diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index 0f7c6dc37..0a9b91a0b 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -103,46 +103,63 @@ jobs: run: | docker logs nextcloudpi |& awk '{ print "CONTAINER::" $0 }' echo 'CONTAINER:: ==========' - docker logs -f |& awk '{ print "CONTAINER::" $0 }' & + docker logs -f nextcloudpi |& awk '{ print "CONTAINER::" $0 }' & docker exec nextcloudpi bash -c 'tail -f /var/log/ncp.log' |& awk '{ print "NCP::" $0 }' & cmd=(python activation_tests.py --no-gui localhost 8443 4443) [[ "${{ matrix.arch }}" == "x86" ]] || cmd+=(--timeout 300) - "${cmd[@]}" || { - tail -n 20 geckodriver.log >&2 || true - echo "=======================" - echo "Activation test failed!" - echo "Container logs:" - echo "===========================================" - docker logs nextcloudpi - echo "Last lines of ncp.log:" - echo "===========================================" - docker exec nextcloudpi tail /var/log/ncp.log; + + success=false + for attempt in {1..3} + do + echo ":: Activation Tests (attempt $attempt/3) ::" + "${cmd[@]}" || { + tail -n 20 geckodriver.log >&2 || true + echo "CI:: Activation test (attempt $attempt/3) failed!" + docker exec nextcloudpi bash /usr/local/bin/ncp-diag + sleep 12 + continue + } + success=true + break + done + [[ "$success" == "true" ]] || { + echo "CI:: Activation test failed in all attempts!" exit 1 } - echo "Activation test successful" - python system_tests.py --no-ping --non-interactive || { - echo "System test failed!" - echo "Container logs:" - echo "===========================================" - docker logs nextcloudpi - echo "Last lines of ncp.log:" - echo "===========================================" - docker exec nextcloudpi tail /var/log/ncp.log; - exit 1 + echo "CI:: Activation test successful" + + success=false + for attempt in {1..3} + do + echo ":: System Tests (attempt $attempt/3) ::" + python system_tests.py --no-ping --non-interactive || { + echo "CI:: System test (attempt $attempt) failed!" + continue + } + success=true + break + done + [[ "$success" == "true" ]] || { + echo "CI:: System test failed in all attempts!" exit 1 } - echo "System test successful" - python nextcloud_tests.py --no-gui localhost 8443 4443 || { - tail -n 20 geckodriver.log >&2 || true - echo "=======================" - echo "Nextcloud test failed!" - echo "Container logs:" - echo "===========================================" - docker logs nextcloudpi - echo "Last lines of ncp.log:" - echo "===========================================" - docker exec nextcloudpi tail /var/log/ncp.log; + echo "CI:: System test successful" + + success=false + for attempt in {1..3} + do + echo ":: Nextcloud Tests (attempt $attempt/3) ::" + python nextcloud_tests.py --no-gui localhost 8443 4443 || { + tail -n 20 geckodriver.log >&2 || true + echo "CI:: Nextcloud test (attempt $attempt/3) failed!" + continue + } + success=true + break + done + [[ "$success" == "true" ]] || { + echo "CI:: Nextcloud test failed in all attempts!" exit 1 } - echo "Nextcloud test successful" + echo "CI:: Nextcloud test successful" diff --git a/.github/workflows/build-lxd.yml b/.github/workflows/build-lxd.yml index 275e283d5..223a8ffbe 100644 --- a/.github/workflows/build-lxd.yml +++ b/.github/workflows/build-lxd.yml @@ -161,10 +161,20 @@ jobs: fi echo "VERSION=${VERSION}" >> "$GITHUB_ENV" echo "Running update ${{ needs.build-previous.outputs.previous_version }} -> ${VERSION}" + + current_nc_version="$(lxc exec ncp -- ncc status | grep "version:" | awk '{ print $3 }')" latest_nc_version="$(cat etc/ncp.cfg | jq -r '.nextcloud_version')" + lxc exec ncp -- bash -c "DBG=x ncp-update ${UPDATE_ARGS[*]}" lxc exec ncp -- /usr/local/bin/ncc status - lxc exec ncp -- bash -c "DBG=x ncp-update-nc ${latest_nc_version?