Commit 9636d79c authored by Alain Takoudjou's avatar Alain Takoudjou

Nextcloud Upgrade fixes

See merge request nexedi/slapos!1490
parents ad28fcb3 d9bf1fed
...@@ -24,6 +24,7 @@ extends = ...@@ -24,6 +24,7 @@ extends =
../icu/buildout.cfg ../icu/buildout.cfg
../openssl/buildout.cfg ../openssl/buildout.cfg
../libnsl/buildout.cfg ../libnsl/buildout.cfg
../libsodium/buildout.cfg
../sqlite3/buildout.cfg ../sqlite3/buildout.cfg
../oniguruma/buildout.cfg ../oniguruma/buildout.cfg
../xz-utils/buildout.cfg ../xz-utils/buildout.cfg
...@@ -78,9 +79,12 @@ configure-options = ...@@ -78,9 +79,12 @@ configure-options =
--enable-mbstring --enable-mbstring
--enable-pcntl --enable-pcntl
--enable-session --enable-session
--enable-sysvsem
--with-apxs2=${apache:location}/bin/apxs --with-apxs2=${apache:location}/bin/apxs
--with-bz2=${bzip2:location} --with-bz2=${bzip2:location}
--with-curl --with-curl
--with-freetype
--with-jpeg
--with-gettext=${gettext:location} --with-gettext=${gettext:location}
--with-imap-ssl --with-imap-ssl
--with-imap=${cclient:location} --with-imap=${cclient:location}
...@@ -88,6 +92,7 @@ configure-options = ...@@ -88,6 +92,7 @@ configure-options =
--with-mysqli=mysqlnd --with-mysqli=mysqlnd
--with-openssl=${openssl:location} --with-openssl=${openssl:location}
--with-pdo-mysql=mysqlnd --with-pdo-mysql=mysqlnd
--with-sodium=${libsodium:location}
--with-zip --with-zip
--with-zlib --with-zlib
...@@ -95,7 +100,7 @@ configure-options = ...@@ -95,7 +100,7 @@ configure-options =
# It will create a pear/temp directory under the SR instead of a shared /tmp/pear/temp. # It will create a pear/temp directory under the SR instead of a shared /tmp/pear/temp.
# XXX we could mkdir tmp there # XXX we could mkdir tmp there
environment = environment =
PKG_CONFIG_PATH=${libxml2:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig:${libzip:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${curl:location}/lib/pkgconfig:${icu:location}/lib/pkgconfig:${oniguruma:location}/lib/pkgconfig:${argon2:location}/lib/pkgconfig:${zlib:location}/lib/pkgconfig:${mariadb:location}/lib/pkgconfig:${libjpeg:location}/lib/pkgconfig:${libpng:location}/lib/pkgconfig:${freetype:location}/lib/pkgconfig:${libiconv:location}/lib/pkgconfig:${libzip:location}/lib/pkgconfig PKG_CONFIG_PATH=${libxml2:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig:${libzip:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${curl:location}/lib/pkgconfig:${icu:location}/lib/pkgconfig:${oniguruma:location}/lib/pkgconfig:${argon2:location}/lib/pkgconfig:${zlib:location}/lib/pkgconfig:${mariadb:location}/lib/pkgconfig:${libjpeg:location}/lib/pkgconfig:${libpng:location}/lib/pkgconfig:${freetype:location}/lib/pkgconfig:${libiconv:location}/lib/pkgconfig:${libzip:location}/lib/pkgconfig:${libsodium:location}/lib/pkgconfig
PATH=${pkgconfig:location}/bin:${bzip2:location}/bin:${libxml2:location}/bin:${xz-utils:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:${bzip2:location}/bin:${libxml2:location}/bin:${xz-utils:location}/bin:%(PATH)s
CPPFLAGS=-I${libzip:location}/include CPPFLAGS=-I${libzip:location}/include
LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath -Wl,${bzip2:location}/lib -Wl,-rpath -Wl,${curl:location}/lib -L${libtool:location}/lib -Wl,-rpath -Wl,${libtool:location}/lib -L${mariadb:location}/lib -Wl,-rpath -Wl,${mariadb:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -L${libzip:location}/lib -Wl,-rpath -Wl,${libzip:location}/lib -L${argon2:location}/lib/x86_64-linux-gnu -Wl,-rpath -Wl,${argon2:location}/lib/x86_64-linux-gnu -Wl,-rpath -Wl,${zstd:location}/lib -L${libnsl:location}/lib -Wl,-rpath -Wl,${libnsl:location}/lib -L${sqlite3:location}/lib -Wl,-rpath -Wl,${sqlite3:location}/lib LDFLAGS=-L${bzip2:location}/lib -Wl,-rpath -Wl,${bzip2:location}/lib -Wl,-rpath -Wl,${curl:location}/lib -L${libtool:location}/lib -Wl,-rpath -Wl,${libtool:location}/lib -L${mariadb:location}/lib -Wl,-rpath -Wl,${mariadb:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -L${libzip:location}/lib -Wl,-rpath -Wl,${libzip:location}/lib -L${argon2:location}/lib/x86_64-linux-gnu -Wl,-rpath -Wl,${argon2:location}/lib/x86_64-linux-gnu -Wl,-rpath -Wl,${zstd:location}/lib -L${libnsl:location}/lib -Wl,-rpath -Wl,${libnsl:location}/lib -L${sqlite3:location}/lib -Wl,-rpath -Wl,${sqlite3:location}/lib
......
