robin/haze
1
0
Fork 0
mirror of https://codeberg.org/icewind/haze.git synced 2026-06-03 09:04:12 +02:00
Code Issues Projects Releases Wiki Activity

initial nix based docker images

Browse source
This commit is contained in:
Robin Appelman 2025-06-07 18:24:39 +02:00
commit 06bf3b4b62
72 changed files with 472 additions and 789 deletions
Download patch file Download diff file Expand all files Collapse all files

43
nix/image/bootstrap-nginx.sh Executable file
View file

@ -0,0 +1,43 @@
#!/usr/bin/env bash
NGINX_CONFIG="$1"
FPM_CONFIG="$2"
echo "nginx: $NGINX_CONFIG"
echo "fpm: $FPM_CONFIG"
mkdir -p /var/log/nginx /tmp
touch /var/log/nginx/access.log
touch /var/log/nginx/error.log
tail --follow --retry /var/log/nginx/*.log &
HAZE_UID=${HAZE_UID:-1000}
HAZE_GID=${HAZE_GID:-1000}
# undo the fakeNss symlink
mv /etc/passwd /etc/passwd.bak
cp /etc/passwd.bak /etc/passwd
mv /etc/group /etc/group.bak
cp /etc/group.bak /etc/group
if [ "$(getent group "$HAZE_GID")" ]; then
groupadd haze
EXTRA_GROUP=" -G haze"
else
groupadd -g "$HAZE_GID" haze
EXTRA_GROUP=""
fi
useradd -m -u "$HAZE_UID" -g "$HAZE_GID""$EXTRA_GROUP" haze
chown -R haze:"$HAZE_GID" /home/haze
if [ -f "/var/run/docker.sock" ]; then
groupadd docker -g "$(stat --format "%g" /var/run/docker.sock)"
usermod -a -G docker haze
fi
php-fpm --fpm-config "$FPM_CONFIG" &
nginx -c "$NGINX_CONFIG"

107
nix/image/bootstrap.sh Executable file
View file

@ -0,0 +1,107 @@
#!/usr/bin/env bash
touch /var/log/nginx/access.log
touch /var/log/nginx/error.log
touch /var/log/cron/owncloud.log
cp /etc/nc/config.php /var/www/html/config/config.php
chmod 0755 /var/www/html/config/config.php
if [ "$SQL" = "mysql" ]
then
cp /etc/nc/autoconfig_mysql.php /var/www/html/config/autoconfig.php
fi
if [ "$SQL" = "mariadb" ]
then
cp /etc/nc/autoconfig_mariadb.php /var/www/html/config/autoconfig.php
fi
if [ "$SQL" = "pgsql" ]
then
cp /etc/nc/autoconfig_pgsql.php /var/www/html/config/autoconfig.php
fi
if [ "$SQL" = "oci" ]
then
cp /etc/nc/autoconfig_oci.php /var/www/html/config/autoconfig.php
fi
HAZE_UID=${HAZE_UID:-www-data}
HAZE_GID=${HAZE_GID:-www-data}
echo "Running as $HAZE_UID:$HAZE_GID"
mkdir -p /var/www/html/core/skeleton /var/www/html/build/integration/vendor /var/www/html/build/integration/output /var/www/html/build/integration/work /var/www/html/core/skeleton /var/www/.composer/cache /var/www/html/apps/spreed/tests/integration/vendor/composer
chown -R "$HAZE_UID":"$HAZE_GID" /var/www/html/data /var/www/html/config
chown "$HAZE_UID":"$HAZE_GID" /var/www/html/core/skeleton /var/www/html/build/integration/vendor /var/www/html/build/integration/composer.lock /var/www/html/build/integration/output /var/www/html/build/integration/work /var/www/html/core/skeleton /var/www/.composer/cache /var/www/html/apps/spreed/tests/integration/vendor/composer
echo "{}" > /var/www/html/build/integration/composer.lock
echo "Starting server using $SQL database…"
tail --follow --retry /var/log/nginx/*.log /var/log/cron/owncloud.log &
if [ -n "${S3:-}" ]
then
sed -i '/\/\/PLACEHOLDER/ r /etc/nc/s3.php' /var/www/html/config/config.php
fi
if [ -n "${S3MB:-}" ]
then
sed -i '/\/\/PLACEHOLDER/ r /etc/nc/s3mb.php' /var/www/html/config/config.php
fi
if [ -n "${S3M:-}" ]
then
sed -i '/\/\/PLACEHOLDER/ r /etc/nc/s3m.php' /var/www/html/config/config.php
fi
if [ -n "${SWIFT:-}" ]
then
sed -i '/\/\/PLACEHOLDER/ r /etc/nc/swift.php' /var/www/html/config/config.php
fi
if [ -n "${SWIFTV3:-}" ]
then
sed -i '/\/\/PLACEHOLDER/ r /etc/nc/swiftv3.php' /var/www/html/config/config.php
fi
if [ -n "${AZURE:-}" ]
then
sed -i '/\/\/PLACEHOLDER/ r /etc/nc/azure.php' /var/www/html/config/config.php
fi
if [ -n "${REDIS_TLS:-}" ]
then
sed -i '/\/\/PLACEHOLDER/ r /etc/nc/redis-tls.php' /var/www/html/config/config.php
else
sed -i '/\/\/PLACEHOLDER/ r /etc/nc/redis-default.php' /var/www/html/config/config.php
fi
if [ -n "${BLACKFIRE_SERVER_ID:-}" ]
then
sh -c '
yes | blackfire agent:config --server-id=$BLACKFIRE_SERVER_ID --server-token=$BLACKFIRE_SERVER_TOKEN
mkdir /var/run/blackfire/
BLACKFIRE_LOG_LEVEL=4 BLACKFIRE_LOG_FILE=/var/log/agent.log blackfire agent &
'&
fi
# crontab /etc/oc-cron.conf
# crond -f & # todo
if [ -n "${REDIS_TLS:-}" ]
then
redis-server --protected-mode no \
--tls-port 6379 --port 0 \
--tls-cert-file /redis-certificates/server.crt \
--tls-key-file /redis-certificates/server.key \
--tls-ca-cert-file /redis-certificates/ca.crt &
else
redis-server --protected-mode no &
fi
echo "starting nginx"
bootstrap-nginx "$@"

