From 0476da579100ae8a1c99f9dea55da28ec42d81d7 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Sat, 1 Mar 2025 09:38:53 -0500 Subject: [PATCH] ilot/nextcloud: new aport --- ..._check-if-storage-id-is-set-on-cache.patch | 62 ++++ ilot/nextcloud30/APKBUILD | 327 ++++++++++++++++++ ilot/nextcloud30/README.alpine | 5 + .../disable-integrity-check-as-default.patch | 23 ++ ilot/nextcloud30/dont-update-htaccess.patch | 42 +++ ilot/nextcloud30/fpm-pool.conf | 200 +++++++++++ ilot/nextcloud30/nextcloud-config.php | 37 ++ ilot/nextcloud30/nextcloud-dont-chmod.patch | 58 ++++ ilot/nextcloud30/nextcloud-mysql.cnf | 3 + ilot/nextcloud30/nextcloud.confd | 8 + ilot/nextcloud30/nextcloud.cron | 6 + ilot/nextcloud30/nextcloud.logrotate | 6 + .../nextcloud30-initscript.post-install | 28 ++ ilot/nextcloud30/nextcloud30.post-install | 11 + ilot/nextcloud30/nextcloud30.post-upgrade | 47 +++ ilot/nextcloud30/nextcloud30.pre-install | 6 + ilot/nextcloud30/nextcloud30.pre-upgrade | 10 + ilot/nextcloud30/occ | 10 + ...use-external-docs-if-local-not-avail.patch | 36 ++ 19 files changed, 925 insertions(+) create mode 100644 ilot/nextcloud30/50813_check-if-storage-id-is-set-on-cache.patch create mode 100644 ilot/nextcloud30/APKBUILD create mode 100644 ilot/nextcloud30/README.alpine create mode 100644 ilot/nextcloud30/disable-integrity-check-as-default.patch create mode 100644 ilot/nextcloud30/dont-update-htaccess.patch create mode 100644 ilot/nextcloud30/fpm-pool.conf create mode 100644 ilot/nextcloud30/nextcloud-config.php create mode 100644 ilot/nextcloud30/nextcloud-dont-chmod.patch create mode 100644 ilot/nextcloud30/nextcloud-mysql.cnf create mode 100644 ilot/nextcloud30/nextcloud.confd create mode 100644 ilot/nextcloud30/nextcloud.cron create mode 100644 ilot/nextcloud30/nextcloud.logrotate create mode 100644 ilot/nextcloud30/nextcloud30-initscript.post-install create mode 100644 ilot/nextcloud30/nextcloud30.post-install create mode 100644 ilot/nextcloud30/nextcloud30.post-upgrade create mode 100644 ilot/nextcloud30/nextcloud30.pre-install create mode 100644 ilot/nextcloud30/nextcloud30.pre-upgrade create mode 100644 ilot/nextcloud30/occ create mode 100644 ilot/nextcloud30/use-external-docs-if-local-not-avail.patch diff --git a/ilot/nextcloud30/50813_check-if-storage-id-is-set-on-cache.patch b/ilot/nextcloud30/50813_check-if-storage-id-is-set-on-cache.patch new file mode 100644 index 0000000..1f704c7 --- /dev/null +++ b/ilot/nextcloud30/50813_check-if-storage-id-is-set-on-cache.patch @@ -0,0 +1,62 @@ +From 59a0bc99824402fc126e58dfcc8da68fc6e41349 Mon Sep 17 00:00:00 2001 +From: Git'Fellow <12234510+solracsf@users.noreply.github.com> +Date: Wed, 12 Feb 2025 11:30:14 +0100 +Subject: [PATCH] fix(SharedStorage): Check if storage ID is set on cache + +Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> +--- + apps/files_sharing/lib/SharedStorage.php | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/apps/files_sharing/lib/SharedStorage.php b/apps/files_sharing/lib/SharedStorage.php +index 2ac157f7970b6..a70632d6faa54 100644 +--- a/apps/files_sharing/lib/SharedStorage.php ++++ b/apps/files_sharing/lib/SharedStorage.php +@@ -29,6 +29,7 @@ use OCP\Files\Storage\IDisableEncryptionStorage; + use OCP\Files\Storage\ISharedStorage; + use OCP\Files\Storage\IStorage; + use OCP\Lock\ILockingProvider; ++use OCP\Server; + use OCP\Share\IShare; + use Psr\Log\LoggerInterface; + +@@ -82,7 +83,7 @@ class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements LegacyISha + + public function __construct($arguments) { + $this->ownerView = $arguments['ownerView']; +- $this->logger = \OC::$server->get(LoggerInterface::class); ++ $this->logger = Server::get(LoggerInterface::class); + + $this->superShare = $arguments['superShare']; + $this->groupedShares = $arguments['groupedShares']; +@@ -142,7 +143,7 @@ class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements LegacyISha + } + + /** @var IRootFolder $rootFolder */ +- $rootFolder = \OC::$server->get(IRootFolder::class); ++ $rootFolder = Server::get(IRootFolder::class); + $this->ownerUserFolder = $rootFolder->getUserFolder($this->superShare->getShareOwner()); + $sourceId = $this->superShare->getNodeId(); + $ownerNodes = $this->ownerUserFolder->getById($sourceId); +@@ -431,7 +432,7 @@ class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements LegacyISha + $this->cache = new \OCA\Files_Sharing\Cache( + $storage, + $sourceRoot, +- \OC::$server->get(CacheDependencies::class), ++ Server::get(CacheDependencies::class), + $this->getShare() + ); + return $this->cache; +@@ -456,10 +457,10 @@ class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements LegacyISha + // Get node information + $node = $this->getShare()->getNodeCacheEntry(); + if ($node instanceof CacheEntry) { +- $storageId = $node->getData()['storage_string_id']; ++ $storageId = $node->getData()['storage_string_id'] ?? null; + // for shares from the home storage we can rely on the home storage to keep itself up to date + // for other storages we need use the proper watcher +- if (!(str_starts_with($storageId, 'home::') || str_starts_with($storageId, 'object::user'))) { ++ if ($storageId !== null && !(str_starts_with($storageId, 'home::') || str_starts_with($storageId, 'object::user'))) { + $this->watcher = parent::getWatcher($path, $storage); + return $this->watcher; + } diff --git a/ilot/nextcloud30/APKBUILD b/ilot/nextcloud30/APKBUILD new file mode 100644 index 0000000..0380785 --- /dev/null +++ b/ilot/nextcloud30/APKBUILD @@ -0,0 +1,327 @@ +# Contributor: Jakub Jirutka +# Contributor: jahway603 +# Maintainer: Leonardo Arena +_pkgname=nextcloud +pkgver=30.0.6 +pkgrel=1 +is_latest=true +_pkgvermaj=${pkgver%%.*} +pkgname=nextcloud$_pkgvermaj +_replaced_ver=$(( _pkgvermaj - 1 )) +pkgdesc="A safe home for all your data" +url="https://nextcloud.com/" +arch="noarch" +license="AGPL-3.0-only" +_php=php83 +_php_mods="-bcmath -ctype -curl -dom -gd -fileinfo -gmp -iconv -intl + -mbstring -opcache -openssl -pcntl -posix -session + -simplexml -xml -xmlreader -xmlwriter -zip" +depends="ca-certificates $_php ${_php_mods//-/$_php-}" +makedepends="xmlstarlet" +$is_latest && provides="$_pkgname=$pkgver-r$pkgrel + $_pkgname-accessibility=$pkgver-r$pkgrel + $pkgname-accessibility=$pkgver-r$pkgrel + $_pkgname-bruteforcesettings=$pkgver-r$pkgrel + $pkgname-bruteforcesettings=$pkgver-r$pkgrel + $_pkgname-contactsinteraction=$pkgver-r$pkgrel + $pkgname-contactsinteraction=$pkgver-r$pkgrel + $_pkgname-cloud_federation_api=$pkgver-r$pkgrel + $pkgname-cloud_federation_api=$pkgver-r$pkgrel + $_pkgname-dav=$pkgver-r$pkgrel + $pkgname-dav=$pkgver-r$pkgrel + $_pkgname-files=$pkgver-r$pkgrel + $pkgname-files=$pkgver-r$pkgrel + $_pkgname-files_videoplayer=$pkgver-r$pkgrel + $pkgname-files_videoplayer=$pkgver-r$pkgrel + $_pkgname-federatedfilesharing=$pkgver-r$pkgrel + $pkgname-federatedfilesharing=$pkgver-r$pkgrel + $_pkgname-lookup_server_connector=$pkgver-r$pkgrel + $pkgname-lookup_server_connector=$pkgver-r$pkgrel + $_pkgname-oauth2=$pkgver-r$pkgrel + $pkgname-oauth2=$pkgver-r$pkgrel + $_pkgname-provisioning_api=$pkgver-r$pkgrel + $pkgname-provisioning_api=$pkgver-r$pkgrel + $_pkgname-related_resources=$pkgver-r$pkgrel + $pkgname-related_resources=$pkgver-r$pkgrel + $_pkgname-settings=$pkgver-r$pkgrel + $pkgname-settings=$pkgver-r$pkgrel + $_pkgname-theming=$pkgver-r$pkgrel + $pkgname-theming=$pkgver-r$pkgrel + $_pkgname-twofactor_backupcodes=$pkgver-r$pkgrel + $pkgname-twofactor_backupcodes=$pkgver-r$pkgrel + $_pkgname-twofactor_nextcloud_notification=$pkgver-r$pkgrel + $pkgname-twofactor_nextcloud_notification=$pkgver-r$pkgrel + $_pkgname-twofactor_totp=$pkgver-r$pkgrel + $pkgname-twofactor_totp=$pkgver-r$pkgrel + $_pkgname-viewer=$pkgver-r$pkgrel + $pkgname-viewer=$pkgver-r$pkgrel + $_pkgname-workflowengine=$pkgver-r$pkgrel + $pkgname-workflowengine=$pkgver-r$pkgrel + " || provides="$pkgname-accessibility=$pkgver-r$pkgrel + $pkgname-bruteforcesettings=$pkgver-r$pkgrel + $pkgname-contactsinteraction=$pkgver-r$pkgrel + $pkgname-cloud_federation_api=$pkgver-r$pkgrel + $pkgname-dav=$pkgver-r$pkgrel + $pkgname-files=$pkgver-r$pkgrel + $pkgname-files_videoplayer=$pkgver-r$pkgrel + $pkgname-federatedfilesharing=$pkgver-r$pkgrel + $pkgname-lookup_server_connector=$pkgver-r$pkgrel + $pkgname-oauth2=$pkgver-r$pkgrel + $pkgname-provisioning_api=$pkgver-r$pkgrel + $pkgname-related_resources=$pkgver-r$pkgrel + $pkgname-settings=$pkgver-r$pkgrel + $pkgname-theming=$pkgver-r$pkgrel + $pkgname-twofactor_backupcodes=$pkgver-r$pkgrel + $pkgname-twofactor_nextcloud_notification=$pkgver-r$pkgrel + $pkgname-twofactor_totp=$pkgver-r$pkgrel + $pkgname-viewer=$pkgver-r$pkgrel + $pkgname-workflowengine=$pkgver-r$pkgrel + " +replaces="nextcloud$_replaced_ver" +install="$pkgname.pre-install $pkgname.pre-upgrade $pkgname.post-upgrade $pkgname.post-install + $pkgname-initscript.post-install" +subpackages="$pkgname-doc $pkgname-initscript $pkgname-mysql $pkgname-pgsql $pkgname-sqlite + $pkgname-default-apps:_default_apps $pkgname-occ" +source="https://download.nextcloud.com/server/releases/nextcloud-$pkgver.tar.bz2 + nextcloud-dont-chmod.patch + dont-update-htaccess.patch + disable-integrity-check-as-default.patch + use-external-docs-if-local-not-avail.patch + 50813_check-if-storage-id-is-set-on-cache.patch + + $_pkgname-config.php + $_pkgname.logrotate + $_pkgname.confd + $_pkgname.cron + $_pkgname-mysql.cnf + fpm-pool.conf + occ + " +options="!check" +pkgusers="nextcloud" +pkggroups="www-data" +builddir="$srcdir"/$_pkgname + +# List of bundled apps to separate into subpackages. Keep it in sync! +# Note: Don't add "bruteforcesettings", "contactsinteraction", +# "cloud_federation_api", "dav", "files", +# "federatedfilesharing", "lookup_server_connector", "provisioning_api", +# "oauth2", "settings", "twofactor_backupcodes", "twofactor_totp", +# "twofactor_nextcloud_notification", "theming", "viewer", +# "workflowengine", "related_resources" +# here, these should be always installed. +_apps="activity + admin_audit + circles + comments + dashboard + encryption + federation + files_downloadlimit + files_external + files_pdfviewer + files_reminders + files_sharing + files_trashbin + files_versions + firstrunwizard + logreader + nextcloud_announcements + notifications + password_policy + photos + privacy + recommendations + serverinfo + support + sharebymail + survey_client + suspicious_login + systemtags + text + user_ldap + user_status + weather_status + webhook_listeners + " +for _i in $_apps; do + subpackages="$subpackages $pkgname-$_i:_package_app" +done + +# Directory for apps shipped with Nextcloud. +_appsdir="usr/share/webapps/$_pkgname/apps" + +package() { + local basedir="var/lib/$_pkgname" + local datadir="$basedir/data" + local wwwdir="usr/share/webapps/$_pkgname" + local confdir="etc/$_pkgname" + + mkdir -p "$pkgdir" + cd "$pkgdir" + + mkdir -p ./${wwwdir%/*} + cp -a "$builddir" ./$wwwdir + + chmod +x ./$wwwdir/occ + chmod 664 ./$wwwdir/.htaccess \ + ./$wwwdir/.user.ini + + # Let's not ship upstream's 'updatenotification' app and updater, which + # has zero chance of working and a big chance of blowing things up. + rm -r ./$wwwdir/apps/updatenotification \ + ./$wwwdir/lib/private/Updater/VersionCheck.php + + # Replace bundled CA bundle with ours. + ln -sf /etc/ssl/certs/ca-certificates.crt ./$wwwdir/resources/config/ca-bundle.crt + + install -d -m 770 -o nextcloud -g www-data \ + ./$confdir ./$datadir ./$basedir/apps + install -d -m 775 -o nextcloud -g www-data \ + ./var/log/$_pkgname + + # Create symlink from web root to site-apps, so web server can find + # assets w/o explicit configuration for this layout. + ln -s /$basedir/apps ./$wwwdir/apps-appstore + + mv ./$wwwdir/config/* ./$confdir/ + rm -r ./$wwwdir/config + ln -s /$confdir ./$wwwdir/config + + mkdir -p ./usr/share/doc/$pkgname + mv ./$wwwdir/core/doc ./usr/share/doc/$pkgname/core + + install -m 660 -o nextcloud -g www-data \ + "$srcdir"/$_pkgname-config.php ./$confdir/config.php + + install -m 644 -D "$srcdir"/$_pkgname.logrotate ./etc/logrotate.d/$_pkgname + + install -m 755 -D "$srcdir"/occ ./usr/bin/occ + + # Clean some unnecessary files. + find . -name .gitignore -delete \ + -o -name .bower.json -delete \ + -o -name 'README*' -delete \ + -o -name 'CHANGELOG*' -delete \ + -o -name 'CONTRIBUTING*' -delete + find . -name .github -type d -prune -exec rm -r {} \; +} + +doc() { + replaces="nextcloud$_replaced_ver-doc" + $is_latest && provides="$_pkgname-doc=$pkgver-r$pkgrel" + default_doc + + local target="$subpkgdir"/usr/share/webapps/$_pkgname/core/doc + mkdir -p "${target%/*}" + ln -s ../../../doc/$pkgname/core "$target" + install -m644 README.alpine "$subpkgdir"/usr/share/webapps/$_pkgname/README.alpine +} + +initscript() { + pkgdesc="Init script that runs Nextcloud with php-fpm" + depends="$pkgname $_php-fpm" + replaces="nextcloud$_replaced_ver-initscript" + $is_latest && provides="$_pkgname-initscript=$pkgver-r$pkgrel" + + local confdir="$subpkgdir/etc/$_php/php-fpm.d" + local fpm_name="php-fpm${_php#php}" + + install -m 644 -D "$srcdir"/fpm-pool.conf "$confdir"/$_pkgname.conf + install -m 644 -D "$srcdir"/$_pkgname.confd "$subpkgdir"/etc/conf.d/$_pkgname + install -m 755 -D "$srcdir"/$_pkgname.cron "$subpkgdir"/etc/periodic/15min/$_pkgname + + mkdir -p "$subpkgdir"/etc/init.d + ln -s $fpm_name "$subpkgdir"/etc/init.d/$_pkgname +} + +pgsql() { + pkgdesc="Nextcloud PostgreSQL support" + depends="$pkgname $_php-pgsql $_php-pdo_pgsql" + replaces="nextcloud$_replaced_ver-pgsql" + $is_latest && provides="$_pkgname-pgsql=$pkgver-r$pkgrel" + mkdir -p "$subpkgdir" +} + +sqlite() { + pkgdesc="Nextcloud SQLite support" + depends="$pkgname $_php-sqlite3 $_php-pdo_sqlite" + replaces="nextcloud$_replaced_ver-sqlite" + $is_latest && provides="$_pkgname-sqlite=$pkgver-r$pkgrel" + mkdir -p "$subpkgdir" +} + +mysql() { + pkgdesc="Nextcloud MySQL support" + depends="$pkgname $_php-pdo_mysql" + replaces="nextcloud$_replaced_ver-mysql" + $is_latest && provides="$_pkgname-mysql=$pkgver-r$pkgrel" + + mkdir -p "$subpkgdir" + install -m 644 -D "$srcdir"/$_pkgname-mysql.cnf "$subpkgdir"/etc/my.cnf.d/$_pkgname.cnf +} + +occ() { + pkgdesc="Nextcloud OCC cmd" + replaces="nextcloud$_replaced_ver-occ" + $is_latest && provides="$_pkgname-occ=$pkgver-r$pkgrel" + mkdir -p "$subpkgdir/usr/share/webapps/$_pkgname" + amove "usr/share/webapps/$_pkgname/occ" + amove "usr/bin/occ" +} + +_default_apps() { + pkgdesc="Nextcloud default apps" + depends="$pkgname" + replaces="nextcloud$_replaced_ver-default-apps" + $is_latest && provides="$_pkgname-default-apps=$pkgver-r$pkgrel" + + local path; for path in "$pkgdir"/"$_appsdir"/*; do + if grep -q '' "$path"/appinfo/info.xml; then + depends="$depends $pkgname-${path##*/}" + fi + done + + mkdir -p "$subpkgdir" +} + +_package_app() { + local appname="${subpkgname#"$pkgname"-}" + local appinfo="$pkgdir/$_appsdir/$appname/appinfo/info.xml" + + local name=$(xmlstarlet sel -t -v 'info/name/text()' "$appinfo") + pkgdesc="Nextcloud ${name:-$appname} app" + replaces="nextcloud$_replaced_ver-$appname" + $is_latest && provides="$_pkgname-$appname=$pkgver-r$pkgrel" + + local php_deps=$(xmlstarlet sel -t -v 'info/dependencies/lib/text()' "$appinfo" \ + | xargs -r -n1 printf "$_php-%s\n") + local app_deps="" + + case "$appname" in + files_sharing) app_deps="-federatedfilesharing" + ;; + serverinfo) app_deps="-files_sharing" + esac + + depends="$pkgname $php_deps ${app_deps//-/$pkgname-}" + + mkdir -p "$subpkgdir"/$_appsdir + mv "$pkgdir"/$_appsdir/$appname "$subpkgdir"/$_appsdir/ +} + +sha512sums=" +5eb98bf8badcf9a1e0b0482c230dae573a7e577281502dd7ac46804bec2a1bb5aa82dd5e5dc800380a9852e8d076432a819032fdabbf39c09bc902c257aeffa3 nextcloud-30.0.6.tar.bz2 +aea0adb2c3a48ec6af2958c6ccfe13adff86316a56084e763b7e6df9e21aa3435b13305b7c15cc2b795e83c9388b05006862f6465c29e3dc2c1fbd8eb8befcb9 nextcloud-dont-chmod.patch +12f4a39aef0f81a0115c81bf2b345cc194537a7e8300748b800b0e35bc07928091296074b23c2019c17aced69854a11d1ed7225f67eefd27cf00c3969a75c5b0 dont-update-htaccess.patch +cb04252d01407c7030e87dd54616c621ea0f85ef0212674b1161288182538cae0fb31c67e7cc07c66f9607075774c64e386009cc66365b1f1b155f6ad4f83ac0 disable-integrity-check-as-default.patch +c0a9b7c31c8beaca711f8e97d98441007b3dca7fb3d316d2eacd28a73b5233def6f846c02d98202f75efb9cb248b8787a80e20b07c32d1c7534a0e54bb20feab use-external-docs-if-local-not-avail.patch +5925787e34c39ad217103b9ebe82654c612a97e70d4b2208c77f84847afb1bcccd929366a807fa76ff929a7ee7e8008eaa58fd950915ffcce8ef2ddf97ef9d1d 50813_check-if-storage-id-is-set-on-cache.patch +5f73cd9399fa484ef15bd47e803c93381deffbc7699eceadbb5c27e43b20156806d74e5021a64d28f0165ef87b519e962780651711a37bceb9f0b04455dfdce1 nextcloud-config.php +7388458a9e8b7afd3d3269718306410ffa59c3c23da4bef367a4d7f6d2570136fae9dd421b19c1441e7ffb15a5405e18bb5da67b1a15f9f45e8b98d3fda532ba nextcloud.logrotate +dcc57735d7d4af4a7ebbdd1186d301e51d2ae4675022aea6bf1111222dfa188a3a490ebd6e7c8a7ac30046cb7d93f81cec72a51acbc60d0c10b7fb64630c637a nextcloud.confd +06a62deae219d09df7acbf38ccb1dcac691dd882459ef70243b5583d7ed21d1ea81dbf0751b4e7199c0de9878755a3882e139d9ccc280bf2e90cbe33fb565487 nextcloud.cron +b9ad5434c384c96608f00d65c45f782e279c6756da8fb706f62ecaf7b7aa420077cb6989da5e85becc47418884ec0672e7db874174454ca679fdca84a50f537f nextcloud-mysql.cnf +78ef204ee7c12b228c0b7b04333514e561c1c8e19153f5507224fa4fdd112aaaa6331747014f3b72181298f52ecd4223bcff4bd963b49b49153265254b07e79b fpm-pool.conf +be54ad9308c8250ff3aef3514b10b228487fc2fbdefa1d28dbbb18a4770f7d9fda90e80c722de8e3c25ce752d124ff79314f16f783b1e5ad67df4e1fe6e880f9 occ +" diff --git a/ilot/nextcloud30/README.alpine b/ilot/nextcloud30/README.alpine new file mode 100644 index 0000000..229ab60 --- /dev/null +++ b/ilot/nextcloud30/README.alpine @@ -0,0 +1,5 @@ +## nextcloud-serverinfo package + +If you are using the provided nextcloud php-fpm configuration, +nextcloud-serverinfo package requires to enable 'shell_exec' function +in php configuration file 'nextcloud.conf'. diff --git a/ilot/nextcloud30/disable-integrity-check-as-default.patch b/ilot/nextcloud30/disable-integrity-check-as-default.patch new file mode 100644 index 0000000..f6a3a11 --- /dev/null +++ b/ilot/nextcloud30/disable-integrity-check-as-default.patch @@ -0,0 +1,23 @@ +We patch some files and Nextcloud's integrity check doesn't like it... +APK ensures integrity of all installed files, so this Nextcloud's integrity +check doesn't add any value. +--- + lib/private/IntegrityCheck/Checker.php | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/private/IntegrityCheck/Checker.php b/lib/private/IntegrityCheck/Checker.php +index e8fd087e..cfbaeb7d 100644 +--- a/lib/private/IntegrityCheck/Checker.php ++++ b/lib/private/IntegrityCheck/Checker.php +@@ -91,7 +91,7 @@ class Checker { + * applicable for very specific scenarios and we should not advertise it + * too prominent. So please do not add it to config.sample.php. + */ +- return !($this->config?->getSystemValueBool('integrity.check.disabled', false) ?? false); ++ return !($this->config?->getSystemValueBool('integrity.check.disabled', true) ?? true); + } + + /** +-- +2.44.0 + diff --git a/ilot/nextcloud30/dont-update-htaccess.patch b/ilot/nextcloud30/dont-update-htaccess.patch new file mode 100644 index 0000000..87ec6a1 --- /dev/null +++ b/ilot/nextcloud30/dont-update-htaccess.patch @@ -0,0 +1,42 @@ +Don't mess with .htaccess files. + +Patch ported from https://src.fedoraproject.org/cgit/rpms/nextcloud.git/tree/nextcloud-9.1.0-dont_update_htacess.patch +--- + core/register_command.php | 1 - + lib/private/Updater.php | 8 -------- + 2 files changed, 9 deletions(-) + +diff --git a/core/register_command.php b/core/register_command.php +index 4a84e551..a5158dc4 100644 +--- a/core/register_command.php ++++ b/core/register_command.php +@@ -136,7 +136,6 @@ if ($config->getSystemValueBool('installed', false)) { + $application->add(Server::get(Command\Maintenance\Mimetype\UpdateDB::class)); + $application->add(Server::get(Command\Maintenance\Mimetype\UpdateJS::class)); + $application->add(Server::get(Command\Maintenance\Mode::class)); +- $application->add(Server::get(Command\Maintenance\UpdateHtaccess::class)); + $application->add(Server::get(Command\Maintenance\UpdateTheme::class)); + + $application->add(Server::get(Command\Upgrade::class)); +diff --git a/lib/private/Updater.php b/lib/private/Updater.php +index 09866273..59144308 100644 +--- a/lib/private/Updater.php ++++ b/lib/private/Updater.php +@@ -230,14 +230,6 @@ class Updater extends BasicEmitter { + throw new \Exception('Updates between multiple major versions and downgrades are unsupported.'); + } + +- // Update .htaccess files +- try { +- Setup::updateHtaccess(); +- Setup::protectDataDirectory(); +- } catch (\Exception $e) { +- throw new \Exception($e->getMessage()); +- } +- + // create empty file in data dir, so we can later find + // out that this is indeed an ownCloud data directory + // (in case it didn't exist before) +-- +2.44.0 + diff --git a/ilot/nextcloud30/fpm-pool.conf b/ilot/nextcloud30/fpm-pool.conf new file mode 100644 index 0000000..cae9acc --- /dev/null +++ b/ilot/nextcloud30/fpm-pool.conf @@ -0,0 +1,200 @@ +[global] +; Error log file +; Default Value: log/php-fpm.log +error_log = /var/log/nextcloud/php-fpm.log + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +log_level = warning + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +emergency_restart_threshold = 10 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +emergency_restart_interval = 1m + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +process_control_timeout = 10s + + +[nextcloud] +user = nextcloud +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket (the path is *not* +; relative to chroot!) +; Note: This value is mandatory. +listen = /run/nextcloud/fastcgi.sock + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0666 +listen.mode = 0660 + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static ... a fixed number of child processes. +; dynamic ... the number of child processes are set dynamically. +; ondemand ... no children are created at startup; children will be forked +; when new requests will connect. +; Note: This value is mandatory. +pm = ondemand + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 10 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +pm.process_idle_timeout = 120s + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +pm.status_path = + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +ping.path = /ping + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +; Note: the path is *not* relative to chroot. +;slowlog = /var/log/nextcloud/php-fpm.slow.log + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. +; +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. +; +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr/lib/php7.x) + +; Allow HTTP file uploads. +php_admin_flag[file_uploads] = true + +; Maximal size of a file that can be uploaded via web interface. +php_admin_value[memory_limit] = 512M +php_admin_value[post_max_size] = 513M +php_admin_value[upload_max_filesize] = 513M + +; Where to store temporary files. +php_admin_value[session.save_path] = /var/tmp/nextcloud +php_admin_value[sys_temp_dir] = /var/tmp/nextcloud +php_admin_value[upload_tmp_dir] = /var/tmp/nextcloud + +; Log errors to specified file. +php_admin_flag[log_errors] = on +php_admin_value[error_log] = /var/log/nextcloud/php.error.log + +; OPcache error_log file name. Empty string assumes "stderr" +php_admin_value[opcache.error_log] = /var/log/nextcloud/php.error.log + +; Output buffering is a mechanism for controlling how much output data +; (excluding headers and cookies) PHP should keep internally before pushing that +; data to the client. If your application's output exceeds this setting, PHP +; will send that data in chunks of roughly the size you specify. +; This must be disabled for ownCloud. +php_admin_flag[output_buffering] = false + +; Overload(replace) single byte functions by mbstring functions. +; This must be disabled for ownCloud. +php_admin_flag[mbstring.func_overload] = false + +; Never populate the $HTTP_RAW_POST_DATA variable. +; http://php.net/always-populate-raw-post-data +php_admin_value[always_populate_raw_post_data] = -1 + +; Disable certain functions for security reasons. +; http://php.net/disable-functions +php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,curl_multi_exec,show_source + +; Set recommended settings for OpCache. +; https://docs.nextcloud.com/server/13/admin_manual/configuration_server/server_tuning.html#enable-php-opcache +php_admin_flag[opcache.enable] = true +php_admin_flag[opcache.enable_cli] = true +php_admin_flag[opcache.save_comments] = true +php_admin_value[opcache.interned_strings_buffer] = 8 +php_admin_value[opcache.max_accelerated_files] = 10000 +php_admin_value[opcache.memory_consumption] = 128 +php_admin_value[opcache.revalidate_freq] = 1 diff --git a/ilot/nextcloud30/nextcloud-config.php b/ilot/nextcloud30/nextcloud-config.php new file mode 100644 index 0000000..035fb79 --- /dev/null +++ b/ilot/nextcloud30/nextcloud-config.php @@ -0,0 +1,37 @@ + '/var/lib/nextcloud/data', + 'logfile' => '/var/log/nextcloud/nextcloud.log', + 'apps_paths' => array ( + // Read-only location for apps shipped with Nextcloud and installed by apk. + 0 => array ( + 'path' => '/usr/share/webapps/nextcloud/apps', + 'url' => '/apps', + 'writable' => false, + ), + // Writable location for apps installed from AppStore. + 1 => array ( + 'path' => '/var/lib/nextcloud/apps', + 'url' => '/apps-appstore', + 'writable' => true, + ), + ), + 'updatechecker' => false, + 'check_for_working_htaccess' => false, + + // Uncomment to enable Zend OPcache. + //'memcache.local' => '\OC\Memcache\APCu', + + // Uncomment this and add user nextcloud to the redis group to enable Redis + // cache for file locking. This is highly recommended, see + // https://github.com/nextcloud/server/issues/9305. + //'memcache.locking' => '\OC\Memcache\Redis', + //'redis' => array( + // 'host' => '/run/redis/redis.sock', + // 'port' => 0, + // 'dbindex' => 0, + // 'timeout' => 1.5, + //), + + 'installed' => false, +); diff --git a/ilot/nextcloud30/nextcloud-dont-chmod.patch b/ilot/nextcloud30/nextcloud-dont-chmod.patch new file mode 100644 index 0000000..2145508 --- /dev/null +++ b/ilot/nextcloud30/nextcloud-dont-chmod.patch @@ -0,0 +1,58 @@ +commit d8f09abd65e5fd620b8b0d720daee293c355660c +Author: Leonardo Arena +Date: Mon Aug 31 06:59:15 2020 +0000 + + Don't chmod. The package takes care of setting the right permissions for directories and files + +diff --git a/lib/private/Config.php b/lib/private/Config.php +index cbdbc5b2..1118981b 100644 +--- a/lib/private/Config.php ++++ b/lib/private/Config.php +@@ -242,9 +242,6 @@ class Config { + touch($this->configFilePath); + $filePointer = fopen($this->configFilePath, 'r+'); + +- // Prevent others not to read the config +- chmod($this->configFilePath, 0640); +- + // File does not exist, this can happen when doing a fresh install + if (!is_resource($filePointer)) { + throw new HintException( +diff --git a/lib/private/Log/File.php b/lib/private/Log/File.php +index 9e9abb11..7db25286 100644 +--- a/lib/private/Log/File.php ++++ b/lib/private/Log/File.php +@@ -82,9 +82,6 @@ class File extends LogDetails implements IWriter, IFileBased { + public function write(string $app, $message, int $level) { + $entry = $this->logDetailsAsJSON($app, $message, $level); + $handle = @fopen($this->logFile, 'a'); +- if ($this->logFileMode > 0 && is_file($this->logFile) && (fileperms($this->logFile) & 0777) != $this->logFileMode) { +- @chmod($this->logFile, $this->logFileMode); +- } + if ($handle) { + fwrite($handle, $entry."\n"); + fclose($handle); +diff --git a/lib/private/TempManager.php b/lib/private/TempManager.php +index 49d4ee94..b0943843 100644 +--- a/lib/private/TempManager.php ++++ b/lib/private/TempManager.php +@@ -96,7 +96,6 @@ class TempManager implements ITempManager { + if ($postFix !== '') { + $fileNameWithPostfix = $this->buildFileNameWithSuffix($file, $postFix); + touch($fileNameWithPostfix); +- chmod($fileNameWithPostfix, 0600); + $this->current[] = $fileNameWithPostfix; + return $fileNameWithPostfix; + } +diff --git a/lib/private/legacy/OC_Util.php b/lib/private/legacy/OC_Util.php +index 71f6edba..216abdf8 100644 +--- a/lib/private/legacy/OC_Util.php ++++ b/lib/private/legacy/OC_Util.php +@@ -1004,7 +1004,6 @@ class OC_Util { + . ' cannot be listed by other users.'); + $perms = substr(decoct(@fileperms($dataDirectory)), -3); + if (substr($perms, -1) !== '0') { +- chmod($dataDirectory, 0770); + clearstatcache(); + $perms = substr(decoct(@fileperms($dataDirectory)), -3); + if ($perms[2] !== '0') { diff --git a/ilot/nextcloud30/nextcloud-mysql.cnf b/ilot/nextcloud30/nextcloud-mysql.cnf new file mode 100644 index 0000000..ff90630 --- /dev/null +++ b/ilot/nextcloud30/nextcloud-mysql.cnf @@ -0,0 +1,3 @@ +[server] +# See https://github.com/nextcloud/server/issues/25436 +innodb_read_only_compressed=off diff --git a/ilot/nextcloud30/nextcloud.confd b/ilot/nextcloud30/nextcloud.confd new file mode 100644 index 0000000..b24f26d --- /dev/null +++ b/ilot/nextcloud30/nextcloud.confd @@ -0,0 +1,8 @@ +# Config file for /etc/init.d/nextcloud + +name="Nextcloud" +user="nextcloud" +group="www-data" + +# Uncomment if you use Nextcloud with Redis for caching. +#rc_need="redis" diff --git a/ilot/nextcloud30/nextcloud.cron b/ilot/nextcloud30/nextcloud.cron new file mode 100644 index 0000000..398cb11 --- /dev/null +++ b/ilot/nextcloud30/nextcloud.cron @@ -0,0 +1,6 @@ +#!/bin/sh + +# Run only when nextcloud service is started. +if rc-service nextcloud -q status >/dev/null 2>&1; then + su nextcloud -s /bin/sh -c 'php83 -f /usr/share/webapps/nextcloud/cron.php' +fi diff --git a/ilot/nextcloud30/nextcloud.logrotate b/ilot/nextcloud30/nextcloud.logrotate new file mode 100644 index 0000000..19e17fd --- /dev/null +++ b/ilot/nextcloud30/nextcloud.logrotate @@ -0,0 +1,6 @@ +/var/log/nextcloud/*.log { + daily + compress + copytruncate + su nextcloud www-data +} diff --git a/ilot/nextcloud30/nextcloud30-initscript.post-install b/ilot/nextcloud30/nextcloud30-initscript.post-install new file mode 100644 index 0000000..48f1351 --- /dev/null +++ b/ilot/nextcloud30/nextcloud30-initscript.post-install @@ -0,0 +1,28 @@ +#!