...@@ -5,7 +5,7 @@ parts = ...@@ -5,7 +5,7 @@ parts =
[libsodium] [libsodium]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://download.libsodium.org/libsodium/releases/old/unsupported/libsodium-1.0.8.tar.gz url = https://download.libsodium.org/libsodium/releases/old/libsodium-1.0.17.tar.gz
md5sum = 0a66b86fd3aab3fe4c858edcd2772760 md5sum = 0f71e2680187a1558b5461e6879342c5
configure-options = configure-options =
--disable-static --disable-static
...@@ -14,12 +14,12 @@ ...@@ -14,12 +14,12 @@
# not need these here). # not need these here).
[template-nextcloud-install.sh] [template-nextcloud-install.sh]
filename = nextcloud-install.sh.in filename = nextcloud-install.sh.in
md5sum = 965cc84d4c8e39f06850fac361575647 md5sum = f31dfd6fce79fcf1c13cbd96dd366492
[template-nextcloud-config.json] [template-nextcloud-config.json]
filename = nextcloud-config.json.in filename = nextcloud-config.json.in
md5sum = 6f42f0a8c5e5c0c657541a65c4d9ee57 md5sum = 133ad47aec7e16f716eb710ef38823e8
[template-nextcloud-instance] [template-nextcloud-instance]
filename = nextcloud-instance.cfg.in filename = nextcloud-instance.cfg.in
md5sum = a59b081bd39f61c7361fdb6c54fc2039 md5sum = 65d2fef4aa41fa70e5194d73a8cb2c4a
...@@ -35,6 +35,19 @@ ...@@ -35,6 +35,19 @@
"timeout": 0 "timeout": 0
}, },
"logfile": "{{ parameter_dict['data-dir'] }}/nextcloud.log", "logfile": "{{ parameter_dict['data-dir'] }}/nextcloud.log",
"datadirectory": "{{ parameter_dict['data-dir'] }}" "loglevel" => 2,
"datadirectory": "{{ parameter_dict['data-dir'] }}",
"preview_ffmpeg_path": "{{ parameter_dict['ffmpeg-path'] }}",
"tempdirectory": "{{ parameter_dict['tmp-dir'] }}",
"apps_paths": [
{
"path": "{{ parameter_dict['nextcloud'] }}/apps",
"url": "/apps",
"writable": true
}
],
"default_phone_region": "FR",
"default_locale": "fr_FR",
"default_timezone": "Europe/Paris"
} }
} }
...@@ -115,19 +115,9 @@ ...@@ -115,19 +115,9 @@
"type": "string", "type": "string",
"format": "uri" "format": "uri"
}, },
"instance.trusted-domain-1": { "instance.trusted-domain-list": {
"title": "Authorized domain on nextcloud", "title": "Authorized domain(s) on nextcloud",
"description": "Trusted domain used to connect to Nextcloud instance.", "description": "Trusted domain(s) used to connect to Nextcloud instance. Space separated.",
"type": "string"
},
"instance.trusted-domain-2": {
"title": "Second authorized domain on nextcloud",
"description": "Trusted domain used to connect to Nextcloud instance.",
"type": "string"
},
"instance.trusted-domain-3": {
"title": "Third authorized domain on nextcloud",
"description": "Trusted domain used to connect to Nextcloud instance.",
"type": "string" "type": "string"
}, },
"instance.trusted-proxy-list": { "instance.trusted-proxy-list": {
......