8
nix/image/configs.nix Normal file
View file

@ -0,0 +1,8 @@
{runCommand}:
runCommand "configs" {} ''
mkdir -p $out/etc
mkdir -p $out/conf
cp ${./configs/cron.conf} $out/etc/oc-cron.conf
cp ${./configs/nginx-app.conf} $out/conf/nginx-app.conf
cp -r ${./configs/nc} $out/etc/nc
''

9
nix/image/configs/.aws/config Normal file
View file

@ -0,0 +1,9 @@
[default]
s3 =
endpoint_url = http://s3:4566
s3api =
endpoint_url = http://s3:4566
[plugins]
endpoint = awscli_plugin_endpoint
cli_legacy_plugin_path = /usr/local/lib/python3.7/dist-packages

3
nix/image/configs/.aws/credentials Normal file
View file

@ -0,0 +1,3 @@
[default]
aws_access_key_id = dummy
aws_secret_access_key = dummy

645
nix/image/configs/.gdbinit Normal file
View file

@ -0,0 +1,645 @@
define set_ts
set $tsrm_ls = $arg0
end
document set_ts
set the ts resource, it is impossible for gdb to
call ts_resource_ex while no process is running,
but we could get the resource from the argument
of frame info.
end
define ____executor_globals
if basic_functions_module.zts
set $tsrm_ls = _tsrm_ls_cache
set $eg = ((zend_executor_globals*) (*((void ***) $tsrm_ls))[executor_globals_id-1])
set $cg = ((zend_compiler_globals*) (*((void ***) $tsrm_ls))[compiler_globals_id-1])
set $eg_ptr = $eg
else
set $eg = executor_globals
set $cg = compiler_globals
set $eg_ptr = (zend_executor_globals*) &executor_globals
end
end
document ____executor_globals
portable way of accessing executor_globals, set $eg
this also sets compiler_globals to $cg
ZTS detection is automatically based on ext/standard module struct
end
define print_cvs
if $argc == 0
____executor_globals
set $cv_ex_ptr = $eg.current_execute_data
else
set $cv_ex_ptr = (zend_execute_data *)$arg0
end
set $cv_count = $cv_ex_ptr.func.op_array.last_var
set $cv = $cv_ex_ptr.func.op_array.vars
set $cv_idx = 0
set $callFrameSize = (sizeof(zend_execute_data) + sizeof(zval) - 1) / sizeof(zval)
printf "Compiled variables count: %d\n\n", $cv_count
while $cv_idx < $cv_count
printf "[%d] '%s'\n", $cv_idx, $cv[$cv_idx].val
set $zvalue = ((zval *) $cv_ex_ptr) + $callFrameSize + $cv_idx
printzv $zvalue
set $cv_idx = $cv_idx + 1
end
end
document print_cvs
Prints the compiled variables and their values.
If a zend_execute_data pointer is set this will print the compiled
variables of that scope. If no parameter is used it will use
current_execute_data for scope.
usage: print_cvs [zend_execute_data *]
end
define dump_bt
set $ex = $arg0
while $ex
printf "[%p] ", $ex
set $func = $ex->func
if $func
if $ex->This->value.obj
if $func->common.scope
printf "%s->", $func->common.scope->name->val
else
printf "%s->", $ex->This->value.obj->ce.name->val
end
else
if $func->common.scope
printf "%s::", $func->common.scope->name->val
end
end
if $func->common.function_name
printf "%s(", $func->common.function_name->val
else
printf "(main"
end
set $callFrameSize = (sizeof(zend_execute_data) + sizeof(zval) - 1) / sizeof(zval)
set $count = $ex->This.u2.num_args
set $arg = 0
while $arg < $count
if $arg > 0
printf ", "
end
set $zvalue = (zval *) $ex + $callFrameSize + $arg
set $type = $zvalue->u1.v.type
if $type == 1
printf "NULL"
end
if $type == 2
printf "false"
end
if $type == 3
printf "true"
end
if $type == 4
printf "%ld", $zvalue->value.lval
end
if $type == 5
printf "%f", $zvalue->value.dval
end
if $type == 6
____print_str $zvalue->value.str->val $zvalue->value.str->len
end
if $type == 7
printf "array(%d)[%p]", $zvalue->value.arr->nNumOfElements, $zvalue
end
if $type == 8
printf "object[%p]", $zvalue
end
if $type == 9
printf "resource(#%d)", $zvalue->value.lval
end
if $type == 10
printf "reference"
end
if $type > 10
printf "unknown type %d", $type
end
set $arg = $arg + 1
end
printf ") "
else
printf "??? "
end
if $func != 0
if $func->type == 2
printf "%s:%d ", $func->op_array.filename->val, $ex->opline->lineno
else
printf "[internal function]"
end
end
set $ex = $ex->prev_execute_data
printf "\n"
end
end
document dump_bt
dumps the current execution stack. usage: dump_bt executor_globals.current_execute_data
end
define printzv
set $ind = 1
____printzv $arg0 0
end
document printzv
prints zval contents
end
define ____printzv_contents
set $zvalue = $arg0
set $type = $zvalue->u1.v.type