/bin/sh + +# It's not needed to be writable for www-data group when running with php-fpm. +for dir in /etc/nextcloud \ + /etc/nextcloud/config.php \ + /var/lib/nextcloud/data \ + /var/lib/nextcloud/apps +do + chmod g-w $dir +done +chgrp root /etc/nextcloud/config.php + +# This must be writable (only) by nextcloud user. +chmod 750 /var/log/nextcloud + +mkdir /var/tmp/nextcloud # If /var/tmp doesn't exist there's a big problem +chown nextcloud /var/tmp/nextcloud +chmod 700 /var/tmp/nextcloud + +cat <&2 +echo ' please do the following:' >&2 +echo +echo ' * Run "apk upgrade -a" a second time to complete the upgrade of all' >&2 +echo ' nextcloud packages' >&2 +echo ' * Run "occ upgrade" to finish upgrading your Nextcloud instance' >&2 +echo ' * NOTE: since v29.0.4-r1 "occ" command is now in package "nextcloudNN-occ"' >&2 +echo diff --git a/ilot/nextcloud30/nextcloud30.post-upgrade b/ilot/nextcloud30/nextcloud30.post-upgrade new file mode 100644 index 0000000..be7e267 --- /dev/null +++ b/ilot/nextcloud30/nextcloud30.post-upgrade @@ -0,0 +1,47 @@ +#!/bin/sh + +ver_new="$1" +ver_old="$2" + +if [ $(apk version -t "$ver_old" '12.0.0-r2') = '<' ]; then + cat >&2 <<-EOF + * + * All Nextcloud's bundled apps (except "files" and "dav") have been moved to + * separate subpackages (e.g. nextcloud-activity). If you want to install + * all apps that are enabled by default at once, run: + * + * apk add nextcloud-default-apps + * + EOF + + if [ "$(ls -A /var/lib/nextcloud/apps)" ]; then + cat >&2 <<-EOF + * + * Nextcloud's bundled apps have been moved from /var/lib/nextcloud/apps + * to /usr/share/webapps/nextcloud/apps. Only apps installed from App Store + * should be stored in /var/lib/nextcloud/apps. + * + * It seems that you have installed some apps from App Store, so you have to + * add /var/lib/nextcloud/apps to your apps_paths. Copy "apps_paths" key + * from /etc/nextcloud/config.php.apk-new to your config.php. + * + EOF + fi +fi + +if [ $(apk version -t "$ver_old" '15.0.2-r0') = '<' ]; then + cat >&2 <<-EOF + * + * App "user_external" is no longer available via release channel. + * You need to uninstall the package and install it via appstore: + * + * apk del nextcloud-user_external + * + EOF + +fi + +if [ "${ver_new%-r*}" != "${ver_old%-r*}" ]; then + echo ' * Run "occ upgrade" to finish upgrading your NextCloud instance!' >&2 + echo ' * NOTE: since v29.0.4-r1 "occ" command is now in package "nextcloudNN-occ"' >&2 +fi diff --git a/ilot/nextcloud30/nextcloud30.pre-install b/ilot/nextcloud30/nextcloud30.pre-install new file mode 100644 index 0000000..e9cf539 --- /dev/null +++ b/ilot/nextcloud30/nextcloud30.pre-install @@ -0,0 +1,6 @@ +#!/bin/sh + +addgroup -S -g 82 www-data 2>/dev/null +adduser -S -D -H -h /var/lib/nextcloud -s /sbin/nologin -G www-data -g Nextcloud nextcloud 2>/dev/null + +exit 0 diff --git a/ilot/nextcloud30/nextcloud30.pre-upgrade b/ilot/nextcloud30/nextcloud30.pre-upgrade new file mode 100644 index 0000000..f444e78 --- /dev/null +++ b/ilot/nextcloud30/nextcloud30.pre-upgrade @@ -0,0 +1,10 @@ +#!/bin/sh + +ver_old="$2" +apps_link='/usr/share/webapps/nextcloud/apps' + +# Remove apps symlink before replacing files to avoid losing installed apps. +# This is a workaround for some issue in apk. +if [ $(apk version -t "$ver_old" '12.0.0-r2') = '<' ] && [ -L "$apps_link" ]; then + rm "$apps_link" +fi diff --git a/ilot/nextcloud30/occ b/ilot/nextcloud30/occ new file mode 100644 index 0000000..57b8ef3 --- /dev/null +++ b/ilot/nextcloud30/occ @@ -0,0 +1,10 @@ +#!/bin/sh + +NEXTCLOUD_DIR='/usr/share/webapps/nextcloud' +: ${NEXTCLOUD_USER:="nextcloud"} + +if [ "$(id -un)" != "$NEXTCLOUD_USER" ]; then + exec su -s /bin/sh "$NEXTCLOUD_USER" -c '$0 "$@"' -- php83 $NEXTCLOUD_DIR/occ "$@" +else + exec php83 $NEXTCLOUD_DIR/occ "$@" +fi diff --git a/ilot/nextcloud30/use-external-docs-if-local-not-avail.patch b/ilot/nextcloud30/use-external-docs-if-local-not-avail.patch new file mode 100644 index 0000000..42af94b --- /dev/null +++ b/ilot/nextcloud30/use-external-docs-if-local-not-avail.patch @@ -0,0 +1,36 @@ +From f17c14956c51206ad82acc5d9b66fd752f0e3c03 Mon Sep 17 00:00:00 2001 +From: Jakub Jirutka +Date: Tue, 19 Dec 2023 07:53:40 +0000 +Subject: [PATCH] use external docs if local not available + +--- + apps/settings/templates/help.php | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/apps/settings/templates/help.php b/apps/settings/templates/help.php +index 649178c1..29b5ac4c 100644 +--- a/apps/settings/templates/help.php ++++ b/apps/settings/templates/help.php +@@ -48,8 +48,19 @@ + + +
++ + ++ ++
++

Local documentation is not installed

++

Please use ++ ++ t('online documentation')); ?> ↗ ++ ++

++
++ +
+ +
+-- +2.42.0 +