BootStrap: docker
From: registry.access.redhat.com/rhel7/rhel
%setup
#mkdir /owncloud
%files
#### /root/owncloud/config.php.9.0.11 /config.php
#### /root/owncloud/config.php.10.0.10-up /config.php
/root/owncloud/curapps /
owncloud-sing/owncloud.conf.template /
/etc/pki/tls/certs/xxx_cert.crt /
/etc/pki/tls/private/xxx.key /
/etc/pki/tls/certs/xxx_interm.crt /
%environment
source scl_source enable rh-php72 httpd24 rh-redis32
%post
subscription-manager register --username xxx --password xxx --auto-attach
subscription-manager repos --enable rhel-server-rhscl-7-rpms --enable=rhel-7-server-optional-rpms
yum -y install wget bzip2 sudo cronie nss-pam-ldapd httpd24-mod_ssl \
rh-php72 rh-php72-php rh-php72-php-gd rh-php72-php-mbstring rh-php72-php-mysqlnd rh-php72-php-intl rh-php72-php-ldap rh-php72-php-devel rh-redis32-redis gcc
mkdir -p /var/www/html
cd /var/www/html
wget https://download.owncloud.org/community/owncloud-10.0.10.tar.bz2
tar -xjf owncloud-10.0.10.tar.bz2
rm owncloud-10.0.10.tar.bz2
cd /
# Configure apache - httpd24
sed -i 's/^Listen.*/Listen 8081/' /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf
sed -i 's/^User.*/User xxx/' /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf
sed -i 's/^Group.*/Group xxx/' /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf
sed -i 's~^ErrorLog.*~ErrorLog /owncloud-writable/logs/httpd_error_log~' /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf
sed -i 's~ CustomLog.*~ CustomLog /owncloud-writable/logs/httpd_access_log combined~' /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf
sed -i 's/properly./properly.
Hello from the owncloud container!<\/p>/' /opt/rh/httpd24/root/usr/share/httpd/noindex/index.html
mv /owncloud.conf.template /opt/rh/httpd24/root/etc/httpd/conf.d/owncloud.conf
# Configure SSL
mv /xxx_cert.crt /etc/pki/tls/certs/xxx_cert.crt
mv /xxx.key /etc/pki/tls/private/xxx.key
mv /xxx_interm.crt /etc/pki/tls/certs/xxx_interm.crt
sed -i 's/Listen.*/Listen 8082 https/' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
sed -i 's//' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
sed -i 's~SSLCertificateFile.*~SSLCertificateFile /etc/pki/tls/certs/xxx_cert.crt~' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
sed -i 's~SSLCertificateKeyFile.*~SSLCertificateKeyFile /etc/pki/tls/private/xxx.key~' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
sed -i 's~^#SSLCertificateChainFile.*~SSLCertificateChainFile /etc/pki/tls/certs/xxx_interm.crt~' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
sed -i 's~^ErrorLog.*~ErrorLog /owncloud-writable/logs/ssl_error_log~' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
sed -i 's~^TransferLog.*~TransferLog /owncloud-writable/logs/ssl_access_log~' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
sed -i 's~^CustomLog.*~CustomLog /owncloud-writable/logs/ssl_request_log \\~' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
# Forwarding on host instead
#sed -i 's~.*~\n Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"\n\n\n~' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
# Configure LDAP lookup
sed -i '/^passwd:/ s/$/ ldap/' /etc/nsswitch.conf
sed -i '/^group:/ s/$/ ldap/' /etc/nsswitch.conf