# 15 == IS_INDIRECT
if $type > 5 && $type < 12
printf "(refcount=%d) ", $zvalue->value.counted->gc.refcount
end
if $type == 0
printf "UNDEF"
end
if $type == 1
printf "NULL"
end
if $type == 2
printf "bool: false"
end
if $type == 3
printf "bool: true"
end
if $type == 4
printf "long: %ld", $zvalue->value.lval
end
if $type == 5
printf "double: %f", $zvalue->value.dval
end
if $type == 6
printf "string: %s", $zvalue->value.str->val
end
if $type == 7
printf "array: "
if ! $arg1
set $ind = $ind + 1
____print_ht $zvalue->value.arr 1
set $ind = $ind - 1
set $i = $ind
while $i > 0
printf " "
set $i = $i - 1
end
end
set $type = 0
end
if $type == 8
printf "object"
____executor_globals
set $handle = $zvalue->value.obj.handle
set $handlers = $zvalue->value.obj.handlers
set $zobj = $zvalue->value.obj
set $cname = $zobj->ce->name->val
printf "(%s) #%d", $cname, $handle
if ! $arg1
if $handlers->get_properties == &zend_std_get_properties
if $zobj->properties
printf "\nProperties "
set $ht = $zobj->properties
set $ind = $ind + 1
____print_ht $ht 1
set $ind = $ind - 1
set $i = $ind
while $i > 0
printf " "
set $i = $i - 1
end
else
printf " {\n"
set $ht = &$zobj->ce->properties_info
set $k = 0
set $num = $ht->nNumUsed
while $k < $num
set $p = (Bucket*)($ht->arData + $k)
set $name = $p->key
set $prop = (zend_property_info*)$p->val.value.ptr
set $val = (zval*)((char*)$zobj + $prop->offset)
printf "%s => ", $name->val
printzv $val
set $k = $k + 1
end
end
end
end
set $type = 0
end
if $type == 9
printf "resource: #%d", $zvalue->value.res->handle
end
if $type == 10
printf "reference: "
____printzv &$zvalue->value.ref->val $arg1
end
if $type == 11
printf "CONSTANT_AST"
end
if $type == 12
printf "indirect: "
____printzv $zvalue->value.zv $arg1
end
if $type == 13
printf "pointer: %p", $zvalue->value.ptr
end
if $type == 15
printf "_ERROR"
end
if $type == 16
printf "_BOOL"
end
if $type == 17
printf "_NUMBER"
end
if $type > 17
printf "unknown type %d", $type
end
printf "\n"
end
define ____printzv
____executor_globals
set $zvalue = $arg0
printf "[%p] ", $zvalue
set $zcontents = (zval*) $zvalue
if $arg1
____printzv_contents $zcontents $arg1
else
____printzv_contents $zcontents 0
end
end
define print_global_vars
____executor_globals
set $symtable = ((HashTable *)&($eg_ptr->symbol_table))
print_ht $symtable
end
document print_global_vars
Prints the global variables
end
define print_const_table
set $ind = 1
printf "[%p] {\n", $arg0
____print_ht $arg0 4
printf "}\n"
end
document print_const_table
Dumps elements of Constants HashTable
Example: print_const_table executor_globals.zend_constants
end
define ____print_ht
set $ht = (HashTable*)$arg0
set $n = $ind
while $n > 0
printf " "
set $n = $n - 1
end
if $ht->u.v.flags & 4
printf "Packed"
else
printf "Hash"
end
printf "(%d)[%p]: {\n", $ht->nNumOfElements, $ht
set $num = $ht->nNumUsed
set $i = 0
set $ind = $ind + 1
while $i < $num
set $p = (Bucket*)($ht->arData + $i)
set $n = $ind
if $p->val.u1.v.type > 0
while $n > 0
printf " "
set $n = $n - 1
end
printf "[%d] ", $i
if $p->key
____print_str $p->key->val $p->key->len
printf " => "
else
printf "%d => ", $p->h
end
if $arg1 == 0
printf "%p\n", (zval *)&$p->val
end
if $arg1 == 1
set $zval = (zval *)&$p->val
____printzv $zval 1
end
if $arg1 == 2
printf "%s\n", (char*)$p->val.value.ptr
end
if $arg1 == 3
set $func = (zend_function*)$p->val.value.ptr
printf "\"%s\"\n", $func->common.function_name->val
end
if $arg1 == 4
set $const = (zend_constant *)$p->val.value.ptr
____printzv $const 1
end
end
set $i = $i + 1
end
set $ind = $ind - 1
printf "}\n"
end
define print_ht
set $ind = 0
____print_ht $arg0 1
end
document print_ht
dumps elements of HashTable made of zval
end
define print_htptr
set $ind = 0
____print_ht $arg0 0
end
document print_htptr
dumps elements of HashTable made of pointers
end
define print_htstr
set $ind = 0
____print_ht $arg0 2
end
document print_htstr
dumps elements of HashTable made of strings
end
define print_ft
set $ind = 0
____print_ht $arg0 3
end
document print_ft
dumps a function table (HashTable)
end
define ____print_inh_class
set $ce = $arg0
if $ce->ce_flags & 0x10 || $ce->ce_flags & 0x20
printf "abstract "
else
if $ce->ce_flags & 0x40
printf "final "
end
end
printf "class %s", $ce->name->val
if $ce->parent != 0
printf " extends %s", $ce->parent->name->val
end
if $ce->num_interfaces != 0
printf " implements"
set $tmp = 0
while $tmp < $ce->num_interfaces
printf " %s", $ce->interfaces[$tmp]->name->val
set $tmp = $tmp + 1
if $tmp < $ce->num_interfaces
printf ","
end
end
end
set $ce = $ce->parent
end
define ____print_inh_iface
set $ce = $arg0
printf "interface %s", $ce->name->val
if $ce->num_interfaces != 0
set $ce = $ce->interfaces[0]
printf " extends %s", $ce->name->val
else
set $ce = 0
end
end
define print_inh
set $ce = $arg0
set $depth = 0
while $ce != 0
set $tmp = $depth
while $tmp != 0
printf " "
set $tmp = $tmp - 1
end
set $depth = $depth + 1
if $ce->ce_flags & 0x80
____print_inh_iface $ce
else
____print_inh_class $ce
end
printf " {\n"
end
while $depth != 0
set $tmp = $depth
while $tmp != 1
printf " "
set $tmp = $tmp - 1
end
printf "}\n"
set $depth = $depth - 1
end
end
define print_pi
set $pi = (zend_property_info *)$arg0
set $initial_offset = ((uint32_t)(zend_uintptr_t)(&((zend_object*)0)->properties_table[(0)]))
set $ptr_to_val = (zval*)((char*)$pi->ce->default_properties_table + $pi->offset - $initial_offset)
printf "[%p] {\n", $pi
printf " offset = %p\n", $pi->offset
printf " ce = [%p] %s\n", $pi->ce, $pi->ce->name->val
printf " flags = 0x%x (", $pi->flags
if $pi->flags & 0x100
printf "ZEND_ACC_PUBLIC"
else
if $pi->flags & 0x200
printf "ZEND_ACC_PROTECTED"
else
if $pi->flags & 0x400
printf "ZEND_ACC_PRIVATE"
else
if $pi->flags & 0x800
printf "ZEND_ACC_EARLY_BINDING"
else
if $pi->flags & 0x20000
printf "ZEND_ACC_SHADOW"
end
end
end
end
end
printf ")\n"
printf " name = "
print_zstr $pi->name
printf " default value: "
printzv $ptr_to_val
printf "}\n"
end
document print_pi
Takes a pointer to an object's property and prints the property information
usage: print_pi <ptr>
end
define ____print_str
set $tmp = 0
set $str = $arg0
if $argc > 2
set $maxlen = $arg2
else
set $maxlen = 256
end
printf "\""
while $tmp < $arg1 && $tmp < $maxlen
if $str[$tmp] > 31 && $str[$tmp] < 127
printf "%c", $str[$tmp]
else
printf "\\%o", $str[$tmp]
end
set $tmp = $tmp + 1
end
if $tmp != $arg1
printf "..."
end
printf "\""
end
define printzn
____executor_globals
set $ind = 0
set $znode = $arg0
if $znode->op_type == 1
set $optype = "IS_CONST"
end
if $znode->op_type == 2
set $optype = "IS_TMP_VAR"
end
if $znode->op_type == 4
set $optype = "IS_VAR"
end
if $znode->op_type == 8
set $optype = "IS_UNUSED"
end
printf "[%p] %s", $znode, $optype
if $znode->op_type == 1
printf ": "
____printzv &$znode->u.constant 0
end
if $znode->op_type == 2
printf ": "
set $tvar = (union _temp_variable *)((char *)$eg.current_execute_data->Ts + $znode->u.var)
____printzv ((union _temp_variable *)$tvar)->tmp_var 0
end
if $znode->op_type == 4
printf ": "
set $tvar = (union _temp_variable *)((char *)$eg.current_execute_data->Ts + $znode->u.var)
____printzv *$tvar->var.ptr_ptr 0
end
if $znode->op_type == 8
printf "\n"
end
end
document printzn
print type and content of znode.
usage: printzn &opline->op1
end
define printzops
printf "op1 => "
printzn &execute_data->opline.op1
printf "op2 => "
printzn &execute_data->opline.op2
printf "result => "
printzn &execute_data->opline.result
end
document printzops
dump operands of the current opline
end
define print_zstr
set $zstr = (zend_string *)$arg0
if $argc == 2
set $maxlen = $arg1
else
set $maxlen = $zstr->len
end
printf "string(%d) ", $zstr->len
____print_str $zstr->val $zstr->len $maxlen
printf "\n"
end
document print_zstr
print the length and contents of a zend string
usage: print_zstr <ptr> [max length]
end
define zbacktrace
____executor_globals
dump_bt $eg.current_execute_data
end
document zbacktrace
prints backtrace.
This command is almost a short cut for
> (gdb) ____executor_globals
> (gdb) dump_bt $eg.current_execute_data
end
define lookup_root
set $found = 0
if gc_globals->roots
set $current = gc_globals->roots->next
printf "looking ref %p in roots\n", $arg0
while $current != &gc_globals->roots
if $current->ref == $arg0
set $found = $current
break
end
set $current = $current->next
end
if $found != 0
printf "found root %p\n", $found
else
printf "not found\n"
end
end
end
document lookup_root
lookup a refcounted in root
usage: lookup_root [ptr].
end

