From 4ebf6d76ed85c2550de330d5db7df58135dcffe2 Mon Sep 17 00:00:00 2001
From: Michele Cereda <cereda.michele@gmail.com>
Date: Mon, 20 May 2024 16:07:19 +0200
Subject: [PATCH] chore(nextcloud): update containers files

---
 containers/nextcloud-aio/Makefile           | 14 +++++
 containers/nextcloud-aio/docker-compose.yml | 33 ++++++++++++
 containers/nextcloud/Makefile               | 26 +++++++++
 containers/nextcloud/README.md              | 16 ------
 containers/nextcloud/docker-compose.yml     | 59 +++++++++++++++------
 5 files changed, 117 insertions(+), 31 deletions(-)
 create mode 100644 containers/nextcloud-aio/Makefile
 create mode 100644 containers/nextcloud-aio/docker-compose.yml
 create mode 100644 containers/nextcloud/Makefile
 delete mode 100644 containers/nextcloud/README.md

diff --git a/containers/nextcloud-aio/Makefile b/containers/nextcloud-aio/Makefile
new file mode 100644
index 0000000..e470c32
--- /dev/null
+++ b/containers/nextcloud-aio/Makefile
@@ -0,0 +1,14 @@
+#!/usr/bin/env make
+
+firewalld-open: override service_name ?= nextcloud
+firewalld-open: override port ?= 8080
+firewalld-open: ${shell which 'firewall-cmd'}
+	@sudo firewall-cmd --permanent --new-service '${service_name}'
+	@sudo firewall-cmd --permanent --service '${service_name}' --set-description 'FIXME'
+	@sudo firewall-cmd --permanent --service '${service_name}' --set-short 'FIXME'
+	@sudo firewall-cmd --permanent --service '${service_name}' --add-port '${port}/tcp'
+	@sudo firewall-cmd --permanent --add-service '${service_name}'
+	@sudo firewall-cmd --reload
+
+composition-go-brrr: ${shell which 'docker-compose'}
+	@docker-compose up -d
diff --git a/containers/nextcloud-aio/docker-compose.yml b/containers/nextcloud-aio/docker-compose.yml
new file mode 100644
index 0000000..2bc1a7f
--- /dev/null
+++ b/containers/nextcloud-aio/docker-compose.yml
@@ -0,0 +1,33 @@
+---
+
+# this method kinda sucks imho, but hey… ¯\_(ツ)_/¯
+
+# sources:
+# - https://github.com/nextcloud/all-in-one
+# - https://github.com/nextcloud/all-in-one/blob/main/compose.yaml
+# - https://hub.docker.com/r/nextcloud/all-in-one
+
+version: '3'
+
+services:
+  nextcloud-aio:
+    image: nextcloud/all-in-one:20240502_104630-latest
+    container_name:
+      # not allowed to be changed, since mastercontainer updates would fail
+      nextcloud-aio-mastercontainer
+    init: true
+    restart: unless-stopped
+    publish:
+      - # used for the AIO interface and uses a self-signed certificate by default
+        8080:8080
+      # - # used for getting valid certificates for the AIO interface if you want to use port 8443
+      #   80:80
+      # - 8443:8443
+    volumes:
+      - config:/mnt/docker-aio-config
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+volumes:
+  config:
+    name:
+      # not allowed to be changed, since built-in backups would fail later on
+      nextcloud_aio_mastercontainer
diff --git a/containers/nextcloud/Makefile b/containers/nextcloud/Makefile
new file mode 100644
index 0000000..2f21cee
--- /dev/null
+++ b/containers/nextcloud/Makefile
@@ -0,0 +1,26 @@
+#!/usr/bin/env make
+
+pre-flight: override nextcloud_admin_user ?= nextcloud
+pre-flight: override nextcloud_admin_password ?= nextcloud
+pre-flight: override postgres_user ?= postgres
+pre-flight: override postgres_password ?= nextcloud
+pre-flight: override postgres_db ?= ${postgres_user}
+pre-flight:
+	@echo '${nextcloud_admin_user}' > 'nextcloud_admin_user.txt'
+	@echo '${nextcloud_admin_password}' > 'nextcloud_admin_password.txt'
+	@echo '${postgres_user}' > 'postgres_user.txt'
+	@echo '${postgres_password}' > 'postgres_password.txt'
+	@echo '${postgres_db}' > 'postgres_db.txt'
+
+firewalld-open: override service_name ?= nextcloud
+firewalld-open: override port ?= 8080
+firewalld-open: ${shell which 'firewall-cmd'}
+	@sudo firewall-cmd --permanent --new-service '${service_name}'
+	@sudo firewall-cmd --permanent --service '${service_name}' --set-description 'FIXME'
+	@sudo firewall-cmd --permanent --service '${service_name}' --set-short 'FIXME'
+	@sudo firewall-cmd --permanent --service '${service_name}' --add-port '${port}/tcp'
+	@sudo firewall-cmd --permanent --add-service '${service_name}'
+	@sudo firewall-cmd --reload
+
+composition-go-brrr: ${shell which 'docker-compose'} pre-flight
+	@docker-compose up -d
diff --git a/containers/nextcloud/README.md b/containers/nextcloud/README.md
deleted file mode 100644
index f288836..0000000
--- a/containers/nextcloud/README.md
+++ /dev/null
@@ -1,16 +0,0 @@
-# Nextcloud docker image
-
-## Table of contents <!-- omit in toc -->
-
-1. [Sources](#sources)
-
-## Sources
-
-- [Docker Hub]
-
-<!--
-  References
-  -->
-
-<!-- Upstream -->
-[docker hub]: https://hub.docker.com/_/nextcloud
diff --git a/containers/nextcloud/docker-compose.yml b/containers/nextcloud/docker-compose.yml
index 08844be..543fa71 100644
--- a/containers/nextcloud/docker-compose.yml
+++ b/containers/nextcloud/docker-compose.yml
@@ -1,36 +1,61 @@
+---
+
+# sources:
+# - https://hub.docker.com/_/nextcloud
+
 version: '3.2'
 