...@@ -140,4 +140,4 @@ if [ -f "{{ parameter_dict['nextcloud'] }}/config/CAN_INSTALL" ]; then ...@@ -140,4 +140,4 @@ if [ -f "{{ parameter_dict['nextcloud'] }}/config/CAN_INSTALL" ]; then
rm {{ parameter_dict['nextcloud'] }}/config/CAN_INSTALL rm {{ parameter_dict['nextcloud'] }}/config/CAN_INSTALL
fi fi
date > {{ parameter_dict['nextcloud'] }}/.slapos-install-done date > {{ parameter_dict['installed-file'] }}
...@@ -8,6 +8,7 @@ redis = ${directory:srv}/redis ...@@ -8,6 +8,7 @@ redis = ${directory:srv}/redis
redis-log = ${directory:log}/redis redis-log = ${directory:log}/redis
data = ${directory:srv}/data data = ${directory:srv}/data
backup = ${directory:backup}/nextcloud backup = ${directory:backup}/nextcloud
tmp = ${buildout:directory}/tmp
[service-redis] [service-redis]
recipe = slapos.cookbook:redis.server recipe = slapos.cookbook:redis.server
...@@ -42,13 +43,15 @@ rotate-num = 30 ...@@ -42,13 +43,15 @@ rotate-num = 30
[instance-parameter] [instance-parameter]
nextcloud = ${:document-root} nextcloud = ${:document-root}
installed-file = ${directory:etc}/.nextcloud-install-done
admin-user = admin admin-user = admin
admin-password = admin admin-password = admin
ffmpeg-path = {{ ffmpeg_location }}/bin/ffmpeg
tmp-dir = ${nc-directory:tmp}
trusted-domain-list = trusted-domain-list =
[${apache-php-configuration:ip}]:${apache-php-configuration:port} [${apache-php-configuration:ip}]:${apache-php-configuration:port}
${slap-parameter:instance.trusted-domain-1} ${request-frontend:connection-domain}
${slap-parameter:instance.trusted-domain-2} ${slap-parameter:instance.trusted-domain-list}
${slap-parameter:instance.trusted-domain-3}
trusted-proxy-list = ${slap-parameter:instance.trusted-proxy-list} trusted-proxy-list = ${slap-parameter:instance.trusted-proxy-list}
cli-url = ${slap-parameter:instance.cli-url} cli-url = ${slap-parameter:instance.cli-url}
...@@ -69,6 +72,9 @@ collabora-url = ${slap-parameter:instance.collabora-url} ...@@ -69,6 +72,9 @@ collabora-url = ${slap-parameter:instance.collabora-url}
stun-server = ${slap-parameter:instance.stun-server} stun-server = ${slap-parameter:instance.stun-server}
turn-server = ${slap-parameter:instance.turn-server} turn-server = ${slap-parameter:instance.turn-server}
turn-secret = ${slap-parameter:instance.turn-secret} turn-secret = ${slap-parameter:instance.turn-secret}
# php.ini
php.opcache.revalidate-freq = 60
php.opcache.interned-strings-buffer = 24
[nextcloud-install.sh] [nextcloud-install.sh]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
...@@ -105,7 +111,7 @@ input = inline:#!/bin/bash ...@@ -105,7 +111,7 @@ input = inline:#!/bin/bash
echo "Nextcloud is not installed."; echo "Nextcloud is not installed.";
exit 1; exit 1;
fi fi
if [ ! -f "${instance-parameter:nextcloud}/.slapos-install-done" ]; then if [ ! -f "${instance-parameter:installed-file}" ]; then
echo "Nextcloud is not configured."; echo "Nextcloud is not configured.";
exit 1; exit 1;
fi fi
...@@ -203,7 +209,5 @@ instance.turn-server = ...@@ -203,7 +209,5 @@ instance.turn-server =
instance.turn-secret = instance.turn-secret =
instance.cli-url = ${apache-php-configuration:url} instance.cli-url = ${apache-php-configuration:url}
instance.trusted-domain-1 =
instance.trusted-domain-2 =
instance.trusted-domain-3 =
instance.trusted-proxy-list = instance.trusted-proxy-list =
instance.trusted-domain-list =
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
extends = extends =
buildout.hash.cfg buildout.hash.cfg
../../component/redis/buildout.cfg ../../component/redis/buildout.cfg
../../component/ffmpeg/buildout.cfg
../../stack/lamp/buildout.cfg ../../stack/lamp/buildout.cfg
[nc-download] [nc-download]