6
nix/image/configs/.s3cfg Normal file
View file

@ -0,0 +1,6 @@
[default]
access_key = minio
secret_key = minio123
host_base = http://s3:9000/
host_bucket = http://s3:9000/%(bucket)
check_ssl_certificate = False

2
nix/image/configs/cron.conf Normal file
View file

@ -0,0 +1,2 @@
# m h dom mon dow command
*/5 * * * * sudo -u haze php -f /var/www/html/cron.php >> /var/log/cron/haze.log 2>&1

10
nix/image/configs/ldap.php Normal file
View file

@ -0,0 +1,10 @@
'objectstore' => [
'class' => 'OC\\Files\\ObjectStore\\Azure',
'arguments' => array(
'container' => 'test',
'account_name' => 'devstoreaccount1',
'account_key' => 'Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==',
'endpoint' => 'http://azure:10000/devstoreaccount1',
'autocreate' => true
)
],

22
nix/image/configs/ldap/seed.ldif Normal file
View file

@ -0,0 +1,22 @@
# Entry 3: cn=ldaptest,dc=example,dc=org
dn: cn=ldaptest,dc=example,dc=org
cn: ldaptest
gidnumber: 500
givenname: ldap
homedirectory: /home/users/ldaptest
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
objectclass: organizationalPerson
sn: test
uid: ldaptest
uidnumber: 1000
# userpassword = test
userpassword: {MD5}CY9rzUYh03PK3k6DJie09g==
# Entry 4: cn=test,dc=example,dc=org
dn: cn=test,dc=example,dc=org
cn: test
gidnumber: 500
objectclass: posixGroup
objectclass: top

9
nix/image/configs/nc/autoconfig_ldap.php Normal file
View file

@ -0,0 +1,9 @@
<?php
$AUTOCONFIG = [
'dbname' => 'haze',
'dbhost' => 'pgsql',
'dbuser' => 'haze',
'dbpass' => 'haze',
'dbtype' => 'pgsql'
];

9
nix/image/configs/nc/autoconfig_mariadb.php Normal file
View file

@ -0,0 +1,9 @@
<?php
$AUTOCONFIG = [
'dbname' => 'haze',
'dbhost' => 'mariadb',
'dbuser' => 'haze',
'dbpass' => 'haze',
'dbtype' => 'mysql'
];

