Dockerfile

FROM nextcloud:21.0.7-fpm AS nextcloud
ARG BASE_DIR="/usr/src/nextcloud"
ARG TMP_PATCH_DIR="/tmp/build_patches"
ARG THEME_VERSION="21.1.0"
ARG THEME_HELPER_VERSION="1.0.2"
ARG NEWS_VERSION="17.0.1"
ARG QUOTA_WARN_VERSION="1.13.0"
ARG NOTES_VERSION="4.2.0"
ARG CONTACTS_VERSION="4.0.6"
ARG CALENDAR_VERSION="3.0.1"
ARG USER_BACKEND_RAW_SQL_VERSION="1.1.1"
ARG EMAIL_RECOVERY_JOB_ID="199763"
ARG RAINLOOP_VERSION="7.1.2"
ARG RAINLOOP_COMMIT_SHA="e9da581c"
ARG EDA_TAG="nc-21"
ARG ECLOUD_LAUNCHER_JOB_ID="222001"
ARG GOOGLE_INTEGRATION_VERSION="1.0.6"

COPY patches/ ${TMP_PATCH_DIR}/
RUN sed -i 's/21,0,7,0/21,0,7,12/' ${BASE_DIR}/version.php

# Install unzip for unzipping artifacts
RUN apt-get update && apt-get install unzip 

# Custom apps
RUN curl -fsSL -o news.tar.gz \
    "https://github.com/nextcloud/news/releases/download/${NEWS_VERSION}/news.tar.gz" && \
    tar -xf news.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    rm news.tar.gz;

RUN curl -fsSL -o quota_warning.tar.gz \
    "https://github.com/nextcloud-releases/quota_warning/releases/download/v${QUOTA_WARN_VERSION}/quota_warning-v${QUOTA_WARN_VERSION}.tar.gz" && \
    tar -xf quota_warning.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    rm quota_warning.tar.gz;

RUN curl -fsSL -o notes.tar.gz \
    "https://github.com/nextcloud/notes/releases/download/v${NOTES_VERSION}/notes.tar.gz" && \
    tar -xf notes.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    rm notes.tar.gz;

RUN curl -fsSL -o contacts.tar.gz \
    "https://github.com/nextcloud-releases/contacts/releases/download/v${CONTACTS_VERSION}/contacts.tar.gz" && \
    tar -xf contacts.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    rm contacts.tar.gz;

RUN curl -fsSL -o calendar.tar.gz \
    "https://github.com/nextcloud-releases/calendar/releases/download/v${CALENDAR_VERSION}/calendar.tar.gz" && \
    tar -xf calendar.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    rm calendar.tar.gz;

RUN curl -fsSL -o user_backend_sql_raw.tar.gz \
    "https://github.com/PanCakeConnaisseur/user_backend_sql_raw/releases/download/v${USER_BACKEND_RAW_SQL_VERSION}/user_backend_sql_raw.tar.gz" && \
    tar -xf user_backend_sql_raw.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    rm user_backend_sql_raw.tar.gz;

RUN curl -fsSL -o email-recovery.zip \
    "https://gitlab.e.foundation/e/infra/selfhost/nextcloud-apps/email-recovery/-/jobs/${EMAIL_RECOVERY_JOB_ID}/artifacts/download" && \
    unzip email-recovery.zip && \
    cd dist && tar -xf email-recovery.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    rm email-recovery.tar.gz;

RUN curl -fsSL -o rainloop.tar.gz \
    "https://gitlab.e.foundation/e/infra/selfhost/nextcloud-apps/rainloop-nextcloud/-/archive/${RAINLOOP_VERSION}-${RAINLOOP_COMMIT_SHA}/rainloop-nextcloud-${RAINLOOP_VERSION}-${RAINLOOP_COMMIT_SHA}.tar.gz" && \
    tar -xf rainloop.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    mv "${BASE_DIR}/custom_apps/rainloop-nextcloud-${RAINLOOP_VERSION}-${RAINLOOP_COMMIT_SHA}" "${BASE_DIR}/custom_apps/rainloop" && \
    rm rainloop.tar.gz;

RUN curl -fsSL -o ecloud_drop_account.tar.gz \
    "https://gitlab.e.foundation/e/infra/selfhost/nextcloud-apps/ecloud-drop-account/-/archive/${EDA_TAG}/ecloud-drop-account-${EDA_TAG}.tar.gz" && \
    tar -xf ecloud_drop_account.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    mv "${BASE_DIR}/custom_apps/ecloud-drop-account-${EDA_TAG}" "${BASE_DIR}/custom_apps/ecloud_drop_account" && \
    rm ecloud_drop_account.tar.gz;

RUN curl -fsSL -o ecloud-theme-helper.tar.gz \
    "https://gitlab.e.foundation/e/infra/selfhost/nextcloud-apps/ecloud-theme-helper/-/archive/${THEME_HELPER_VERSION}/ecloud-theme-helper-${THEME_HELPER_VERSION}.tar.gz" && \
    tar -xf ecloud-theme-helper.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    mv "${BASE_DIR}/custom_apps/ecloud-theme-helper-${THEME_HELPER_VERSION}" "${BASE_DIR}/custom_apps/ecloud-theme-helper" && \
    rm ecloud-theme-helper.tar.gz;

RUN curl -fsSL -o ecloud-launcher.zip \
    "https://gitlab.e.foundation/e/infra/selfhost/nextcloud-apps/launcher/-/jobs/${ECLOUD_LAUNCHER_JOB_ID}/artifacts/download" && \
    unzip ecloud-launcher.zip && \
    mv dist/ecloud-launcher ${BASE_DIR}/custom_apps/ && \
    rm ecloud-launcher.zip;

RUN curl -fsSL -o integration_google.tar.gz \
    "https://github.com/nextcloud/integration_google/releases/download/v${GOOGLE_INTEGRATION_VERSION}/integration_google-${GOOGLE_INTEGRATION_VERSION}.tar.gz" && \
    tar -xf integration_google.tar.gz -C ${BASE_DIR}/custom_apps/ && \
    chown -R www-data:www-data ${BASE_DIR}/custom_apps/integration_google && \
    rm integration_google.tar.gz;

# Remove unzip when unzipping is done
RUN apt-get -y remove unzip

# force eCloud theme not to be disabled even when there is an upgrade process launched
RUN sed -i "s/\$systemConfig->setValue('theme', '');/\$systemConfig->setValue('theme', 'eCloud');/g" ${BASE_DIR}/lib/base.php

# Patches
RUN patch -u ${BASE_DIR}/core/Controller/LoginController.php -i ${TMP_PATCH_DIR}/002-login-without-domain.patch
RUN patch -u ${BASE_DIR}/core/templates/layout.user.php -i ${TMP_PATCH_DIR}/003-contact-search-removal.patch
RUN patch -u ${BASE_DIR}/core/Controller/ContactsMenuController.php -i ${TMP_PATCH_DIR}/004-contact-search-controller-removal.patch
RUN cd ${BASE_DIR} && patch -p0 < ${TMP_PATCH_DIR}/005-autocomplete-user-leak-core.patch
RUN cd ${BASE_DIR}/custom_apps && patch -p0 < ${TMP_PATCH_DIR}/005-autocomplete-user-leak-custom-app.patch
RUN cd ${BASE_DIR} && patch -p0 < ${TMP_PATCH_DIR}/006-recovery-email-changes.patch
RUN patch -u ${BASE_DIR}/apps/settings/lib/Settings/Personal/ServerDevNotice.php -i ${TMP_PATCH_DIR}/007-remove-dev-notice.patch
RUN patch -u ${BASE_DIR}/lib/private/Template/IconsCacher.php -i ${TMP_PATCH_DIR}/008-icons-cacher-theme-svgs.patch
RUN patch -u ${BASE_DIR}/core/Controller/SvgController.php -i ${TMP_PATCH_DIR}/008-svg-controller-theme-svgs.patch
RUN cd ${BASE_DIR} && patch -p0 < ${TMP_PATCH_DIR}/009-help-links.patch
RUN patch -u ${BASE_DIR}/lib/private/Updater.php -i ${TMP_PATCH_DIR}/010-disable-app-store-upgrade.patch
RUN cd ${BASE_DIR} && patch -p0 < ${TMP_PATCH_DIR}/011-privacy-settings.patch
RUN cd ${BASE_DIR} && patch -u ${BASE_DIR}/apps/dashboard/lib/Controller/DashboardController.php -i ${TMP_PATCH_DIR}/012-remove-user-status-widget.patch
RUN patch -u ${BASE_DIR}/lib/private/Authentication/Token/PublicKeyTokenProvider.php -i ${TMP_PATCH_DIR}/013-revert-token-password-update.patch
RUN rm -rf ${TMP_PATCH_DIR}

# autocomplete leak tweak apps frontend with sed, disable group suggestion

RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/contacts-main.js
RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/emit("new-contact")/emit("newContact")/g' js/contacts-main.js
RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/calendar-main.js
RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/{name:\[a,"displayname"\]},//' js/calendar-main.js

# Set default widgets to calendar, tasks and notes
RUN sed -i 's/recommendations,spreed,mail,calendar/calendar,tasks,notes/' ${BASE_DIR}/apps/dashboard/lib/Controller/DashboardController.php