...@@ -28,6 +29,7 @@ context = ...@@ -28,6 +29,7 @@ context =
key python3_location python3:location key python3_location python3:location
key news_updater_location news-updater:location key news_updater_location news-updater:location
key php_location apache-php:location key php_location apache-php:location
key ffmpeg_location ffmpeg:location
raw redis_bin ${redis:location}/bin/redis-server raw redis_bin ${redis:location}/bin/redis-server
raw redis_cli ${redis:location}/bin/redis-cli raw redis_cli ${redis:location}/bin/redis-cli
key nextcloud_install_sh template-nextcloud-install.sh:target key nextcloud_install_sh template-nextcloud-install.sh:target
...@@ -42,7 +44,6 @@ db-user = nextcloud ...@@ -42,7 +44,6 @@ db-user = nextcloud
[nc-download-unpacked] [nc-download-unpacked]
recipe = slapos.recipe.build:download-unpacked recipe = slapos.recipe.build:download-unpacked
shared = true
[news-updater] [news-updater]
<= nc-download-unpacked <= nc-download-unpacked
...@@ -66,8 +67,8 @@ md5sum = 88adcbc34ef7e461f515ba96b82365d9 ...@@ -66,8 +67,8 @@ md5sum = 88adcbc34ef7e461f515ba96b82365d9
[nextcloud-app-snappymail] [nextcloud-app-snappymail]
<= nc-download-unpacked <= nc-download-unpacked
url = https://snappymail.eu/repository/nextcloud/snappymail-2.29.1-nextcloud.tar.gz url = https://snappymail.eu/repository/nextcloud/snappymail-2.29.4-nextcloud.tar.gz
md5sum = b7500ea4e089d8a9e3fa381d6df3a3b0 md5sum = 676bf0fa3b9f0fb9f0208304cf302a26
[nextcloud-app-news] [nextcloud-app-news]
<= nc-download-unpacked <= nc-download-unpacked
......
...@@ -63,6 +63,8 @@ part-list = ...@@ -63,6 +63,8 @@ part-list =
# database information # database information
db-name = lamp db-name = lamp
db-user = lamp db-user = lamp
# Publish default lamp slave frontend url
default-frontend = True
#---------------- #----------------
#-- Instance-level buildout profiles. #-- Instance-level buildout profiles.
...@@ -113,6 +115,7 @@ context = ...@@ -113,6 +115,7 @@ context =
key custom_application_template custom-application-deployment:path key custom_application_template custom-application-deployment:path
key db_name custom-application-deployment:db-name key db_name custom-application-deployment:db-name
key db_user custom-application-deployment:db-user key db_user custom-application-deployment:db-user
key default_frontend custom-application-deployment:default-frontend
key lamp_apache_httpd template-apache-httpd:target key lamp_apache_httpd template-apache-httpd:target
[instance-apache-php] [instance-apache-php]
......
...@@ -14,15 +14,15 @@ ...@@ -14,15 +14,15 @@
# not need these here). # not need these here).
[lamp-instance] [lamp-instance]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = 7854dd0edd48f2d91c16412c4a875ca4 md5sum = 6395a5d69e2fee494a7d00fd2ac563cb
[instance-apache-php] [instance-apache-php]
filename = instance-apache-php.cfg.in filename = instance-apache-php.cfg.in
md5sum = 1e4762a6a7631d517fb45c84f9c989fe md5sum = 41602a61d5f9609281dbfa3f27da0626
[instance-lamp] [instance-lamp]
filename = instance-lamp.cfg.jinja2.in filename = instance-lamp.cfg.jinja2.in
md5sum = 347ddf1516bf2ddb5f6fb23539382847 md5sum = de1f450a80547d12334b712016138078
[template-apache.conf] [template-apache.conf]
filename = apache.conf.in filename = apache.conf.in
...@@ -30,7 +30,7 @@ md5sum = e49410f0a4bf28993a56bb28aff0a6f0 ...@@ -30,7 +30,7 @@ md5sum = e49410f0a4bf28993a56bb28aff0a6f0
[template-php.ini] [template-php.ini]
filename = php.ini.in filename = php.ini.in
md5sum = bf21c6d68ef85ee7de090375424d0c5c md5sum = 677e1185a99d337cd1be778c548a6d30
[template-apache-httpd] [template-apache-httpd]
filename = apache-httpd.conf.in filename = apache-httpd.conf.in
......
