update readme

update Readme
2020-07-03 07:40:53 +00:00 · 2020-07-02 20:31:17 +02:00
9 changed files with 86 additions and 355 deletions
--- a/.env
+++ b/.env
@ -1 +0,0 @@
 nextcloud_version=19.0.0
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +0,0 @@
 mysql
 data
--- a/README.md
+++ b/README.md
@ -1,19 +1,90 @@
-Update, run, inspect and stop server:
+# Vorraussetzungen
-```
+
-docker-compose pull
+Folgendes wird in Linux gemacht (es ist aber nicht zwingend ein eigenes Linux erforderlich):
-docker-compose up -d
+
-docker-compose logs -f --tail=10
+* Erstellen und bearbeiten von Dateien (Shell oder GUI)
-docker-compose down
+* Starten von Programmen auf der Commandline
-```
+
-Login to nextcloud
+## Installation in Ubuntu Linux
-```
+
-docker-compose exec --user www-data app bash
+``` bash
 sudo apt install docker-compose
 sudo adduser <user> docker # allow docker as user
 su <user> # relogin or reboot system to apply new group
 ```
-Login to mysql
+## Ohne Linux
 ```
 docker-compose exec db bash
 apt update
 apt install vim less mysqltuner
 ### Verwenden einer virtuellen Maschine mit Linux
 Z.B. mit _Virtual Box_ kann ein virtueller Rechner aufgesetzt werden.
 ### Verbinden über ssh auf einen Linux-Rechner
 Wer kein eigenes Linux hat, kann sich über ssh mit einem Linux-Rechner verbinden, z.B. mit _Putty_. In diesem Fall ist es gut, wenn man auch Dateien auf der Commandline editieren kann.
 ### Verwenden von Windows Subsystem for Linux
 Das geht wohl auch irgendwie, aber nicht besonders gut.
 # Hello-World Projekt erstellen
 ## Mit git
 ``` bash
 git clone https://git.hilie.de/toptica/docker-compose-workshop.git hello-world
 cd hello-world
 git checkout hello-world
 ```
 ## Ohne git
 ``` bash
 mkdir hello-world
 cd hello-world
 vi docker-compose.yaml # Datei »docker-compose.yaml« erstellen und bearbeiten
 ```
 Inhalt für docker-compose.yaml:
 ``` yaml
 version: '3'
 services:
  hello_world:
    image: hello-world:latest
 ```
 # Hello-World Projekt ausführen
 ``` bash
 docker-compose up
 ```
 Folgende Ausgabe sollte unter anderem so ähnlich erscheinen:
 ``` bash
 Recreating dockercompose_hello_world_1 ... 
 Recreating dockercompose_hello_world_1 ... done
 Attaching to dockercompose_hello_world_1
 hello_world_1  | 
 hello_world_1  | Hello from Docker!
 hello_world_1  | This message shows that your installation appears to be working correctly.
 hello_world_1  | 
 hello_world_1  | To generate this message, Docker took the following steps:
 hello_world_1  |  1. The Docker client contacted the Docker daemon.
 hello_world_1  |  2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 hello_world_1  |     (amd64)
 hello_world_1  |  3. The Docker daemon created a new container from that image which runs the
 hello_world_1  |     executable that produces the output you are currently reading.
 hello_world_1  |  4. The Docker daemon streamed that output to the Docker client, which sent it
 hello_world_1  |     to your terminal.