9
nix/image/configs/nc/autoconfig_mysql.php Normal file
View file

@ -0,0 +1,9 @@
<?php
$AUTOCONFIG = [
'dbname' => 'haze',
'dbhost' => 'mysql',
'dbuser' => 'haze',
'dbpass' => 'haze',
'dbtype' => 'mysql'
];

9
nix/image/configs/nc/autoconfig_oci.php Normal file
View file

@ -0,0 +1,9 @@
<?php
$AUTOCONFIG = [
'dbname' => 'xe',
'dbhost' => 'oracle',
'dbuser' => 'system',
'dbpass' => 'haze',
'dbtype' => 'oci'
];

9
nix/image/configs/nc/autoconfig_pgsql.php Normal file
View file

@ -0,0 +1,9 @@
<?php
$AUTOCONFIG = [
'dbname' => 'haze',
'dbhost' => 'pgsql',
'dbuser' => 'haze',
'dbpass' => 'haze',
'dbtype' => 'pgsql'
];

10
nix/image/configs/nc/azure.php Normal file
View file

@ -0,0 +1,10 @@
'objectstore' => [
'class' => 'OC\\Files\\ObjectStore\\Azure',
'arguments' => array(
'container' => 'test',
'account_name' => 'devstoreaccount1',
'account_key' => 'Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==',
'endpoint' => 'http://azure:10000/devstoreaccount1',
'autocreate' => true
)
],

12
nix/image/configs/nc/config.php Normal file
View file

@ -0,0 +1,12 @@
<?php $CONFIG=[
'debug' => true,
'appstoreenabled' => false,
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.distributed' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\APCu',
'allow_local_remote_servers' => true,
'trusted_domains' => ['cloud'],
'profiling.secret' => 'haze',
'profiling.path' => '/tmp/profiling',
//PLACEHOLDER
];

10
nix/image/configs/nc/ldap.php Normal file
View file

@ -0,0 +1,10 @@
'objectstore' => [
'class' => 'OC\\Files\\ObjectStore\\Azure',
'arguments' => array(
'container' => 'test',
'account_name' => 'devstoreaccount1',
'account_key' => 'Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==',
'endpoint' => 'http://azure:10000/devstoreaccount1',
'autocreate' => true
)
],

2
nix/image/configs/nc/redis-default.php Normal file
View file

@ -0,0 +1,2 @@
'redis' => ['host' => 'localhost'],
//PLACEHOLDER

11
nix/image/configs/nc/redis-tls.php Normal file
View file

@ -0,0 +1,11 @@
'redis' => [
'host' => 'tls://127.0.0.1',
'port' => 6379,
'ssl_context' => [
'local_cert' => '/redis-certificates/client.crt',
'local_pk' => '/redis-certificates/client.key',
'cafile' => '/redis-certificates/ca.crt',
'verify_peer_name' => false,
],
],
//PLACEHOLDER

14
nix/image/configs/nc/s3.php Normal file
View file

@ -0,0 +1,14 @@
'objectstore' => [
'class' => 'OC\Files\ObjectStore\S3',
'arguments' => [
'bucket' => 'nextcloud',
'autocreate' => true,
'key' => 'minio',
'secret' => 'minio123',
'hostname' => 's3',
'port' => 9000,
'use_ssl' => false,
'use_path_style' => true,
'uploadPartSize' => 52428800,
],
],

47
nix/image/configs/nc/s3m.php Normal file
View file

@ -0,0 +1,47 @@
'objectstore' => [
'default' => 'multi',
'multi' => [
'class' => 'OC\Files\ObjectStore\S3',
'arguments' => [
'multibucket' => true,
'num_buckets' => 8,
'bucket' => 'nextcloud-multi-',
'autocreate' => true,
'key' => 'minio',
'secret' => 'minio123',
'hostname' => 's3',
'port' => 9000,
'use_ssl' => false,
'use_path_style' => true,
'uploadPartSize' => 52428800,
],
],
'single' => [
'class' => 'OC\Files\ObjectStore\S3',
'arguments' => [
'bucket' => 'nextcloud-single',
'autocreate' => true,
'key' => 'minio',
'secret' => 'minio123',
'hostname' => 's3',
'port' => 9000,
'use_ssl' => false,
'use_path_style' => true,
'uploadPartSize' => 52428800,
],
],
'root' => [
'class' => 'OC\Files\ObjectStore\S3',
'arguments' => [
'bucket' => 'nextcloud-root',
'autocreate' => true,
'key' => 'minio',
'secret' => 'minio123',
'hostname' => 's3',
'port' => 9000,
'use_ssl' => false,
'use_path_style' => true,
'uploadPartSize' => 52428800,
],
],
],