}" + + if [[ "$current_nc_version" =~ "$latest_nc_version".* ]] + then + echo "Nextcloud is up to date - skipping NC update test." + else + lxc exec ncp -- bash -c "DBG=x ncp-update-nc ${latest_nc_version?}" + fi + lxc stop ncp - name: Pack LXD image id: pack-lxd diff --git a/.github/workflows/build-sd-images.yml b/.github/workflows/build-sd-images.yml index 3df86c88a..08af6d47c 100644 --- a/.github/workflows/build-sd-images.yml +++ b/.github/workflows/build-sd-images.yml @@ -34,18 +34,25 @@ jobs: artifact_name: ${{ github.run_id }}-${{ inputs.board_id }}-image steps: - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - name: Apply workaround for sudo bug (https://github.com/multiarch/qemu-user-static/issues/17) + uses: docker/setup-qemu-action@v2 + - name: Setup qemu-user-static run: | - apt-get -y --no-install-recommends install binfmt-support qemu-user-static - for conf in qemu-{aarch64,arm}-static.conf - do - sed 's/:F$/:OC/' /usr/lib/binfmt.d/$conf > /etc/binfmt/$conf - done + sudo apt-get update +# docker run --rm --privileged multiarch/qemu-user-static:register --reset --credential yes +# sudo mkdir -p /etc/binfmt +# for conf in qemu-{aarch64,arm}-static.conf +# do +# sed 's/:F$/:OC/' /usr/lib/binfmt.d/$conf | sudo tee /etc/binfmt/$conf +# done - name: Checkout code uses: actions/checkout@v3 with: ref: "${{ env.VERSION }}" +# - name: Debug +# run: | +# which qemu-aarch64-static +# update-binfmts --display qemu-aarch64 +# update-binfmts --display qemu-arm - name: "Build Armbian" if: ${{ inputs.board_id != 'raspberrypi' }} id: build-armbian @@ -83,7 +90,7 @@ jobs: echo "::set-output name=artifact_file::${IMG}" echo "ARTIFACT_FILE=${IMG}" >> $GITHUB_ENV - name: "Upload Armbian logs" - if: ${{ inputs.board_id != 'raspberrypi' && steps.build-armbian-2nd.outcome == 'failure' }} + if: ${{ inputs.board_id != 'raspberrypi' && failure() }} uses: actions/upload-artifact@v3 with: name: ${{ github.run_id }}-${{ inputs.board_id }}-logs @@ -96,6 +103,7 @@ jobs: echo "Protected? ${{ github.ref_protected }}" export IMG="NextCloudPi_${{ inputs.board_name }}_${VERSION//\//_}.img" [[ "${{ github.ref_protected }}" == true ]] || export DBG=x + wget -q https://github.com/multiarch/qemu-user-static/releases/latest/download/qemu-aarch64-static -O ./qemu-aarch64-static ./build/build-SD-rpi.sh mkdir -p output mv "tmp/$IMG" ./output/ @@ -129,14 +137,21 @@ jobs: shell: bash steps: - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - name: Apply workaround for sudo bug (https://github.com/multiarch/qemu-user-static/issues/17) + uses: docker/setup-qemu-action@v2 + - name: Apt update run: | - apt-get -y --no-install-recommends install binfmt-support qemu-user-static - for conf in qemu-{aarch64,arm}-static.conf - do - sed 's/:F$/:OC/' /usr/lib/binfmt.d/$conf > /etc/binfmt/$conf - done + sudo apt-get update +# sudo apt-get -y --no-install-recommends install qemu-user-static +# - name: Apply workaround for sudo bug (https://github.com/multiarch/qemu-user-static/issues/17) +# run: | +# sudo apt-get update +# sudo apt-get -y --no-install-recommends install binfmt-support qemu-user-static +# docker run --rm --privileged multiarch/qemu-user-static:register --reset --credential yes +# sudo mkdir -p /etc/binfmt +# for conf in qemu-{aarch64,arm}-static.conf +# do +# sed 's/:F$/:OC/' /usr/lib/binfmt.d/$conf | sudo tee /etc/binfmt/$conf +# done - name: Checkout code uses: actions/checkout@v3 with: @@ -154,6 +169,9 @@ jobs: sudo rm -rf raspbian_root . ./build/buildlib.sh mount_raspbian "ncp.img" + sudo wget -nv https://github.com/multiarch/qemu-user-static/releases/latest/download/qemu-aarch64-static -O raspbian_root/usr/bin/qemu-aarch64-static + sudo wget -nv https://github.com/multiarch/qemu-user-static/releases/latest/download/qemu-arm-static -O raspbian_root/usr/bin/qemu-arm-static + sudo chmod +x raspbian_root/usr/bin/qemu-{arm,aarch64}-static echo 'Mutex posixsem' | sudo tee -a raspbian_root/etc/apache2/mods-available/ssl.conf - name: Test image id: test @@ -163,8 +181,7 @@ jobs: trap 'sudo machinectl terminate ncp' EXIT sudo systemd-nspawn --boot -D ./raspbian_root/ -M ncp --hostname=nextcloudpi |& awk '{ print "CONTAINER::" $0 }' & - sudo systemd-run --machine=ncp -P --wait bash -c 'tail -f /var/log/ncp.log' |& awk '{ print "NCP::" $0 }' & - sleep 30 + sleep 60 success=false for attempt in {1..30} @@ -175,6 +192,8 @@ jobs: success=true break done + sudo systemd-run --machine=ncp -P --wait bash -c 'cat /var/log/ncp.log' |& awk '{ print "NCP::" $0 }' + sudo systemd-run --machine=ncp -P --wait bash -c 'tail -n 0 -f /var/log/ncp.log' |& awk '{ print "NCP::" $0 }' & [[ "$success" == "true" ]] || { echo "Could not reach container. Aborting..." @@ -190,8 +209,9 @@ jobs: echo "Geckodriver logs:" tail -n 20 geckodriver.log >&2 || true echo "================" - echo "ncp.log: " - sudo systemd-run --wait -P --machine=ncp ncp /bin/bash -c "tail -n20 /var/log/ncp.log || echo 'ncp.log not found'" + echo "mysql: " + sudo systemd-run --wait -P --machine=ncp bash /usr/local/bin/ncp-diag + sudo systemd-run --wait -P --machine=ncp systemctl status mysql sleep 6 continue } diff --git a/README.md b/README.md index 85c411870..8350366a1 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Find the full documentation at [docs.nextcloudpi.com](http://docs.nextcloudpi.co ## Features * Debian/Raspbian 11 Bullseye - * Nextcloud 23.0.2 + * Nextcloud 24.0.5 * Apache 2.4.25, with HTTP2 enabled * PHP 7.4 * MariaDB 10 diff --git a/bin/ncp-diag b/bin/ncp-diag index 5c26c20d0..8241ed572 100644 --- a/bin/ncp-diag +++ b/bin/ncp-diag @@ -130,7 +130,7 @@ GW=$( ip r | grep "default via" | awk '{ print $3 }' | head -1 ) IP="$(get_ip)" echo "IP|$IP" -echo "Gateway|$GW" +echo "gateway|$GW" echo "Interface|$IFACE" # Certificates diff --git a/bin/ncp-dist-upgrade b/bin/ncp-dist-upgrade index f5fd13bae..3ccc84588 100755 --- a/bin/ncp-dist-upgrade +++ b/bin/ncp-dist-upgrade @@ -72,6 +72,8 @@ release_new=$(jq -r '.release' < "${new_cfg}") # the default repo in bullseye is bullseye-security - use bullseye if it is not available grep -Eh '^deb ' /etc/apt/sources.list | grep 'bullseye-security' > /dev/null && release_new="${release_new}-security" php_ver_new=$(jq -r '.php_version' < "${new_cfg}") +# PHP 8.1 is only supported via the +[[ "$php_ver_new" != 8.1 ]] || php_ver_new=7.4 $APTINSTALL -t ${release_new} php${php_ver_new} php${php_ver_new}-curl php${php_ver_new}-gd php${php_ver_new}-fpm php${php_ver_new}-cli php${php_ver_new}-opcache \ php${php_ver_new}-mbstring php${php_ver_new}-xml php${php_ver_new}-zip php${php_ver_new}-fileinfo