dockeranddocker-composeopenssl
pacman -S docker docker-compose pwgen ssl-cert-check
sudo systemctl enable --now docker.servicegit clone [email protected]:Lishux/nextcloud.git && cd nextcloud
./build.sh xxxsubstitute xxx with your host’s real ip
[ -z "$1" ] && host_ip=xxx || host_ip="$1"
# if inside GFW
[ -z "$2" ] && proxy= || proxy="host.docker.internal:$2"host.docker.internal:$2 is for share host proxy
check if a certificate file is expire within 10 days
expired () {
ssl-cert-check -c "$1" -x 10 | awk '{print $2}' | tail -1 | cut -c-5
}Expired or expiring certificate (after 10 days) begins with “Expir”
create a self-signed certificate in your private directory (./.private here)
[ -d ./.private ] || mkdir ./.private/
key_file=./.private/"${host_ip}".crt
[ -f "$key_file" ] && [ "$(expired $key_file)" != "Expir" ] || openssl req -x509 -out ./.private/${host_ip}.crt -keyout ./.private/${host_ip}.key \
-newkey rsa:4096 -nodes -sha256 -days 90\
-subj "/CN=${host_ip}" -extensions EXT -config <( \
printf "[dn]\nCN=${host_ip}\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:${host_ip}\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")${host_ip} is your machine’s real ip. For more details see
Generate_a_self-signed_certificate_with_private_key_in_a_single_command
making-and-trusting-your-own-certificates.
./.private/db.env should have following contents.
[ -f ./.private/db.env ] || cat > ./.private/db.env <<EOF
MYSQL_ROOT_PASSWORD=$(pwgen -c -n -y -s -1 -r \$\#\,\&)
MYSQL_PASSWORD=$(pwgen -c -n -y -s -1 -r \$\#\,\&)
MYSQL_DATABASE=nextcloud
MYSQL_USER=nextcloud
REDIS_HOST_PASSWORD=$(pwgen -c -n -y -s -1 -r \$\#\,\&)
EOFBash Templating: How to build configuration files from templates with Bash? -…
envsub () {
eval "cat <<EOF
$(<$1)
EOF"
}
. ./.private/db.env
# FIXME try built in =envsubst=
envsub ./templates/Caddyfile > Caddyfile
envsub ./templates/docker-compose.yaml > docker-compose.yamlSpace separated list for TRUSTED_PROXIES in docker-compose.yml may not work
properly, you may add following entry in /var/www/html/config/config.php in
the docker container.
'trusted_proxies' =>
array (
0 => '\'192.168.0.0/16\'',
1 => '\'172.16.0.0/12\'',
),Local — Nextcloud latest Administration Manual latest documentation
volumes:
- /local/path:/docker/path
Configure Docker to use a proxy server | Docker Docs
but this cause all container use proxy, then there’s error with caddy for
proxy only inside nextcloud app, see ./templates/docker-compose.yaml
Caching helps reduce the load on the primary storage and speeds up access to frequently accessed data. While Redis is fast, it is an in-memory data store, meaning it stores all data in RAM.
kb:cert override {Zotero Documentation} GitHub - Osmose/firefox-cert-override: Python library and CLI for reading and…
pipx install firefox-cert-override
~/.local/bin/firefox-cert-override xxx:443=xxx.crt[U] > cert_override.txt
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent