build: add NC compose setup to use specific server branch

dev/.env

@@ -1,5 +1,8 @@
 # Nextcloud configurations
 NEXTCLOUD_IMAGE_TAG=
+# e.g.: 83, 82
+NEXTCLOUD_IMAGE_PHP=
+NEXTCLOUD_BRANCH=
 
 # OpenProject configurations
 OPENPROJECT_IMAGE_TAG=

dev/compose.yaml

@@ -64,13 +64,15 @@ services:
       traefik.http.routers.traefik.service: api@internal
       traefik.http.routers.traefik.entrypoints: websecure
 
-  nextcloud-db:
+  # DO NOT RENAME THIS SERVICE
+  # The service name 'database-pgsql' is used by the nextcloud container internally
+  database-pgsql:
     image: postgres:14
-    restart: always
+    restart: unless-stopped
     environment:
       POSTGRES_DB: nextcloud
-      POSTGRES_USER: nextcloud
-      POSTGRES_PASSWORD: nextcloud
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
     volumes:
       - ncdb:/var/lib/postgresql/data
     networks:
@@ -83,22 +85,30 @@ services:
       start_period: 10s
 
   nextcloud:
-    image: nextcloud:${NEXTCLOUD_IMAGE_TAG:-apache}
-    restart: always
+    image: ghcr.io/juliusknorr/nextcloud-dev-php${NEXTCLOUD_IMAGE_PHP:-83}:${NEXTCLOUD_IMAGE_TAG:-master}
+    restart: unless-stopped
     entrypoint: bash
     command: /nextcloud.sh
     environment:
-      OVERWRITEPROTOCOL: 'https'
-      OVERWRITECLIURL: 'https://nextcloud.local'
-      PHP_UPLOAD_SIZE: '1024M'
-      POSTGRES_HOST: nextcloud-db
-      POSTGRES_DB: nextcloud
-      POSTGRES_USER: nextcloud
-      POSTGRES_PASSWORD: nextcloud
+      SQL: pgsql
+      VIRTUAL_HOST: nextcloud
+      SERVER_BRANCH: ${NEXTCLOUD_BRANCH:-stable31}
+      NEXTCLOUD_AUTOINSTALL: YES
+      NEXTCLOUD_TRUSTED_DOMAINS: nextcloud.local
+      NEXTCLOUD_AUTOINSTALL_APPS: oidc groupfolders
+      NEXTCLOUD_AUTOINSTALL_APPS_WAIT_TIME: 60
+      # [INFO] Pre-defined database config
+      # - admin-user: admin
+      # - admin-pass: admin
+      # - database-name: nextcloud
+      # - database-user: postgres
+      # - database-pass: postgres
+      # - database-host: database-pgsql
     volumes:
       - ./nextcloud.sh:/nextcloud.sh
       - ./apps:/var/www/html/custom_apps
       - ../:/var/www/html/custom_apps/integration_openproject:ro
+      - ./nextcloud:/shared
       - ncdata:/var/www/html
       - apache_conf:/etc/apache2
       - step:/step:ro
@@ -107,32 +117,20 @@ services:
     depends_on:
       traefik:
         condition: service_started
-      nextcloud-db:
+      database-pgsql:
         condition: service_healthy
     labels:
       traefik.enable: true
       traefik.http.routers.nextcloud.rule: Host(`nextcloud.local`)
       traefik.http.routers.nextcloud.entrypoints: websecure
 
-  cron:
-    image: nextcloud:apache
-    restart: always
-    entrypoint: /cron.sh
-    volumes:
-      - ncdata:/var/www/html
-      - apache_conf:/etc/apache2
-    networks:
-      - nc-op
-    depends_on:
-      nextcloud-db:
-        condition: service_healthy
-
   openproject:
     image: openproject/openproject:${OPENPROJECT_IMAGE_TAG:-15}
     restart: unless-stopped
     entrypoint: bash
     command: /openproject.sh
     environment:
+      OPENPROJECT_LOG__LEVEL: error
       OPENPROJECT_HOST__NAME: '${OPENPROJECT_DEV_HOST:-openproject.local}'
       OPENPROJECT_HTTPS: true
       OPENPROJECT_DEV_EXTRA_HOSTS: '${OPENPROJECT_DEV_HOST:-openproject.local}'