 services:
   db:
-    image: postgres
-    restart: always
+    image: postgres:16.3-alpine3.19
+    restart: unless-stopped
+    shm_size: 128mb
     volumes:
       - db:/var/lib/postgresql/data
     environment:
-      - POSTGRES_DB_FILE=/run/secrets/postgres_db
-      - POSTGRES_USER_FILE=/run/secrets/postgres_user
-      - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
+      POSTGRES_DB_FILE: /run/secrets/postgres_db
+      POSTGRES_USER_FILE: /run/secrets/postgres_user
+      POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password
     secrets:
       - postgres_db
       - postgres_password
       - postgres_user
 
+  redis:
+    image: redis:7.2.4-alpine3.19
+    restart: unless-stopped
+    # environment:
+    #   REDIS_USERNAME: default
+    #   REDIS_PASSWORD: something
+    # command: >-
+    #   --user ${REDIS_USERNAME} on >${REDIS_PASSWORD} ${REDIS_PERMISSIONS}
+    #   --user default off
+
   app:
-    image: nextcloud
-    restart: always
+    depends_on:
+      - db
+      - redis
+    image: nextcloud:27.1.9-apache
+    restart: unless-stopped
     ports:
       - 8080:80
     volumes:
       - nextcloud:/var/www/html
+      - config:/var/www/html/config
+      - data:/var/www/html/data
+      - custom_apps:/var/www/html/custom_apps
+      # - theme:/var/www/html/themes/<YOUR_CUSTOM_THEME>
     environment:
-      - POSTGRES_HOST=db
-      - POSTGRES_DB_FILE=/run/secrets/postgres_db
-      - POSTGRES_USER_FILE=/run/secrets/postgres_user
-      - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
-      - NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/nextcloud_admin_password
-      - NEXTCLOUD_ADMIN_USER_FILE=/run/secrets/nextcloud_admin_user
-    depends_on:
-      - db
+      POSTGRES_HOST: db
+      POSTGRES_DB_FILE: /run/secrets/postgres_db
+      POSTGRES_USER_FILE: /run/secrets/postgres_user
+      POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password
+      REDIS_HOST: redis
+      NEXTCLOUD_ADMIN_PASSWORD_FILE: /run/secrets/nextcloud_admin_password
+      NEXTCLOUD_ADMIN_USER_FILE: /run/secrets/nextcloud_admin_user
+      NEXTCLOUD_INIT_HTACCESS: true
+      NEXTCLOUD_TRUSTED_DOMAINS: >-
+        ${HOSTNAME}
     secrets:
       - nextcloud_admin_password
       - nextcloud_admin_user
@@ -41,6 +66,10 @@ services:
 volumes:
   db:
   nextcloud:
+  config:
+  data:
+  custom_apps:
+  # theme:
 
 secrets:
   nextcloud_admin_password: