MaggiWuerze
commented
3 years ago Thanks for all your hard work and for continuing to make such a great and easy to use image
Closed Wonderfall closed 2 years ago
MaggiWuerze
commented
3 years ago Thanks for all your hard work and for continuing to make such a great and easy to use image
bleed2002
commented
3 years ago I'd like to thank you too! I'm using your image for a long time now for several instances. I was considering a switch to the official image a few times, but in the end i always decided against it and never regret that so far. It proved to be very stable, it is so easy to use and maintain. So I'm very happy to hear that you took the time to "modernize" your image. The next branch looks very promising, I will check it out soon. Thanks again, Patrick
Wonderfall
commented
3 years ago Hey! The new image should be ready for every day use:
next branch has been renamed main which is now the new default branchghcr.io/wonderfall/mastodonBeware the last Nextcloud update (21.0.2) broke 2FA for me, but it's not likely due to the new image since I was using the testing 21.0.1 image without issues. If this happens to you too, don't panic and disable 2FA with occ:
sudo docker exec -ti nextcloud occ twofactorauth:disable user twofactor_webauthnI'll investigate this another day, but it's also possible it won't happen to you.
As I said above, the main source of distribution will be ghcr.io (GitHub Registry). The legacy image will soon be removed from Docker Hub, I see no point in leaving an unmaintained image available for download. Users should be encouraged to upgrade as soon as possible, and the removal will likely trigger an error so they'll be informed something is going on.
Tell me here if you're encountering issues with the upgrade. Don't forget to backup your data before doing so.
See you! :)
Wonderfall
commented
3 years ago I took the initiative and removed all the images from the Docker Hub. There was no point in keeping them online despite being deprecated, and now obsolete. This will likely trigger an error when users will attempt to upgrade, and I hope they can see this.
Last thing to do is finishing the documentation for brand new installs. I'd like to keep it simple, nothing too fancy.
I'm also potentially interested in making the image compatible with the so-called "high performance backend". That would be an optional feature, but I've yet to evaluate the usefulness of this. If someone knows more about it, feel free to convince me. :)
bleed2002
commented
3 years ago Hi, I just wanted to share that I was able to upgrade my complete setup to use the new image without any major issues. Currently I'm running 2 of my biggerst instances on the new image for 5 days without issues. So thank you very much again for your effort and the smooth upgrade path. Using the new images I was also able to nearly completely remove my adjustments I made to the old one (mostly permission related). I also would be interested in trying/using the "high performance backend".
Best regards, Patrick
wahyd4
commented
3 years ago Hi @Wonderfall , thanks for your great work. I just want to raise a minor issue I had during the upgrade process, but not sure if I was the only one who faced this issue.
I had to manually modify the file config/config.php by upgrading the apps2 folder to make the new image works.
<?php
$CONFIG = array (
'datadirectory' => '/data',
'apps_paths' =>
array (
0 =>
array (
'path' => '/nextcloud/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/apps2', # needs to be updated to /nextcloud/apps2
'url' => '/apps2',
'writable' => true,
),
),Glad the migration went well.
I had to manually modify the file
config/config.phpby upgrading theapps2folder to make the new image works.
Indeed, it's a breaking change, but it's covered in the migration steps. It's really just some volume renaming in docker-compose.yml and config.php. Maybe the latter change should be more emphasized just in case, I'll see what I can do.
yche2990
commented
3 years ago I try to migrate to the new image. I updated docker-compose.yml and config.php. However, when the nexcloud is started, it shows an error of
fatal allocator error: getrandom failed | stderr
Can you please help?
Wonderfall
commented
3 years ago I try to migrate to the new image. I updated docker-compose.yml and config.php. However, when the nexcloud is started, it shows an error of
fatal allocator error: getrandom failed | stderr
Can you please help?
What's your kernel version?
yche2990
commented
3 years ago I am using synology docker. I believe that the kernel daemon version is 20.10.3.
Wonderfall
commented
3 years ago Sorry, meant your Linux kernel version. FYI the getrandom() syscall is available since Linux 3.17. You're probably using an old version of Linux, and at this point it's highly recommended that you find a way to update your kernel to patch major security flaws.
I don't recommend it and this is merely a workaround, but you can disable the hardened memory allocator by running the container with an empty LD_PRELOAD environment variable. Like LD_PRELOAD="".
yche2990
commented
3 years ago Thank you for your detailed response. I checked the synology. It seems that the linux kernal version is 3.10.105. I am not sure whether synology allows the update for linux kernel. I will try the temnporary fix first.
Wonderfall
commented
2 years ago Alright, it's been a year so I think the majority of the userbase has had the occasion to either migrate to the newer image or evaluate their other options.
rofra
commented
1 year ago Dear @Wonderfall , I have an running instance of the old "wonderfall/nextcloud" on version 19. The minor version of the new path is 21 so I cannot upgrade directly as major multiple upgrades are not possible with nextcloud. The old repo is destroyed, the old dockerhub tags removed, I cannot find an image of wonderfall/nextcloud:20 that would allow me the upgrade or compile it myself.