php${php_ver_new}-ldap \ diff --git a/bin/ncp-update b/bin/ncp-update index ca564c53a..b6f7a333f 100755 --- a/bin/ncp-update +++ b/bin/ncp-update @@ -4,6 +4,15 @@ [[ -z "$DBG" ]] || set -$DBG +if [[ -f /.dockerenv ]] || [[ -f /.docker-image ]] || [[ "$DOCKERBUILD" == 1 ]] +then + echo "WARNING: Docker images should be updated by replacing the container from the latest docker image" \ + "(refer to the documentation for instructions: https://docs.nextcloudpi.com)." \ + "If you are sure that you know what you are doing, you can still execute the update script by running it like this:" + echo "> ALLOW_UPDATE_SCRIPT=1 ncp-update" + [[ "$ALLOW_UPDATE_SCRIPT" == "1" ]] || exit 1 +fi + { [ "$(id -u)" -ne 0 ] && { printf "Must be run as root. Try 'sudo $0'\n"; exit 1; } diff --git a/bin/ncp-update-nc b/bin/ncp-update-nc index 8cd85b03e..60e8486f0 100755 --- a/bin/ncp-update-nc +++ b/bin/ncp-update-nc @@ -206,22 +206,7 @@ else apachectl -k graceful ## make sure the notify_push daemon is runnnig - cat > /etc/systemd/system/notify_push.service < /etc/systemd/system/notify_push.service < raspbian_root/usr/local/etc/ncp-baseimage +basename "$IMG" | sudo tee raspbian_root/usr/local/etc/ncp-baseimage trap '' EXIT clean_chroot_raspbian diff --git a/etc/ncp-templates/systemd/notify_push.service.sh b/etc/ncp-templates/systemd/notify_push.service.sh new file mode 100644 index 000000000..bbf4ede40 --- /dev/null +++ b/etc/ncp-templates/systemd/notify_push.service.sh @@ -0,0 +1,23 @@ +#! /bin/bash + +set -e +source /usr/local/etc/library.sh + +cat < # GPL licensed (see end of file) * Use at your own risk! @@ -29,6 +29,8 @@ install() test -f /usr/bin/raspi-config && { sed -i '/Change User Password/i"0 NextCloudPi Configuration" "Configuration of NextCloudPi" \\' /usr/bin/raspi-config sed -i '/1\\ \*) do_change_pass ;;/i0\\ *) ncp-config ;;' /usr/bin/raspi-config + # Disable raspberry pi default user + usermod pi -s /sbin/nologin } # add the ncc shortcut @@ -202,7 +204,7 @@ EOF chmod g+w /var/run/.ncp-latest-version # Install all ncp-apps - bin/ncp-update $BRANCH || exit $? + ALLOW_UPDATE_SCRIPT=1 bin/ncp-update $BRANCH || exit $? # LIMIT LOG SIZE grep -q maxsize /etc/logrotate.d/apache2 || sed -i /weekly/amaxsize2M /etc/logrotate.d/apache2 diff --git a/update.sh b/update.sh index de173186b..ff1d816b5 100755 --- a/update.sh +++ b/update.sh @@ -17,6 +17,7 @@ UPDATESDIR=updates # don't make sense in a docker container EXCL_DOCKER=" +nc-autoupdate-ncp nc-automount nc-format-USB nc-datadir @@ -174,6 +175,8 @@ fi # update to the latest NC version is_active_app nc-autoupdate-nc && run_app nc-autoupdate-nc +start_notify_push + # Refresh ncp config values source /usr/local/etc/library.sh diff --git a/updates/1.50.0.sh b/updates/1.50.0.sh index b09d2568a..9aa6cd78a 100644 --- a/updates/1.50.0.sh +++ b/updates/1.50.0.sh @@ -6,4 +6,4 @@ source /usr/local/etc/library.sh clear_opcache -(sleep 5 && service "php${PHPVER}-fpm" restart) & +bash -c "sleep 6; service php${PHPVER}-fpm restart" &>/dev/null & diff --git a/updates/1.50.1.sh b/updates/1.50.1.sh new file mode 100644 index 000000000..a440ff072 --- /dev/null +++ b/updates/1.50.1.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +set -e +export NCPCFG=/usr/local/etc/ncp.cfg +source /usr/local/etc/library.sh + +install_template systemd/notify_push.service.sh /etc/systemd/system/notify_push.service + + +clear_opcache +bash -c "sleep 6; service php${PHPVER}-fpm restart" &>/dev/null &