.10.0 /bin/sh -c set -ex; apk -U upgrade && apk add -t build-deps $PHPIZE_DEPS bash freetype-dev bzip2-dev git imagemagick-dev gmp-dev icu-dev libjpeg-turbo-dev libmemcached-dev libpng-dev libwebp-dev libzip-dev openldap-dev postgresql-dev samba-dev zlib-dev && apk add --no-cache --virtual .build-deps && apk --no-cache add freetype gmp icu libmemcached imagemagick imagemagick-libs imagemagick-svg libbz2 libgomp libjpeg-turbo libpq libpq libwebp libzip openldap samba-client zlib && docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp && docker-php-ext-configure ldap && docker-php-ext-install -j "$(nproc)" sysvsem bcmath bz2 exif gd intl ldap opcache pcntl pdo_mysql pdo_pgsql zip gmp # buildkit |
| RUN |1 SNUFFLEUPAGUS_VERSION=0.10.0 /bin/sh -c pecl install APCu && pecl install redis && pecl install smbclient && pecl install memcached-3.2.0 # buildkit |
| RUN |1 SNUFFLEUPAGUS_VERSION=0.10.0 /bin/sh -c pecl install imagick-3.7.0 # buildkit |
| RUN |1 SNUFFLEUPAGUS_VERSION=0.10.0 /bin/sh -c docker-php-ext-enable imagick memcached smbclient redis # buildkit |
| RUN |1 SNUFFLEUPAGUS_VERSION=0.10.0 /bin/sh -c rm -rf /tmp/pear && cd /tmp && git clone --depth 1 --branch v${SNUFFLEUPAGUS_VERSION} https://github.com/jvoisin/snuffleupagus && cd snuffleupagus/src && phpize && ./configure --enable-snuffleupagus && make && make install && apk del build-deps && rm -rf /var/cache/apk/* /tmp/* # buildkit |
| ARG ALPINE_VERSION=3.20 |
| COPY /usr/sbin/nginx /usr/sbin/nginx # buildkit |
| COPY /etc/nginx /etc/nginx # buildkit |
| COPY /tmp/hardened_malloc/out-light/libhardened_malloc-light.so /usr/local/lib/ # buildkit |
| ARG NEXTCLOUD_VERSION=29.0.4 |
| ARG SHA256_SUM=19c469e264b31ee80400f8396460854546569e88db4c15fc0854e192f96027eb |
| ARG GPG_FINGERPRINT=2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A |
| ARG UID=1000 |
| ARG GID=1000 |
| ENV UPLOAD_MAX_SIZE=10G APC_SHM_SIZE=128M OPCACHE_MEM_SIZE=128 MEMORY_LIMIT=512M CRON_PERIOD=5m CRON_MEMORY_LIMIT=1g DB_TYPE=sqlite3 DOMAIN=localhost PHP_HARDENING=true LD_PRELOAD=/usr/local/lib/libhardened_malloc-light.so |
| RUN |7 SNUFFLEUPAGUS_VERSION=0.10.0 ALPINE_VERSION=3.20 NEXTCLOUD_VERSION=29.0.4 SHA256_SUM=19c469e264b31ee80400f8396460854546569e88db4c15fc0854e192f96027eb GPG_FINGERPRINT=2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A UID=1000 GID=1000 /bin/sh -c apk --no-cache add gnupg pcre pcre2 s6 && NEXTCLOUD_TARBALL="nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" && cd /tmp && wget -q https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL} && wget -q https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL}.asc && wget -q https://nextcloud.com/nextcloud.asc && echo "Verifying both integrity and authenticity of ${NEXTCLOUD_TARBALL}..." && CHECKSUM_STATE=$(echo -n $(echo "${SHA256_SUM} ${NEXTCLOUD_TARBALL}" | sha256sum -c) | tail -c 2) && if [ "${CHECKSUM_STATE}" != "OK" ]; then echo "Error: checksum does not match" && exit 1; fi && gpg --import nextcloud.asc && FINGERPRINT="$(LANG=C gpg --verify ${NEXTCLOUD_TARBALL}.asc ${NEXTCLOUD_TARBALL} 2>&1 | sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" && if [ -z "${FINGERPRINT}" ]; then echo "Error: invalid GPG signature!" && exit 1; fi && if [ "${FINGERPRINT}" != "${GPG_FINGERPRINT}" ]; then echo "Error: wrong GPG fingerprint" && exit 1; fi && echo "All seems good, now unpacking ${NEXTCLOUD_TARBALL}..." && mkdir /nextcloud && tar xjf ${NEXTCLOUD_TARBALL} --strip 1 -C /nextcloud && apk del gnupg && rm -rf /tmp/* /root/.gnupg && adduser -g ${GID} -u ${UID} --disabled-password --gecos "" nextcloud && chown -R nextcloud:nextcloud /nextcloud/config # buildkit |
| COPY --chown=nextcloud:nextcloud rootfs / # buildkit |
| RUN |7 SNUFFLEUPAGUS_VERSION=0.10.0 ALPINE_VERSION=3.20 NEXTCLOUD_VERSION=29.0.4 SHA256_SUM=19c469e264b31ee80400f8396460854546569e88db4c15fc0854e192f96027eb GPG_FINGERPRINT=2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A UID=1000 GID=1000 /bin/sh -c chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* # buildkit |
| USER nextcloud |
| WORKDIR /nextcloud |
| VOLUME [/data /nextcloud/config /nextcloud/apps2 /nextcloud/themes] |
| EXPOSE map[8888/tcp:{}] |
| LABEL org.opencontainers.image.description=All-in-one Nextcloud image, based on Alpine Linux org.opencontainers.image.version=29.0.4 org.opencontainers.image.authors=stp-bsh <stp-bsh@steputat-bsh.de> org.opencontainers.image.source=https://git.steputat-bsh.de/circle/docker-nextcloud |
| CMD ["run.sh"] |
Labels
| Key | Value |
|---|---|
| org.opencontainers.image.authors | stp-bsh <stp-bsh@steputat-bsh.de> |
| org.opencontainers.image.description | All-in-one Nextcloud image, based on Alpine Linux |
| org.opencontainers.image.source | https://git.steputat-bsh.de/circle/docker-nextcloud |
| org.opencontainers.image.version | 29.0.4 |