Initial CI

.drone.yml

@@ -0,0 +1,146 @@
+kind: pipeline
+type: docker
+name: publish-amd64
+
+platform:
+  arch: amd64
+
+steps:
+- name: prepare
+  image: alpine:latest
+  commands:
+  - sed -i'' "s/NEXTCLOUD_VERSION/$(echo "${DRONE_TAG}" | sed 's/-[[:alnum:]]\+$//')/g" Dockerfile
+
+- name: push
+  image: plugins/docker:20
+  settings:
+    username: asonix
+    password:
+      from_secret: dockerhub_token
+    repo: asonix/nextcloud
+    dockerfile: Dockerfile
+    auto_tag: true
+    auto_tag_suffix: linux-amd64
+    build_args:
+    - REPO_ARCH=amd64
+
+trigger:
+  event:
+  - tag
+
+---
+
+kind: pipeline
+type: docker
+name: publish-arm64v8
+
+platform:
+  arch: amd64
+
+steps:
+- name: prepare
+  image: alpine:latest
+  commands:
+  - sed -i'' "s/NEXTCLOUD_VERSION/$(echo "${DRONE_TAG}" | sed 's/-[[:alnum:]]\+$//')/g" Dockerfile
+
+- name: push
+  image: plugins/docker:20
+  settings:
+    username: asonix
+    password:
+      from_secret: dockerhub_token
+    repo: asonix/nextcloud
+    dockerfile: Dockerfile
+    auto_tag: true
+    auto_tag_suffix: linux-arm64v8
+    build_args:
+    - REPO_ARCH=arm64v8
+
+trigger:
+  event:
+  - tag
+
+---
+
+kind: pipeline
+type: docker
+name: publish-arm32v7
+
+platform:
+  arch: amd64
+
+steps:
+- name: prepare
+  image: alpine:latest
+  commands:
+  - sed -i'' "s/NEXTCLOUD_VERSION/$(echo "${DRONE_TAG}" | sed 's/-[[:alnum:]]\+$//')/g" Dockerfile
+
+- name: push
+  image: plugins/docker:20
+  settings:
+    username: asonix
+    password:
+      from_secret: dockerhub_token
+    repo: asonix/nextcloud
+    dockerfile: Dockerfile
+    auto_tag: true
+    auto_tag_suffix: linux-arm32v7
+    build_args:
+    - REPO_ARCH=arm32v7
+
+trigger:
+  event:
+  - tag
+
+---
+
+kind: pipeline
+type: docker
+name: manifest
+
+platform:
+  arch: amd64
+
+steps:
+- name: manifest
+  image: plugins/manifest:1
+  settings:
+    username: asonix
+    password:
+      from_secret: dockerhub_token
+    dump: true
+    auto_tag: true
+    ignore_missing: true
+    spec: manifest.tmpl
+
+
+depends_on:
+- publish-amd64
+- publish-arm64v8
+- publish-arm32v7
+
+trigger:
+  event:
+  - tag
+
+---
+
+kind: pipeline
+type: docker
+name: cron
+
+steps:
+- name: tag
+  image: asonix/release-checker:0.1
+  pull: always
+  environment:
+    GITEA_TOKEN:
+      from_secret: gitea_token
+  commands:
+  - /usr/local/bin/release-checker
+
+trigger:
+  event:
+  - custom
+  - cron
+

Check.toml

@@ -0,0 +1,10 @@
+[project]
+kind = "dockerhub"
+namespace = "linuxserver"
+repository = "nextcloud"
+regex = "php8-\\d\\.\\d\\.\\d-ls\\d\\+"
+
+[gitea]
+domain = "git.asonix.dog"
+owner = "asonix"
+repo = "docker-nextcloud"

Dockerfile

@@ -0,0 +1,8 @@
+ARG REPO_ARCH
+
+FROM linuxserver/nextcloud:$REPO_ARCH-NEXTCLOUD_VERSION
+
+ADD https://github.com/nextcloud/notify_push/releases/download/v0.3.0/notify_push-aarch64-unknown-linux-musl /usr/local/bin/notify_push
+RUN chmod +x /usr/local/bin/notify_push
+
+COPY root/ /

manifest.tmpl

@@ -0,0 +1,19 @@
+image: asonix/nextcloud:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
+manifests:
+  -
+    image: asonix/nextcloud:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  -
+    image: asonix/nextcloud:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64v8
+    platform:
+      architecture: arm64
+      os: linux
+      variant: v8
+  -
+    image: asonix/nextcloud:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm32v7
+    platform:
+      architecture: arm
+      os: linux
+      variant: v7

root/defaults/default

@@ -0,0 +1,96 @@
+upstream php-handler {
+    server 127.0.0.1:9000;
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name _;
+
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Robots-Tag none;
+    add_header X-Download-Options noopen;
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-Permitted-Cross-Domain-Policies none;
+    add_header Referrer-Policy no-referrer;
+    fastcgi_hide_header X-Powered-By;
+    root /config/www/nextcloud/;
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    # Make a regex exception for `/.well-known` so that clients can still
+    # access it despite the existence of the regex rule
+    # `location ~ /(\.|autotest|...)` which would otherwise handle requests
+    # for `/.well-known`.
+    location ^~ /.well-known {
+        # The following 6 rules are borrowed from `.htaccess`
+
+        location = /.well-known/carddav     { return 301 /remote.php/dav/; }
+        location = /.well-known/caldav      { return 301 /remote.php/dav/; }
+        # Anything else is dynamically handled by Nextcloud
+        location ^~ /.well-known            { return 301 /index.php$uri; }
+
+        try_files $uri $uri/ =404;
+    }
+    client_max_body_size 10G;
+    fastcgi_buffers 64 4K;
+    gzip on;
+    gzip_vary on;
+    gzip_comp_level 4;
+    gzip_min_length 256;
+    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
+    gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
+    location / {
+        rewrite ^ /index.php;
+    }
+    location /push/ {
+        proxy_pass http://127.0.0.1:7867/;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+    location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
+        deny all;
+    }
+    location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
+        deny all;
+    }
+    location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|ocm-provider\/.+)\.php(?:$|\/) {
+        fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
+        try_files $fastcgi_script_name =404;
+        include /etc/nginx/fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        fastcgi_param HTTPS on;
+        fastcgi_param modHeadersAvailable true;
+        fastcgi_param front_controller_active true;
+        fastcgi_pass php-handler;
+        fastcgi_intercept_errors on;
+        fastcgi_request_buffering off;
+    }
+
+    location ~ ^\/(?:updater|ocs-provider|ocm-provider)(?:$|\/) {
+        try_files $uri/ =404;
+        index index.php;
+    }
+    location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
+        try_files $uri /index.php$request_uri;
+        add_header Cache-Control "public, max-age=15778463";
+        add_header X-Content-Type-Options nosniff;
+        add_header X-XSS-Protection "1; mode=block";
+        add_header X-Robots-Tag none;
+        add_header X-Download-Options noopen;
+        add_header X-Frame-Options "SAMEORIGIN";
+        add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
+        access_log off;
+    }
+    location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
+        try_files $uri /index.php$request_uri;
+        access_log off;
+    }
+}

root/etc/services.d/notify_push/run

@@ -0,0 +1,4 @@
+#!/usr/bin/with-contenv bash
+
+export NEXTCLOUD_URL=http://localhost:80
+exec /usr/local/bin/notify_push /config/www/nextcloud/config/config.php