15
nix/image/configs/nc/s3mb.php Normal file
View file

@ -0,0 +1,15 @@
'objectstore_multibucket' => [
'class' => 'OC\Files\ObjectStore\S3',
'arguments' => [
'num_buckets' => 64,
'bucket' => 'nextcloud-',
'autocreate' => true,
'key' => 'minio',
'secret' => 'minio123',
'hostname' => 's3',
'port' => 9000,
'use_ssl' => false,
'use_path_style' => true,
'uploadPartSize' => 52428800,
],
],

14
nix/image/configs/nc/swift.php Normal file
View file

@ -0,0 +1,14 @@
'objectstore' => [
'class' => 'OC\Files\ObjectStore\Swift',
'arguments' => [
// replace with your bucket
'bucket' => 'nextcloud',
'autocreate' => true,
'username' => 'swift',
'password' => 'swift',
'tenantName' => 'service',
'region' => 'regionOne',
'url' => 'http://keystone:5000/v2.0',
'serviceName' => 'swift',
],
],

27
nix/image/configs/nc/swiftv3.php Normal file
View file

@ -0,0 +1,27 @@
'objectstore' => [
'class' => 'OC\Files\ObjectStore\Swift',
'arguments' => [
// replace with your bucket
'bucket' => 'nextcloud',
'autocreate' => true,
'user' => [
'name' => 'swift',
'password' => 'swift',
'domain' => [
'name' => 'default',
]
],
'scope' => [
'project' => [
'name' => 'service',
'domain' => [
'name' => 'default',
],
],
],
'tenantName' => 'service',
'region' => 'regionOne',
'url' => 'http://keystone:5000/v3',
'serviceName' => 'swift',
],
],

19
nix/image/configs/nginx-app.conf Normal file
View file

@ -0,0 +1,19 @@
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) {
deny all;
}
location / {
## The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ /index.php$request_uri;
}

1
nix/image/configs/sudoers Normal file
View file

@ -0,0 +1 @@
haze ALL=(ALL) NOPASSWD: ALL

127
nix/image/haze.nix Normal file
View file

@ -0,0 +1,127 @@
{
lib,
dockerTools,
php,
bash,
nginx,
blackfire,
coreutils,
getent,
shadow,
buildEnv,
runCommand,
cacert,
callPackage,
cronie,
redis,
gnused,
samba,
wget,
git,
procps,
gnugrep,
minio-client,
neovim,
helix,
debug ? false,
writeShellApplication,
}: let
inherit (lib) readFile getExe;
phpVersion = lib.concatStringsSep "." (lib.take 2 (lib.splitString "." php.version));
phpEnv = callPackage ./php.nix {inherit debug php;};
bootstrap-nginx = writeShellApplication {
name = "bootstrap-nginx";
text = readFile ./bootstrap-nginx.sh;
};
bootstrap = writeShellApplication {
name = "bootstrap";
runtimeInputs = [getent];
text = readFile ./bootstrap.sh;
};
tmpDir = runCommand "tmp-dir" {} ''
mkdir -p $out/tmp
mkdir -p $out/var/cache/nginx
mkdir -p $out/var/log/nginx
mkdir -p $out/var/log/cron
mkdir -p $out/var/www/html
mkdir -p $out/var/run
mkdir -p $out/var/tmp
mkdir -p $out/run
mkdir -p $out/conf
mkdir -p $out/var/spool
'';
configs = callPackage ./configs.nix {};
scripts = callPackage ./scripts.nix {};
redis-certificates = runCommand "scripts" {} ''
mkdir -p $out
cp -r ${../../redis-certificates} $out/redis-certificates
'';
baseImage = dockerTools.buildImage {
name = "icewind1991/haze-base";
tag = phpVersion;
copyToRoot = [
cacert
dockerTools.usrBinEnv
dockerTools.fakeNss
bash
blackfire
nginx
coreutils
shadow
cronie
redis
gnused
procps
gnugrep
minio-client
# samba
wget
neovim
helix
];
};
phpImage = dockerTools.buildImage {
name = "icewind1991/haze-php";
tag = phpVersion;
fromImage = baseImage;
copyToRoot = [
phpEnv
phpEnv.packages.composer
];
};
in
dockerTools.buildLayeredImage {
name = "icewind1991/haze";
tag = phpVersion;
maxLayers = 5;
fromImage = phpImage;
contents = [
tmpDir
bootstrap-nginx
bootstrap
configs
scripts
redis-certificates
];
fakeRootCommands = ''
chmod 1777 tmp
chmod 1777 var/tmp
chmod 1777 var/run
chmod 1777 var/log/nginx
chmod 1777 var/cache/nginx
chmod 1777 var/spool
chmod -R 0755 etc/nc
'';
config = {
Cmd = [(getExe bootstrap) ./nginx.conf ./php-fpm.conf];
Env = ["EDITOR=hx" "WEBROOT=/var/www/html"];
WorkingDir = "/var/www/html";
};
}