 hello_world_1  | 
 hello_world_1  | To try something more ambitious, you can run an Ubuntu container with:
 hello_world_1  |  $ docker run -it ubuntu bash
 hello_world_1  | 
 hello_world_1  | Share images, automate workflows, and more with a free Docker ID:
 hello_world_1  |  https://hub.docker.com/
 hello_world_1  | 
 hello_world_1  | For more examples and ideas, visit:
 hello_world_1  |  https://docs.docker.com/get-started/
 hello_world_1  | 
 dockercompose_hello_world_1 exited with code 0
 ```
--- a/config/CAN_INSTALL
+++ b/config/CAN_INSTALL
--- a/config/config.php
+++ b/config/config.php
@ -1,61 +0,0 @@
 <?php
 $CONFIG = array (
  'trusted_domains' => 
  array (
    0 => 'localhost:8080',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'dbname' => 'nextcloud',
  'dbhost' => 'db',
  'dbport' => '3306',
  'dbtableprefix' => 'nc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'uCutr9HCpWZA99n',
  'installed' => false,
  'maintenance' => false,
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'redis',
    'password' => false,
    'port' => 6379,
  ),
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'loglevel' => 0,
  'theme' => '',
  'mail_smtpmode' => 'smtp',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpsecure' => 'tls',
  'mail_from_address' => 'abc',
  'mail_domain' => 'gmx.de',
  'mail_smtphost' => 'mail.gmx.net',
  'mail_smtpauth' => 1,
  'mail_smtpport' => '587',
  'mail_smtpname' => 'abc@gmx.de',
  'mail_smtppassword' => 'xxx',
  'integrity.check.disabled' => false,
  'updatechecker' => true,
  'has_internet_connection' => true,
  'app_install_overwrite' => 
  array (
    0 => 'timetracker',
  ),
 );
--- a/db-etc/nextcloud.cnf
+++ b/db-etc/nextcloud.cnf
@ -1,32 +0,0 @@
 [server]
 skip-name-resolve
 innodb_buffer_pool_size = 398M
 innodb_buffer_pool_instances = 1
 innodb_flush_log_at_trx_commit = 2
 innodb_log_buffer_size = 32M
 innodb_max_dirty_pages_pct = 90
 query_cache_type = on
 query_cache_limit = 2M
 query_cache_min_res_unit = 2k
 query_cache_size = 64M
 tmp_table_size= 64M
 max_heap_table_size= 64M
 slow-query-log = 1
 slow-query-log-file = /var/log/mysql/slow.log
 long_query_time = 1
 performance_schema = ON
 [client]
 default-character-set = utf8mb4
 [mysqld]
 character-set-server = utf8mb4
 collation-server = utf8mb4_general_ci
 transaction_isolation = READ-COMMITTED
 log_bin = ON
 binlog_format = ROW
 # Enable login to mysql
 plugin-load-add = auth_socket.so
--- a/db.env
+++ b/db.env
@ -1,3 +0,0 @@
 MYSQL_PASSWORD=uCutr9HCpWZA99n
 MYSQL_DATABASE=nextcloud
 MYSQL_USER=nextcloud
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -1,70 +0,0 @@
 version: '2'
 services:
  db:
    image: mariadb:10.4
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    restart: always
    volumes:
      - ./mysql:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=LLKALrsd82mNnst
    env_file:
      - db.env
  redis:
    image: redis:alpine
    restart: always
  app:
    image: nextcloud:${nextcloud_version}-fpm-alpine
    restart: always
    volumes:
      - nextcloud:/var/www/html
      - ./data:/var/www/html/data
      - ./config:/var/www/html/config
    environment:
      - MYSQL_HOST=db
      - REDIS_HOST=redis
    env_file:
      - db.env
    depends_on:
      - db
      - redis
  web:
    image: nginx:1.16.0-alpine
    restart: always
    ports:
      - 8080:80
    volumes:
      - nextcloud:/var/www/html:ro
      - ./data:/var/www/html/data:ro
      - ./web/nginx.conf:/etc/nginx/nginx.conf
    depends_on:
      - app
  cron:
    image: nextcloud:${nextcloud_version}-fpm-alpine
    restart: always
    volumes:
      - nextcloud:/var/www/html
      - ./data:/var/www/html/data
      - ./config:/var/www/html/config
    entrypoint: /cron.sh
    depends_on:
      - db
      - redis
  phpmyadmin:
    image: phpmyadmin/phpmyadmin
    restart: always
    environment:
      - PMA_ARBITRARY=1
    ports:
      - 8082:80
    volumes:
      - /sessions
 volumes:
  nextcloud:
--- a/web/nginx.conf
+++ b/web/nginx.conf
@ -1,171 +0,0 @@
 worker_processes auto;
 error_log  /var/log/nginx/error.log warn;
 pid        /var/run/nginx.pid;
 events {
    worker_connections  1024;
 }
 http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    keepalive_timeout  65;
    set_real_ip_from  10.0.0.0/8;
    set_real_ip_from  172.16.0.0/12;
    set_real_ip_from  192.168.0.0/16;
    real_ip_header    X-Real-IP;
    upstream php-handler {
        server app:9000;
    }
    server {
        listen 80;