# Remove colored background from email template logo
RUN sed -i 's/$this->header, \[$this->themingDefaults->getColorPrimary()/$this->header, \["none"/' ${BASE_DIR}/lib/private/Mail/EMailTemplate.php

# fix min version of google data migration app
RUN sed -i "s/min-version=\"22\"/min-version=\"21\"/" ${BASE_DIR}/custom_apps/integration_google/appinfo/info.xml
RUN sed -i 's/ in Nextcloud/ /' ${BASE_DIR}/custom_apps/integration_google/js/integration_google-personalSettings.js
RUN sed -i 's/Nextcloud administrator/administrator/' ${BASE_DIR}/custom_apps/integration_google/js/integration_google-personalSettings.js

# Custom theme
RUN curl -fsSL -o eCloud-theme.tar.gz \
    "https://gitlab.e.foundation/e/infra/nextcloud-theme/-/archive/${THEME_VERSION}/nextcloud-theme-${THEME_VERSION}.tar.gz" && \
    tar -xf eCloud-theme.tar.gz -C /tmp/ && \
    mv /tmp/nextcloud-theme-${THEME_VERSION}/ ${BASE_DIR}/themes/eCloud && \
    chown -R www-data:www-data ${BASE_DIR}/themes/eCloud/ && \
    rm -rf eCloud-theme.tar.gz ${BASE_DIR}/themes/example/

# Replace "Get your own free account" NC link with /e/ Account link in public pages
RUN sed -i 's/https:\/\/nextcloud.com\/signup\//https:\/\/e\.foundation\/<?php p(\$_\[\x27language\x27\]); ?>\/e-email-invite\//' ${BASE_DIR}/core/templates/layout.public.php 

# Use php 8 image
FROM php:8.0.12-fpm-bullseye
RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images

# Copy all the required files from the nextcloud stage
COPY --from=nextcloud /usr/src/nextcloud /usr/src/nextcloud
COPY --from=nextcloud /usr/local/etc/php/conf.d/ /usr/local/etc/php/conf.d/
COPY --from=nextcloud /*.sh /
COPY --from=nextcloud /upgrade.exclude /
COPY --from=nextcloud /var/spool/cron/crontabs /var/spool/cron/crontabs
COPY --from=nextcloud /entrypoint.sh /

# Copy entrypoints and add correct permissions
COPY custom_entrypoint.sh /
RUN chmod +x /custom_entrypoint.sh
RUN chmod +x /entrypoint.sh

# Install required dependencies of nextcloud
RUN set -ex; \
    \
    apt-get update; \
    apt-get install -y --no-install-recommends \
        rsync \
        bzip2 \
        busybox-static \
        libldap-common \
    ; \
    rm -rf /var/lib/apt/lists/*;

# install the PHP extensions we need
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
ENV PHP_MEMORY_LIMIT 512M
ENV PHP_UPLOAD_LIMIT 512M
RUN set -ex; \
    \
    savedAptMark="$(apt-mark showmanual)"; \
    \
    apt-get update; \
    apt-get install -y --no-install-recommends \
        libcurl4-openssl-dev \
        libevent-dev \
        libfreetype6-dev \
        libicu-dev \
        libjpeg-dev \
        libldap2-dev \
        libmcrypt-dev \
        libmemcached-dev \
        libpng-dev \
        libpq-dev \
        libxml2-dev \
        libmagickwand-dev \
        libzip-dev \
        libwebp-dev \
        libgmp-dev \
    ; \
    \
    debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
    docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
    docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
    docker-php-ext-install -j "$(nproc)" \
        bcmath \
        exif \
        gd \
        intl \
        ldap \
        opcache \
        pcntl \
        pdo_mysql \
        pdo_pgsql \
        zip \
        gmp \
    ; \
    \
# pecl will claim success even if one install fails, so we need to perform each install separately
    pecl install APCu-5.1.21; \
    pecl install memcached-3.1.5; \
    pecl install redis-5.3.4; \
    pecl install imagick-3.5.1; \
    \
    docker-php-ext-enable \
        apcu \
        memcached \
        redis \
        imagick \
    ; \
    rm -r /tmp/pear; \
    \
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
    apt-mark auto '.*' > /dev/null; \
    apt-mark manual $savedAptMark; \
    ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
        | awk '/=>/ { print $3 }' \
        | sort -u \
        | xargs -r dpkg-query -S \
        | cut -d: -f1 \
        | sort -u \
        | xargs -rt apt-mark manual; \
    \
    apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; 

# Install imagemagick
RUN apt-get -y install imagemagick;\
    rm -rf /var/lib/apt/lists/*;

VOLUME /var/www/html
ENV NEXTCLOUD_VERSION 21.0.7

ENTRYPOINT ["/custom_entrypoint.sh"]
CMD ["php-fpm"]