...@@ -152,7 +152,7 @@ context = ...@@ -152,7 +152,7 @@ context =
[apache-php-conf] [apache-php-conf]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
url = {{ parameter_dict['template-apache-conf'] }} url = {{ parameter_dict['template-apache-conf'] }}
output = ${directory:etc}/apache.confgraceful output = ${directory:etc}/apache.conf
context = context =
section parameter_dict apache-php-configuration section parameter_dict apache-php-configuration
extensions = jinja2.ext.do extensions = jinja2.ext.do
...@@ -230,6 +230,27 @@ command-line = ${instance-parameter:php-bin} -c ${php.ini-conf:output} ...@@ -230,6 +230,27 @@ command-line = ${instance-parameter:php-bin} -c ${php.ini-conf:output}
<= monitor-publish <= monitor-publish
recipe = slapos.cookbook:publish.serialised recipe = slapos.cookbook:publish.serialised
backend-url = ${apache-php-configuration:url} backend-url = ${apache-php-configuration:url}
{% if parameter_dict['publish-frontend'] -%}
url = ${lamp-frontend-promise:url}
{% endif -%}
[request-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Instance Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
shared = true
config-url = ${apache-php-configuration:url}
config-https-only = true
return = domain secure_access
[lamp-frontend-promise]
<= monitor-promise-base
promise = check_url_available
name = lamp-http-frontend.py
url = ${request-frontend:connection-secure_access}
config-url = ${:url}
#---------------- #----------------
......
...@@ -30,11 +30,13 @@ config-{{ key }} = {{ dumps(value) }} ...@@ -30,11 +30,13 @@ config-{{ key }} = {{ dumps(value) }}
config-monitor-passwd = ${monitor-instance-parameter:password} config-monitor-passwd = ${monitor-instance-parameter:password}
config-database-list = ${request-mariadb:connection-database-list} config-database-list = ${request-mariadb:connection-database-list}
return = return =
url
backend-url backend-url
monitor-base-url monitor-base-url
{% do part_list.append('request-apache') -%} {% do part_list.append('request-apache') -%}
{% do publish_dict.__setitem__('backend-url', '${request-apache:connection-backend-url}') -%} {% do publish_dict.__setitem__('backend-url', '${request-apache:connection-backend-url}') -%}
{% do publish_dict.__setitem__('url', '${request-apache:connection-url}') -%}
{% do monitor_base_url_dict.__setitem__('apache', '${request-apache:connection-monitor-base-url}') -%} {% do monitor_base_url_dict.__setitem__('apache', '${request-apache:connection-monitor-base-url}') -%}
[request-mariadb] [request-mariadb]
...@@ -59,27 +61,6 @@ return = ...@@ -59,27 +61,6 @@ return =
{% do publish_dict.__setitem__('mariadb-url-list', '${request-mariadb:connection-database-list}') -%} {% do publish_dict.__setitem__('mariadb-url-list', '${request-mariadb:connection-database-list}') -%}
{% do monitor_base_url_dict.__setitem__('mariadb', '${request-mariadb:connection-monitor-base-url}') -%} {% do monitor_base_url_dict.__setitem__('mariadb', '${request-mariadb:connection-monitor-base-url}') -%}
[request-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Instance Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
shared = true
config-url = ${request-apache:connection-backend-url}
config-https-only = true
return = domain secure_access
[lamp-frontend-promise]
<= monitor-promise-base
promise = check_url_available
name = lamp-http-frontend.py
url = ${request-frontend:connection-secure_access}
config-url = ${:url}
config-custom-domain = {{ slapparameter_dict.get('custom-domain', '') }}
{% do publish_dict.__setitem__('url', '${lamp-frontend-promise:url}') -%}
[publish-early] [publish-early]
recipe = slapos.cookbook:publish-early recipe = slapos.cookbook:publish-early
-init = -init =
......
...@@ -67,6 +67,7 @@ template-apache-conf = {{ template_apache_conf }} ...@@ -67,6 +67,7 @@ template-apache-conf = {{ template_apache_conf }}
apache-location = {{ apache_location }} apache-location = {{ apache_location }}
apache-php-location = {{ apache_php_location }} apache-php-location = {{ apache_php_location }}
template-php-ini = {{ template_php_ini }} template-php-ini = {{ template_php_ini }}
publish-frontend = !py!{{ default_frontend }}
# XXX no failure if `custom_application_template` is empty # XXX no failure if `custom_application_template` is empty
[application-parameters] [application-parameters]
......
...@@ -65,7 +65,7 @@ apc.lazy_functions=0 ...@@ -65,7 +65,7 @@ apc.lazy_functions=0
opcache.enable=1 opcache.enable=1
opcache.enable_cli=1 opcache.enable_cli=1
opcache.memory_consumption=128 opcache.memory_consumption=128
opcache.interned_strings_buffer=8 opcache.interned_strings_buffer={{ instance_dict.get('php.opcache.interned-strings-buffer', 8) }}
opcache.max_accelerated_files=10000 opcache.max_accelerated_files=10000
opcache.revalidate_freq=1 opcache.revalidate_freq={{ instance_dict.get('php.opcache.revalidate-freq', 1) }}
opcache.save_comments=1 opcache.save_comments=1
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment