update nextcloud

README.md

@@ -136,7 +136,6 @@ A collection of delicious docker recipes.
 - [x] mantisbt
 - [x] mediagoblin
 - [x] netdata
-- [x] nextcloud :+1:
 - [x] nginad
 - [x] nodebb :+1:
 - [x] opencart
@@ -229,6 +228,7 @@ A collection of delicious docker recipes.
     - [ ] python
 - [x] gogs :cn:
 - [x] haproxy
+- [x] indiehosters/nextcloud
 - [x] jazzdd/phpvirtualbox
 - [x] jenkins
 - [x] jupyter/notebook

nextcloud/README.md

@@ -7,27 +7,36 @@ nextcloud
 
 ```yaml
 nextcloud:
-  image: vimagick/nextcloud
+  image: indiehosters/nextcloud
   ports:
-    - "8080:80"
+    - "127.0.0.1:9000:9000"
   volumes:
-    - ./data:/var/www/html/data
+    - ./data/apps:/var/www/html/apps
+    - ./data/config:/var/www/html/config
+    - ./data/data:/var/www/html/data
+  restart: always
+
+nginx:
+  image: nginx:alpine
+  volumes:
+    - ./nginx.conf:/etc/nginx/conf.d/default.conf
+  volumes_from:
+    - nextcloud
+  net: host
   restart: always
 ```
 
 ## Server Setup
 
 ```bash
-$ mkdir data
-$ chown www-data:www-data data
 $ docker-compose up -d
 ```
 
 ## Client Setup
 
-- Android: <https://download.nextcloud.com/android/nextcloud-10010099.apk>
+- Android: <https://download.nextcloud.com/android/>
 - Linux: <https://software.opensuse.org/download/package?project=isv:ownCloud:desktop&package=owncloud-client>
-- MacOSX: <https://download.owncloud.com/desktop/stable/ownCloud-2.2.2.3472.pkg>
-- Windows: <https://download.owncloud.com/desktop/stable/ownCloud-2.2.2.6192-setup.exe>
+- MacOSX: <https://download.owncloud.com/desktop/stable/ownCloud-2.2.4.3709.pkg>
+- Windows: <https://download.owncloud.com/desktop/stable/ownCloud-2.2.4.6408-setup.exe>
 
 [1]: https://nextcloud.com/

nextcloud/docker-compose.yml

@@ -1,7 +1,18 @@
 nextcloud:
-  image: vimagick/nextcloud
+  image: indiehosters/nextcloud
   ports:
-    - "8080:80"
+    - "127.0.0.1:9000:9000"
   volumes:
-    - ./data:/var/www/html/data
+    - ./data/apps:/var/www/html/apps
+    - ./data/config:/var/www/html/config
+    - ./data/data:/var/www/html/data
+  restart: always
+
+nginx:
+  image: nginx:alpine
+  volumes:
+    - ./nginx.conf:/etc/nginx/conf.d/default.conf
+  volumes_from:
+    - nextcloud
+  net: host
   restart: always

nextcloud/nginx.conf

@@ -0,0 +1,78 @@
+server {
+    listen 80;
+    server_name cloud.easypi.info;
+
+    # Add headers to serve security related headers
+    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
+    add_header X-Content-Type-Options nosniff;
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Robots-Tag none;
+    add_header X-Download-Options noopen;
+    add_header X-Permitted-Cross-Domain-Policies none;
+
+    root /var/www/html;
+    client_max_body_size 10G; # 0=unlimited - set max upload size
+    fastcgi_buffers 64 4K;
+
+    gzip off;
+
+    index index.php;
+    error_page 403 /core/templates/403.php;
+    error_page 404 /core/templates/404.php;
+
+    rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
+    rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
+
+    location = /robots.txt {
+      allow all;
+      log_not_found off;
+      access_log off;
+    }
+
+    location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
+      deny all;
+    }
+
+    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
+      deny all;
+    }
+
+    location / {
+      rewrite ^/remote/(.*) /remote.php last;
+      rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+      try_files $uri $uri/ =404;
+    }
+
+    location ~ \.php(?:$|/) {
+      fastcgi_split_path_info ^(.+\.php)(/.+)$;
+      include fastcgi_params;
+      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+      fastcgi_param PATH_INFO $fastcgi_path_info;
+      fastcgi_param HTTPS off;
+      fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
+      fastcgi_pass 127.0.0.1:9000;
+      fastcgi_intercept_errors on;
+    }
+
+    # Adding the cache control header for js and css files
+    # Make sure it is BELOW the location ~ \.php(?:$|/) block
+    location ~* \.(?:css|js)$ {
+      add_header Cache-Control "public, max-age=7200";
+      # Add headers to serve security related headers
+      add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
+      add_header X-Content-Type-Options nosniff;
+      add_header X-Frame-Options "SAMEORIGIN";
+      add_header X-XSS-Protection "1; mode=block";
+      add_header X-Robots-Tag none;
+      add_header X-Download-Options noopen;
+      add_header X-Permitted-Cross-Domain-Policies none;
+      # Optional: Don't log access to assets
+      access_log off;
+    }
+
+    # Optional: Don't log access to other assets
+    location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
+      access_log off;
+    }
+}