dev/nextcloud.sh

@@ -1,39 +1,15 @@
 #!/bin/bash
 
-STEP_CERTS_DIR="/step/certs"
+set -e
 
-if [ -d "$STEP_CERTS_DIR" ]; then
-    rm -rf /etc/ssl/certs/Step_Root_CA.pem /usr/local/share/ca-certificates/Step_Root_CA.crt
-    echo "[INFO] Linking root CA certificate..."
-    cp "$STEP_CERTS_DIR"/root_ca.crt /usr/local/share/ca-certificates/Step_Root_CA.crt
-    update-ca-certificates
-fi
+rm -rf /tmp/server || true
+# clone nextcloud server
+git clone -b "${SERVER_BRANCH}" --depth 1 https://github.com/nextcloud/server.git /tmp/server
 
-chown www-data custom_apps
-find ./custom_apps -mindepth 1 -path ./custom_apps/integration_openproject -prune -o -exec chown www-data {} \;
+(cd /tmp/server && git submodule update --init)
+rsync -a --chmod=755 --chown=www-data:www-data /tmp/server/ /var/www/html
+chown www-data: -R /var/www/html/data
+chown www-data: /var/www/html/.htaccess
 
-/entrypoint.sh apache2-foreground &
-
-# Wait for Nextcloud
-while [ $(curl -s http://localhost -w %{http_code} -o /dev/null) != 302 ] && [ $(curl -s http://localhost -w %{http_code} -o /dev/null) != 200 ]; do
-    sleep 1
-done
-
-chsh -s /bin/bash www-data
-# install nextcloud
-su www-data -c "php occ maintenance:install -vvv \
-    --database pgsql \
-    --database-name $POSTGRES_DB \
-    --database-host $POSTGRES_HOST \
-    --database-user $POSTGRES_USER \
-    --database-pass $POSTGRES_PASSWORD \
-    --admin-user admin \
-    --admin-pass admin \
-    --data-dir /var/www/html/data"
-
-su www-data -c "php occ a:e integration_openproject"
-su www-data -c "php occ config:system:set allow_local_remote_servers --value 1"
-su www-data -c "php occ security:certificates:import /etc/ssl/certs/ca-certificates.crt"
-su www-data -c "php occ config:system:set trusted_domains 1 --value=nextcloud.local"
-
-tail -f data/nextcloud.log
+# run the nextcloud setup
+/usr/local/bin/bootstrap.sh apache2-foreground

dev/nextcloud/config.php

@@ -0,0 +1,19 @@
+<?php
+
+$CONFIG = [
+	'apps_paths' =>
+	array(
+		0 =>
+		array(
+			'path' => '/var/www/html/apps',
+			'url' => '/apps',
+			'writable' => false,
+		),
+		1 =>
+		array(
+			'path' => '/var/www/html/custom_apps',
+			'url' => '/custom_apps',
+			'writable' => true,
+		),
+	),
+];

dev/nextcloud/hooks/after-install.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -e
+
+OCC() {
+    # shellcheck disable=SC2068
+    sudo -E -u www-data php "$WEBROOT/occ" $@
+}
+
+OCC a:e integration_openproject
+OCC security:certificates:import /etc/ssl/certs/ca-certificates.crt

dev/nextcloud/hooks/before-install.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+set -e
+
+echo "-----------------------------------------------------------"
+echo "[INFO] Installing CA certificates..."
+echo "-----------------------------------------------------------"
+
+STEP_CERTS_DIR="/step/certs"
+
+if [ -d "$STEP_CERTS_DIR" ]; then
+    rm -rf /etc/ssl/certs/Step_Root_CA.pem /usr/local/share/ca-certificates/Step_Root_CA.crt
+    echo "[INFO] Linking root CA certificate..."
+    cp "$STEP_CERTS_DIR"/root_ca.crt /usr/local/share/ca-certificates/Step_Root_CA.crt
+    update-ca-certificates
+fi
+
+# fix custom_apps permissions
+chown www-data custom_apps
+find ./custom_apps -mindepth 1 -path ./custom_apps/integration_openproject -prune -o -exec chown www-data {} \;