diff --git a/bundles/nextcloud/files/managed.config.php b/bundles/nextcloud/files/managed.config.php index d047b0c..e2654af 100644 --- a/bundles/nextcloud/files/managed.config.php +++ b/bundles/nextcloud/files/managed.config.php @@ -28,4 +28,14 @@ $CONFIG = array ( "redis" => [ "host" => "/var/run/redis/nextcloud.sock", ], + 'trusted_domains' => + array ( + 0 => 'localhost', + 1 => '127.0.0.1', + 2 => 'cloud.sublimity.de', + ), + "log_type" => "syslog", + "syslog_tag" => "nextcloud", + "logfile" => "", + "loglevel" => 3, ); diff --git a/bundles/nextcloud/metadata.py b/bundles/nextcloud/metadata.py index 757675c..4d74c6d 100644 --- a/bundles/nextcloud/metadata.py +++ b/bundles/nextcloud/metadata.py @@ -15,6 +15,10 @@ defaults = { 'php-cgi': {}, 'php-zip': {}, 'php-pgsql': {}, + 'php-bz2': {}, # face recognition + }, + 'sources': { + 'deb https://repo.delellis.com.ar {release} {release}', }, }, 'archive': { @@ -50,6 +54,11 @@ defaults = { 'env[TMPDIR]': '/tmp', 'env[TEMP]': '/tmp', }, + 'php.ini': { + 'PHP': { + 'memory_limit': '3G', # face recognition requires 2G + }, + }, }, 'postgresql': { 'roles': { @@ -77,6 +86,11 @@ defaults = { 'when': 'Sun 00:00:00', 'user': 'www-data', }, + 'nextcloud-face-recognition': { + 'command': '/usr/bin/php -f /opt/nextcloud/occ face:background_job', + 'when': 'hourly', + 'user': 'www-data', + }, }, 'zfs': { 'datasets': { @@ -107,3 +121,16 @@ def vhost(metadata): }, }, } + + +@metadata_reactor.provides( + 'nginx/vhosts' +) +def pdlib(metadata): + return { + 'apt': { + 'packages': { + f"php{metadata.get('php/version')}-pdlib": {}, + }, + }, + } diff --git a/bundles/php/files/php.ini b/bundles/php/files/php.ini deleted file mode 100644 index eaabd7f..0000000 --- a/bundles/php/files/php.ini +++ /dev/null @@ -1,110 +0,0 @@ -[PHP] -; Only needed for libapache2-mod-php? -engine = On -short_open_tag = Off -precision = 14 -output_buffering = 4096 -zlib.output_compression = Off -implicit_flush = Off -serialize_precision = -1 -ignore_user_abort = Off -zend.enable_gc = On -expose_php = Off - -max_execution_time = 300 -max_input_time = 600 -memory_limit = 1G - -error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT -display_startup_errors = Off -log_errors = On -log_errors_max_len = 1024 -ignore_repeated_errors = Off -ignore_repeated_source = Off -report_memleaks = On -html_errors = On -error_log = syslog -syslog.ident = php7.4 -syslog.filter = ascii - -arg_separator.output = "&" -variables_order = "GPCS" -request_order = "GP" -register_argc_argv = Off -auto_globals_jit = On -post_max_size = ${post_max_size} -default_mimetype = "text/html" -default_charset = "UTF-8" - -enable_dl = Off -file_uploads = On -upload_max_filesize = ${post_max_size} -max_file_uploads = 2000 - -allow_url_fopen = On -allow_url_include = Off -default_socket_timeout = 10 - -[CLI Server] -cli_server.color = On - -[mail function] -mail.add_x_header = Off - -[ODBC] -odbc.allow_persistent = On -odbc.check_persistent = On -odbc.max_persistent = -1 -odbc.max_links = -1 -odbc.defaultlrl = 4096 -odbc.defaultbinmode = 1 - -[PostgreSQL] -pgsql.allow_persistent = On -pgsql.auto_reset_persistent = Off -pgsql.max_persistent = -1 -pgsql.max_links = -1 -pgsql.ignore_notice = 0 -pgsql.log_notice = 0 - -[bcmath] -bcmath.scale = 0 - -[Session] -session.save_handler = files -session.use_strict_mode = 0 -session.use_cookies = 1 -session.use_only_cookies = 1 -session.name = PHPSESSID -session.auto_start = 0 -session.cookie_lifetime = 0 -session.cookie_path = / -session.cookie_domain = -session.cookie_httponly = -session.cookie_samesite = -session.serialize_handler = php -session.gc_probability = 1 -session.gc_divisor = 1000 -session.gc_maxlifetime = 1440 -session.referer_check = -session.cache_limiter = nocache -session.cache_expire = 180 -session.use_trans_sid = 0 -session.sid_length = 32 -session.trans_sid_tags = "a=href,area=href,frame=src,form=" -session.sid_bits_per_character = 6 - -[Assertion] -zend.assertions = -1 - -[Date] -date.timezone = Europe/London - -[opcache] -opcache.enable = 1 -opcache.interned_strings_buffer = 32 -opcache.max_accelerated_files = 20000 -opcache.memory_consumption = 1024 -opcache.save_comments = 1 -opcache.validate_timestamps = 1 -opcache.revalidate_freq = 60 diff --git a/bundles/php/items.py b/bundles/php/items.py index 2f4175b..81fe14c 100644 --- a/bundles/php/items.py +++ b/bundles/php/items.py @@ -1,22 +1,21 @@ -version = node.metadata.get('php/version') +from os.path import join +import json -php_ini_context = { - 'num_cpus': node.metadata.get('vm/cores'), - 'post_max_size': node.metadata.get('php/post_max_size'), -} +from bundlewrap.utils.dicts import merge_dict + + +version = node.metadata.get('php/version') files = { f'/etc/php/{version}/cli/php.ini': { - 'content_type': 'mako', - 'context': php_ini_context, + 'content': repo.libs.ini.dumps(node.metadata.get('php/php.ini')), 'needs': { f'pkg_apt:php{version}', f'pkg_apt:php{version}-fpm', }, }, f'/etc/php/{version}/fpm/php.ini': { - 'content_type': 'mako', - 'context': php_ini_context, + 'content': repo.libs.ini.dumps(node.metadata.get('php/php.ini')), 'needs': { f'pkg_apt:php{version}', f'pkg_apt:php{version}-fpm', diff --git a/bundles/php/metadata.py b/bundles/php/metadata.py index 332cdcf..3a6131c 100644 --- a/bundles/php/metadata.py +++ b/bundles/php/metadata.py @@ -1,21 +1,143 @@ defaults = { - 'php': { - 'post_max_size': '32G', - }, } +@metadata_reactor.provides( + 'php/php.ini', +) +def php_ini(metadata): + conf = { + 'PHP': { + 'engine': 'On', + 'short_open_tag': 'Off', + 'precision': '14', + 'output_buffering': '4096', + 'zlib.output_compression': 'Off', + 'implicit_flush': 'Off', + 'serialize_precision': '-1', + 'ignore_user_abort': 'Off', + 'zend.enable_gc': 'On', + 'expose_php': 'Off', + 'max_execution_time': '300', + 'max_input_time': '600', + 'memory_limit': '512M', + 'error_reporting': '"E_ALL & ~E_DEPRECATED & ~E_STRICT"', + 'display_startup_errors': 'Off', + 'log_errors': 'On', + 'log_errors_max_len': '1024', + 'ignore_repeated_errors': 'Off', + 'ignore_repeated_source': 'Off', + 'report_memleaks': 'On', + 'html_errors': 'On', + 'error_log': 