        # Add headers to serve security related headers
        # Before enabling Strict-Transport-Security headers please read into this
        # topic first.
        #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
        #
        # WARNING: Only add the preload option once you read about
        # the consequences in https://hstspreload.org/. This option
        # will add the domain to a hardcoded list that is shipped
        # in all major browsers and getting removed from this list
        # could take several months.
        add_header Referrer-Policy "no-referrer" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header X-Download-Options "noopen" always;
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-Permitted-Cross-Domain-Policies "none" always;
        add_header X-Robots-Tag "none" always;
        add_header X-XSS-Protection "1; mode=block" always;
        # Remove X-Powered-By, which is an information leak
        fastcgi_hide_header X-Powered-By;
        # Path to the root of your installation
        root /var/www/html;
        location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
        }
        # The following 2 rules are only needed for the user_webfinger app.
        # Uncomment it if you're planning to use this app.
        #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
        # The following rule is only needed for the Social app.
        # Uncomment it if you're planning to use this app.
        #rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
        location = /.well-known/carddav {
            return 301 $scheme://$http_host/remote.php/dav;
        }
        location = /.well-known/caldav {
            return 301 $scheme://$http_host/remote.php/dav;
        }
        # set max upload size
        client_max_body_size 10G;
        fastcgi_buffers 64 4K;
        # Enable gzip but do not remove ETag headers
        gzip on;
        gzip_vary on;
        gzip_comp_level 4;
        gzip_min_length 256;
        gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
        gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
        # Uncomment if your server is build with the ngx_pagespeed module
        # This module is currently not supported.
        #pagespeed off;
        location / {
            rewrite ^ /index.php;
        }
        location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
            deny all;
        }
        location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
            deny all;
        }
        location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
            fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
            set $path_info $fastcgi_path_info;
            try_files $fastcgi_script_name =404;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $path_info;
            # fastcgi_param HTTPS on;
            # Avoid sending the security headers twice
            fastcgi_param modHeadersAvailable true;
            # Enable pretty urls
            fastcgi_param front_controller_active true;
            fastcgi_pass php-handler;
            fastcgi_intercept_errors on;
            fastcgi_request_buffering off;
        }
        location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
            try_files $uri/ =404;
            index index.php;
        }
        # Adding the cache control header for js, css and map files
        # Make sure it is BELOW the PHP block
        location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
            try_files $uri /index.php$request_uri;
            add_header Cache-Control "public, max-age=15778463";
            # Add headers to serve security related headers (It is intended to
            # have those duplicated to the ones above)
            # Before enabling Strict-Transport-Security headers please read into
            # this topic first.
            #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
            #
            # WARNING: Only add the preload option once you read about
            # the consequences in https://hstspreload.org/. This option
            # will add the domain to a hardcoded list that is shipped
            # in all major browsers and getting removed from this list
            # could take several months.
            add_header Referrer-Policy "no-referrer" always;
            add_header X-Content-Type-Options "nosniff" always;
            add_header X-Download-Options "noopen" always;
            add_header X-Frame-Options "SAMEORIGIN" always;
            add_header X-Permitted-Cross-Domain-Policies "none" always;
            add_header X-Robots-Tag "none" always;
            add_header X-XSS-Protection "1; mode=block" always;
            # Optional: Don't log access to assets
            access_log off;
        }
        location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {
            try_files $uri /index.php$request_uri;
            # Optional: Don't log access to other assets
            access_log off;
        }
    }
 }
Author	SHA1	Message	Date
stefan	5e82c6211e	update readme	2020-07-03 07:40:53 +00:00
Stefan Liebl	6d90966f28	update Readme	2020-07-02 20:31:17 +02:00