Repo-sync

nextcloud-releases · Jan 17, 2025 · 59773b7 · 59773b7
1 parent 08a2bca
commit 59773b7
Show file tree

Hide file tree

Showing 9 changed files with 22 additions and 4 deletions.
diff --git a/Containers/docker-socket-proxy/Dockerfile b/Containers/docker-socket-proxy/Dockerfile
@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:latest
-FROM haproxy:3.1.1-alpine
+FROM haproxy:3.1.2-alpine
 
 # hadolint ignore=DL3002
 USER root

diff --git a/Containers/mastercontainer/Dockerfile b/Containers/mastercontainer/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:latest
 # Docker CLI is a requirement
-FROM docker:27.4.1-cli AS docker
+FROM docker:27.5.0-cli AS docker
 
 # Caddy is a requirement
 FROM caddy:2.9.1-alpine AS caddy

diff --git a/Containers/mastercontainer/start.sh b/Containers/mastercontainer/start.sh
@@ -283,6 +283,15 @@ if [ "$?" = 6 ]; then
     exit 1
 fi
 
+# Check if auth.docker.io is reachable
+# Solves issues like https://github.com/nextcloud/all-in-one/discussions/5268
+if ! curl https://auth.docker.io/token | grep -q token; then
+    print_red "Could not reach https://auth.docker.io."
+    echo "Most likely is something blocking access to it."
+    echo "You should be able to fix this by using https://github.com/nextcloud/all-in-one/tree/main/manual-install"
+    exit 1
+fi
+
 # Check that no changes have been made to timezone settings since AIO only supports running in Etc/UTC timezone
 if [ -n "$TZ" ]; then
     print_red "The environmental variable TZ has been set which is not supported by AIO since it only supports running in the default Etc/UTC timezone!"

diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile
@@ -8,7 +8,7 @@ ENV SOURCE_LOCATION=/usr/src/nextcloud
 ENV REDIS_DB_INDEX=0
 
 # AIO settings start # Do not remove or change this line!
-ENV NEXTCLOUD_VERSION=30.0.4
+ENV NEXTCLOUD_VERSION=30.0.5
 ENV AIO_TOKEN=123456
 ENV AIO_URL=localhost
 # AIO settings end # Do not remove or change this line!

diff --git a/community-containers/fail2ban/fail2ban.json b/community-containers/fail2ban/fail2ban.json
@@ -25,6 +25,11 @@
                     "source": "nextcloud_aio_vaultwarden_logs",
                     "destination": "/vaultwarden",
                     "writeable": false
+                },
+                {
+                    "source": "nextcloud_aio_jellyfin",
+                    "destination": "/jellyfin",
+                    "writeable": false
                 }
             ]
         }

diff --git a/community-containers/fail2ban/readme.md b/community-containers/fail2ban/readme.md
@@ -1,5 +1,5 @@
 ## Fail2ban
-This container bundles fail2ban and auto-configures it for you in order to block ip-addresses automatically. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden, if installed.
+This container bundles fail2ban and auto-configures it for you in order to block ip-addresses automatically. It also covers https://github.com/nextcloud/all-in-one/tree/main/community-containers/vaultwarden and https://github.com/nextcloud/all-in-one/tree/main/community-containers/jellyfin, if installed.
 
 ### Notes
 - If you get an error like `"ip6tables v1.8.9 (legacy): can't initialize ip6tables table filter': Table does not exist (do you need to insmod?)"`, you need to enable ip6tables on your host via `sudo modprobe ip6table_filter`.

diff --git a/community-containers/jellyfin/readme.md b/community-containers/jellyfin/readme.md
@@ -8,6 +8,7 @@ This container bundles Jellyfin and auto-configures it for you.
 - In order to access your Jellyfin outside the local network, you have to set up your own reverse proxy. You can set up a reverse proxy following [these instructions](https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md) and [Jellyfin's networking documentation](https://jellyfin.org/docs/general/networking/#running-jellyfin-behind-a-reverse-proxy), OR use the [Caddy](https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy) community container that will automatically configure `media.$NC_DOMAIN` to redirect to your Jellyfin.
 - ⚠️ After the initial start, Jellyfin shows a configuration page to set up the root password, etc. **Be careful to initialize your Jellyfin before adding the DNS record.**
 - If you have a firewall like ufw configured, you might need to open all Jellyfin ports in there first in order to make it work. Especially port 8096 is important!
+- If you want to secure the installation with fail2ban, you might want to check out https://github.com/nextcloud/all-in-one/tree/main/community-containers/fail2ban
 - The data of Jellyfin will be automatically included in AIO's backup solution!
 - See [here](https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers) how to add it to the AIO stack.
 

diff --git a/manual-install/readme.md b/manual-install/readme.md
@@ -6,11 +6,13 @@ You can run the containers that are build for AIO with docker-compose. This come
 - You can run it without a container having access to the docker socket
 - You can modify all values on your own
 - You can run the containers with docker swarm
+- You can run this in environments where access to docker.io is not possible. See [this issue](https://github.com/nextcloud/all-in-one/discussions/5268).
 
 ### Disadvantages
 - You lose the AIO interface
 - You lose update notifications and automatic updates
 - You lose all AIO backup and restore features
+- You lose the built-in [Docker Socket Proxy container](https://github.com/nextcloud/docker-socket-proxy#readme) (needed for [Nextcloud App API](https://github.com/nextcloud/app_api#nextcloud-appapi))
 - You lose all community containers: https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers
 - **You need to know what you are doing, especially when modifying the compose.yaml file**
 - For updating, you need to strictly follow the at the bottom described update routine

diff --git a/reverse-proxy.md b/reverse-proxy.md
@@ -920,5 +920,6 @@ If something does not work, follow the steps below:
 1. If you use Cloudflare, you might need to skip the domain validation anyways since it is known that Cloudflare might block the validation attempts. In that case, see the last option below!
 1. If your reverse proxy is configured to use the host network (as recommended in the above docs) or running on the host, make sure that you've configured your firewall to open port 443 (and 80)!
 1. Check if you have a public IPv4- and public IPv6-address. If you only have a public IPv6-address (e.g. due to DS-Lite), make sure to enable IPv6 in Docker and your whole networking infrastructure (e.g. also by adding an AAAA DNS-entry to your domain)!
+1. [Enable Hairpin NAT in your router](https://github.com/nextcloud/all-in-one/discussions/5849) or [set up a local DNS server and add a custom dns-record](https://github.com/nextcloud/all-in-one#how-can-i-access-nextcloud-locally) that allows the server to reach itself locally
 1. Try to configure everything from scratch - if it still does not work by following https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance.
 1. As last resort, you may disable the domain validation by adding `--env SKIP_DOMAIN_VALIDATION=true` to the docker run command. But only use this if you are completely sure that you've correctly configured everything!