sed -i '/^shadow:/ s/$/ ldap/' /etc/nsswitch.conf
sed -i 's~^uri.*~uri ldap://xxx/~' /etc/nslcd.conf
sed -i 's~^base.*~base dc=xxx,dc=xxx~' /etc/nslcd.conf
sed -i 's~^#tls_reqcert.*~tls_reqcert demand~' /etc/nslcd.conf
nslcd &
sleep 2
#Configure owncloud
mkdir /owncloud-writable
chmod 750 /owncloud-writable
chown xxx:users /owncloud-writable
#### For upgrade, no comment
#mv /config.php /var/www/html/owncloud/config/config.php
#sed -i "s/'maintenance'.*/'maintenance' => true,/" /var/www/html/owncloud/config/config.php
mv /var/www/html/owncloud/config /tmp/oc-config
ln -s /owncloud-writable/config /var/www/html/owncloud/config
#### For upgrade, add comment (2 lines)
rm -rf /var/www/html/owncloud/apps
mv /curapps /var/www/html/owncloud/apps
find /var/www/html/owncloud/ -type f -print0 | xargs -0 chmod 0640
find /var/www/html/owncloud/ -type d -print0 | xargs -0 chmod 0750
chmod 0644 /var/www/html/owncloud/.htaccess
chown -R xxx:xxx /var/www/html/owncloud
#chown xxx:xxx /opt/rh/rh-php72/register.content/var/opt/rh/rh-php72/lib/php/session
#chown root:apache /opt/rh/rh-php72/register.content/var/opt/rh/rh-php72/lib/php/session
rm -rf /var/opt/rh/rh-php72/lib/php
ln -s /owncloud-writable/run/php /var/opt/rh/rh-php72/lib/php
#chmod o+rwx /var/opt/rh/rh-php72/lib/php/session
#chmod o+rwx /var/opt/rh/rh-php72/lib/php/opcache
#chmod o+rwx /var/opt/rh/rh-php72/lib/php/wsdlcache
mkdir /pathToMountedData
chmod 750 /pathToMountedData
chown xxx:xxx /pathToMountedData
# Move /run to owncloud-writable
mv /run /tmp/oc-run
ln -s /owncloud-writable/run /run
rm -rf /opt/rh/httpd24/root/var/run
ln -s /owncloud-writable/run /opt/rh/httpd24/root/var/run
# Add Cron Job and mkdir so it can run as xxx
echo "*/15 * * * * xxx /opt/rh/rh-php72/root/bin/php -f /var/www/html/owncloud/cron.php" >> /etc/cron.d/owncloud
mkdir -p /users/x/x/xxx
chmod 644 /etc/cron.d/owncloud
# Add Caching and File Locking
scl enable rh-php72 "echo '' | pecl install apcu redis"
cat << EOF > /etc/opt/rh/rh-php72/php.d/20-owncloud-caching.ini
; APCu and Redis php extension
extension=apcu.so
extension=redis.so
EOF
cat << EOF > /etc/redis.conf
port 0
unixsocket /owncloud-writable/run/redis/redis.sock
unixsocketperm 777
EOF
cat << EOF > /etc/sysctl.d/redis.conf
vm.overcommit_memory = 1
EOF
echo "echo never > /sys/kernel/mm/transparent_hugepage/enabled" >> /etc/rc.local
# Upgrade owncloud
#cd /var/www/html/owncloud
#sudo -u epscor scl enable rh-php72 "php occ maintenance:mode"
#sudo -u epscor scl enable rh-php72 "php occ app:disable files_videoviewer"
#sudo -u epscor scl enable rh-php72 "php occ upgrade"
#cat config/config.php
#cp config/config.php /root/owncloud/config.php.10.0.10
#sudo -u epscor scl enable rh-php72 "php occ maintenance:mode --off"
# File Scan takes 20 minutes (not needed if done in 9.0)
#sudo -u epscor scl enable rh-php72 "php occ maintenance:singleuser --on"
#sudo -u epscor scl enable rh-php72 "php occ files:scan --all --repair"
#sudo -u epscor scl enable rh-php72 "php occ maintenance:singleuser --off"
%runscript
%startscript
# Might need to mkdir
#mkdir /run/httpd
#/usr/sbin/httpd -D FOREGROUND
nslcd
redis-server /etc/redis.conf &
crond -s
httpd -D FOREGROUND
%labels
Author Patrick Clemins