100
nix/image/nginx.conf Normal file
View file

@ -0,0 +1,100 @@
user haze;
worker_processes 4;
pid /run/nginx.pid;
daemon off;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile off;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /conf/mime.types;
types {
application/javascript mjs;
}
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# Don't send the nginx version number in error pages and Server header
server_tokens off;
upstream php-handler {
server unix:/var/run/php-fpm.sock;
}
server {
listen 80;
# Path to the root of your installation
root /var/www/html;
client_max_body_size 10G;
# set max upload size
fastcgi_buffers 64 4K;
index index.php index.html /index.php$request_uri;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
include /conf/nginx-app.conf;
location ~ \.php(?:$|/) {
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass php-handler;
fastcgi_read_timeout 3600;
}
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
try_files $uri /index.php$request_uri;
access_log off; # Optional: Don't log access to assets
location ~ \.wasm$ {
default_type application/wasm;
}
}
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
}
}

28
nix/image/php-fpm.conf Normal file
View file

@ -0,0 +1,28 @@
[global]
error_log = /proc/self/fd/2
daemonize = no
[www]
access.log = /proc/self/fd/2
user = haze
group = haze
listen = /var/run/php-fpm.sock
listen.owner = haze
listen.group = haze
listen.mode = 0660
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
clear_env = no
; Ensure worker stdout and stderr are sent to the main error log.
catch_workers_output = yes

53
nix/image/php.nix Normal file
View file

@ -0,0 +1,53 @@
{
lib,
php,
debug ? false,
}: let
inherit (lib) optionals;
in
php.buildEnv {
extensions = {
enabled,
all,
}:
enabled
++ (with all;
[
xdebug
excimer
inotify
redis
oci8
zip
pdo
pdo_pgsql
pdo_sqlite
pdo_mysql
pgsql
intl
curl
mbstring
pcntl
ldap
exif
gmp
apcu
]
++ optionals (!debug) [
# smbclient # this breaks the build for no apparent reason
blackfire
]);
extraConfig = ''
xdebug.mode=debug,trace,profile
xdebug.start_with_request=trigger
xdebug.discover_client_host=true
xdebug.client_host=hazehost
xdebug.log_level=0
xdebug.output_dir=/tmp/xdebug
memory_limit=512M
apc.enable_cli=1
opcache.enable_cli=1
'';
}

5
nix/image/scripts.nix Normal file
View file

@ -0,0 +1,5 @@
{runCommand}:
runCommand "scripts" {} ''
mkdir -p $out
cp -r ${./scripts} $out/bin
''

20
nix/image/scripts/install Executable file
View file

@ -0,0 +1,20 @@
#!/bin/sh
USER=$1
PASSWORD=$2
if [ -z "$USER" ] || [ -z "$PASSWORD" ]; then
echo "Usage: install \$USER \$PASSWORD"
exit;
fi
cd $WEBROOT
if [ "$SQL" = "oci" ]; then
# oracle is a special snowflake
occ maintenance:install --admin-user=$USER --admin-pass=$PASSWORD --database=$SQL --database-name=xe --database-host=$SQL --database-user=system --database-pass=haze
elif [ "$SQL" = "mariadb" ]; then
occ maintenance:install --admin-user=$USER --admin-pass=$PASSWORD --database=mysql --database-name=haze --database-host=$SQL --database-user=haze --database-pass=haze
else
occ maintenance:install --admin-user=$USER --admin-pass=$PASSWORD --database=$SQL --database-name=haze --database-host=$SQL --database-user=haze --database-pass=haze
fi;

4
nix/image/scripts/integration Executable file
View file

@ -0,0 +1,4 @@
#!/bin/sh
cd $WEBROOT/build/integration
./run.sh "$@"

5
nix/image/scripts/occ Executable file
View file

@ -0,0 +1,5 @@
#!/bin/sh
export XDEBUG_SESSION=haze
php $WEBROOT/occ "$@"

3
nix/image/scripts/phpunit Executable file
View file

@ -0,0 +1,3 @@
#!/bin/sh
/usr/local/bin/php -d memory_limit=512M /usr/local/bin/phpunit.phar $@

7
nix/image/scripts/tests Executable file
View file

@ -0,0 +1,7 @@
#!/bin/sh
cd $WEBROOT
export XDEBUG_SESSION=haze
phpunit --configuration $WEBROOT/tests/phpunit-autotest.xml $@

4
nix/overlay.nix
View file

@ -1,3 +1,7 @@
final: prev: {
haze = final.callPackage ./package.nix {};
haze-image-php-84 = final.callPackage ./image/haze.nix {php = final.php84;};
haze-image-php-83 = final.callPackage ./image/haze.nix {php = final.php83;};
haze-image-php-82 = final.callPackage ./image/haze.nix {php = final.php82;};
haze-image-php-81 = final.callPackage ./image/haze.nix {php = final.php81;};
}