'syslog', + 'syslog.ident': 'php', + 'syslog.filter': 'ascii', + 'arg_separator.output': '"&"', + 'variables_order': 'GPCS', + 'request_order': 'GP', + 'register_argc_argv': 'Off', + 'auto_globals_jit': 'On', + 'post_max_size': '32g', + 'default_mimetype': 'text/html', + 'default_charset': 'UTF-8', + 'enable_dl': 'Off', + 'file_uploads': 'On', + 'upload_max_filesize': '32g', + 'max_file_uploads': '2000', + 'allow_url_fopen': 'On', + 'allow_url_include': 'Off', + 'default_socket_timeout': '10', + }, + 'CLI Server': { + 'cli_server.color': 'On', + }, + 'mail function': { + 'mail.add_x_header': 'Off', + }, + 'ODBC': { + 'odbc.allow_persistent': 'On', + 'odbc.check_persistent': 'On', + 'odbc.max_persistent': '-1', + 'odbc.max_links': '-1', + 'odbc.defaultlrl': '4096', + 'odbc.defaultbinmode': '1', + }, + 'PostgreSQL': { + 'pgsql.allow_persistent': 'On', + 'pgsql.auto_reset_persistent': 'Off', + 'pgsql.max_persistent': '-1', + 'pgsql.max_links': '-1', + 'pgsql.ignore_notice': '0', + 'pgsql.log_notice': '0', + }, + 'bcmath': { + 'bcmath.scale': '0', + }, + 'Session': { + 'session.save_handler': 'files', + 'session.use_strict_mode': '0', + 'session.use_cookies': '1', + 'session.use_only_cookies': '1', + 'session.name': 'PHPSESSID', + 'session.auto_start': '0', + 'session.cookie_lifetime': '0', + 'session.cookie_path': '/', + 'session.cookie_domain': '', + 'session.cookie_httponly': '', + 'session.cookie_samesite': '', + 'session.serialize_handler': 'php', + 'session.gc_probability': '1', + 'session.gc_divisor': '1000', + 'session.gc_maxlifetime': '1440', + 'session.referer_check': '', + 'session.cache_limiter': 'nocache', + 'session.cache_expire': '180', + 'session.use_trans_sid': '0', + 'session.sid_length': '32', + 'session.trans_sid_tags': '"a=href,area=href,frame=src,form="', + 'session.sid_bits_per_character': '6', + }, + 'Assertion': { + 'zend.assertions': '-1', + }, + 'Date': { + 'date.timezone': 'Europe/London', + }, + 'opcache': { + 'opcache.enable': '1', + 'opcache.interned_strings_buffer': '32', + 'opcache.max_accelerated_files': '20000', + 'opcache.memory_consumption': '1024', + 'opcache.save_comments': '1', + 'opcache.validate_timestamps': '1', + 'opcache.revalidate_freq': '60', + }, + } + + return { + 'php': { + 'php.ini': { + section: { + key: value + for key, value in options.items() + if not metadata.get(f'php/php.ini/{section}/{key}', None) + } + for section, options in conf.items() + } + }, + } + + @metadata_reactor.provides( 'php/www.conf', ) def www_conf(metadata): - version = metadata.get('php/version') return { 'php': { 'www.conf': { 'user': 'www-data', 'group': 'www-data', - 'listen': f'/run/php/php{version}-fpm.sock', + 'listen': f"/run/php/php{metadata.get('php/version')}-fpm.sock", 'listen.owner': 'www-data', 'listen.group': 'www-data', 'pm': 'dynamic', @@ -33,12 +155,11 @@ def www_conf(metadata): 'apt/packages', ) def apt(metadata): - version = metadata.get('php/version') return { 'apt': { 'packages': { - f'php{version}': {}, - f'php{version}-fpm': {}, + f"php{metadata.get('php/version')}": {}, + f"php{metadata.get('php/version')}-fpm": {}, }, }, } diff --git a/data/apt/keys/repo.delellis.com.ar.asc b/data/apt/keys/repo.delellis.com.ar.asc new file mode 100644 index 0000000..f352d69 --- /dev/null +++ b/data/apt/keys/repo.delellis.com.ar.asc @@ -0,0 +1,41 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBF5qU5ABDAC5P4yAxACWwvknjaREtCjSpqwpVKbP+HCQcaho3ao/ls2mUQ7K +WzqoAknFljZACkoQT6D+9t0Wx+aYhSb8kc/RHDoQQN5w7sAxBCsUS0/unF7PQxZH +px3YTJgTlkl7cB79pbK5mu/Ybj/AhtjLwuu5CO8xPK19K2Xl1TT14sWlfxVmNxJ1 +X62w2lPfHuS1GJKw5k32ee3UeZB2FAuwzO84FlvlmoSgiGgOSW+OPLxapZA0glO3 +M/FpjF/ergaQqbU3nAaPkj3J7by7+j2r81RJZ49s9RXPUHie8d5TDB53KWaOTHPh +ONF3pssaWeEMP3Ju23s1t9dV1hPtwzdTiXu3lQp+0eZy4X085tEGsz4oYxAXlG2X +gXKR9wO8AhzN6E2UJRDPjiXD8APDh5SDxNreFFTv9orh+dRHjaFQuds0erkDVc9g +CDkczKy8zi14BEdWolPHNp6rVdbtyFKhiCrr9MOQEGJ04FgIB6HDbaAAXEUe7oU4 +0v1i0BXFrCVDNx8AEQEAAbQlTWF0aWFzIERlIGxlbGxpcyA8bWF0aTg2ZGxAZ21h +aWwuY29tPokB1AQTAQgAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYhBIMH +yrK2G/QHU3ipTjkheTntPQfbBQJiOGH3BQkHkHVnAAoJEDkheTntPQfbQ28MAIw3 +yz+CJWP60ypv/W4ErUif0bhwMsSG+5YPligOcSmgzw9x3xysPSLpBrBR5cpLCx8Z +voqFa5PJbu8cKhmHGQMvH7duVPL6gRX4dQG9t9qtKd9DYmsD9GweyCWFIhVFTId4 +VyDeEqx1IWAHyLoJmfnCQAIZHwhPrZKVU2hui8YjqZ4bpuP/xKGBiREgkPP5yv/T +J0GPoH9JOe67V9pDDN71cJzJpbFG7bPwH5LkzhO2fS6StyLKG7rMJHo6y2B9tWET +4V18WKotn1rT2gBunoCE3NsazwnXFf1C/KnHZF8zYAtLZfFa2gz4JgLk4kCgKeUO +vKubOoF44BFad6hgXA2yFiY7LXZmUhydlIdMp9P67jdmosW6Rbjz3st/nqg6pmjM +pMFEoc2jybdbiWkppRmrQlwRD76ir1Fcu71eEDZIPCfHpBNEyMgtdL/zyJnUbtGl +Bp8Jpfg9Y3CqDXtBkUug6KQ77S61zRnaenD91V2NrMnHVQsoiNP42h//7feTiLkB +jQRealOQAQwA2YM6vfJbo+BkFSmjwpuvY65DzVDyz4nRO1NvHBHeuMJKeWgF5pKe +e/TOJWcjlsBT2xwsqi8NhT1O2BpVBXOGN2Ck6YLQ0WPaxfsmAEGCyVFsJIBuWOQ7 +j0VXyvbHbUGrcLg5sA3VS0zzqquMf7dAwHI7earp1HsOd8DvRs518leRx18wiDap +6UbPqpu3yFqNY4oeZ7oBpII6olm9YtGGP0mHquPYpWq9ZlN1vjPbLgjY1IPs2OMl +DGE1eaEWeygyL1tRgjAGpgsdLS3BOgF1fY0OpTRyZnez+W8eWqTB12yF17FpErWC +VeO8h6LosfjcQ8Bg2WQnFrzJJgXzVxrvwygbtggvN/feEPzWJg92TEQLzMFRf8I9 +rCju5SOR5WBTPmvnq7f9VT/2rg0WSBjkVxGq9wMVyXmOOkYUB6hx5ynDEM9cIzG3 +Jmvm+rz1lQiILwnpFXUtTWnQbMuUmdPWFM2f2XKRY0RE0EvJ4K5ve49bz+SvOUip +ewVowQ46z0LZABEBAAGJAbwEGAEIACYCGwwWIQSDB8qythv0B1N4qU45IXk57T0H +2wUCYjhiLwUJB5B1nwAKCRA5IXk57T0H2/7jDACqur/sIYzTSxUEn73yyde6S8za +ZzcnzV9JIIi9vTVd50J5ngWjg06PPYe6NXSf6J/EXxHOp2TKy58FPyMnxBENzycM +P+9GyH4UH3nOK8ywgZ7nkyXYjJKzZ+88F9HcUgO3xSwsMy6kpeIdxXI3fpEOVXBn +lAsHM6CF1Nk5O4oxgJwgbXwf5ntYDeXwcpm6NCdDTorYLy5JvhDg8XiTeMl6fFki +uDSrNF0UNkkhutS/66FVLUlq5grSWH7mYviau6Ju2C2Tq2GijvRcvkQcA37Mx//x +x4ydNydSmu5kxfB6JorgAnK8sLTIHU+RWgmJRly5YY/G6RXm2QsYs+RvObgIablW +k1ZXNcb3qEyn3D91sXUsvp7qMAnQjWp2UkV4KygMc6C4i54JkOTcZiGhynjB6pL9 +FgpIgjjhC9B+hToo9uuLC2Ox58TA+7l1sR4JG0XCNW0Z+5swBnWyrlt/ZwWxFqoB +oxYE/j3yxh9TmgHv54/j2ZzU8tiJHW01AGlbbxo= +=cWkh +-----END PGP PUBLIC KEY BLOCK----- diff --git a/nodes/home.server.py b/nodes/home.server.py index 98468e3..134d810 100644 --- a/nodes/home.server.py +++ b/nodes/home.server.py @@ -83,7 +83,7 @@ }, 'nextcloud': { 'hostname': 'cloud.sublimity.de', - 'version': '23.0.3', + 'version': '23.0.5', }, 'nextcloud-picsort': { 'ckn': {