Any idea to save my server ?
Wonderfall
commented
1 year ago Dear @Wonderfall , I have an running instance of the old "wonderfall/nextcloud" on version 19. The minor version of the new path is 21 so I cannot upgrade directly as major multiple upgrades are not possible with nextcloud. The old repo is destroyed, the old dockerhub tags removed, I cannot find an image of wonderfall/nextcloud:20 that would allow me the upgrade or compile it myself.
Any idea to save my server ?
Not gonna lie it's going to be a bit painful since Nextcloud only supports direct major version upgrades (e.g. 19 => 20, 20 => 21), but it's definitely doable.
What I suggest is:
For instance, say you want to upgrade to Nextcloud 20. First get the files:
git checkout b6468f3f534df83c378343fc1613e463a0a50972Then, build the image:
docker build -t wonderfall/nextcloud:20 -f Dockerfile.20 .At the time, there were two supported major versions, but now there is a single Dockerfile, so obviously change this accordingly. Starting Nextcloud 21 (or even a later Nextcloud 20 commit), you will need to proceed with the manual image migration involving the steps described in this issue.
rofra
commented
1 year ago Hi @Wonderfall, I really appreciate your instructive feedback. As wonderfall/nginx-php:7.4 is the main image for wonderfall/nextcloud and is not available anymore on dockerhub, I had to compile it myself the same way you told me before.
I had to launch the following commands:
git clone https://github.com/Wonderfall/docker-nginx-php.git
git clone https://github.com/Wonderfall/docker-nextcloud.git
cd docker-nginx-php
docker build -t wonderfall/nginx-php:7.4 -f Dockerfile.7.4 .
cd ..
cd docker-nextcloud
git checkout b6468f3f534df83c378343fc1613e463a0a50972
docker build -t wonderfall/nextcloud:20 -f Dockerfile.20 .
cd ..Now I migrated to version 20, I can continue on the path.
A great thank you !
Hello, if you're reading this you're probably using my Docker image
wonderfall/nextcloud. First and foremost, thanks for your interest! As you may already know, the current image is being deprecated. Let me first explain you why (in details) and then I'll give you some suggestions about your options.I first made this image some years ago (late 2015 if I recall), back in the time when it was still ownCloud (I mean before the hard fork) and there was not even an Alpine-based image. Since then I kept maintaining the image, it has been 5 years already! Of course, I know sometimes I was not fast to update, due to life being life.
I've also said this: don't use third-party images when there's an official one. And at the time, there wasn't, but since 2016 (around that) there is. So if you're not willing to maintain your images, you should probably use official images. If that doesn't work for you, you can take inspiration but really pay attention to the maintenance of your images. Outdated images are security holes and a container is certainly not bulletproof: there is massive attack surface which can be exploited to gain privilege on the host - unless you use alternative runtimes such as gVisor.
Now, back to my image, I kept maintaining it despite the official one being a thing. I wanted it to be very simple to use, e.g. no extra containers for nginx, cron - everything you need is running inside. It's not great for scalability, but it was never meant to be, it's just meant for single-users who want to take back their data. Docker once said "you should run only one process in a container" (not to mention it's rarely the case, technically speaking, but you get the idea), but containers are not defined by that rule, you can do whatever you want as long as it suits your needs.
However, the current image as it is has some flaws:
wonderfall/nginx-php, a base Alpine image which builds PHP and nginx from source. Great, but painful to maintain. I made the switch from Alpine packages in 2017 because there were some obscure issues I don't recall well, and it's great to have fine-grained versioning. It's still working, currently with PHP 8!su-exec) so permissions are transparent to the end-user. The issues are: it's best to never use root even at startup, and chown has terrible performance on overlayfs (not on btrfs, which I use, but overlayfs is the default). I mean, flexibility is great and all, but users should just learn to fix permissions of their volumes themselves, no?These are the two main reasons I wanted a complete refactor. Now as you can see on the testing branch, several changes were made to the new image:
Goals are still to provide a simple image to use, but now with less attack surface, and more maintainability. Migration should be painless except for exotic use-cases. The things to keep in mind when migrating are the changes of volumes:
/datais now/nextcloud/data/datafor now/configis now/nextcloud/config/apps2is now/nextcloud/apps2Changes should be made in your docker-compose.yml and in config.php to reflect the volume changes. Other than that, it should run like before. This is still in testing, but I made the change myself on my personal server and it's running flawlessly. It's already available in Docker Hub with the
nexttag.The plan is to:
Feel free to discuss the topic here, but keep in mind I got many other things to do so I can't help if you're migrating to another image, official or third-party. Also keep in mind to back up your data in any case. Any migration should be possible, though.