diff --git a/Containers/collabora/Dockerfile b/Containers/collabora/Dockerfile index 40f2c4f69ca..3c709c35bd1 100644 --- a/Containers/collabora/Dockerfile +++ b/Containers/collabora/Dockerfile @@ -15,7 +15,9 @@ RUN set -ex; \ ; \ rm -rf /var/lib/apt/lists/*; +COPY --chmod=775 healthcheck.sh /healthcheck.sh + USER 100 -HEALTHCHECK CMD nc -z 127.0.0.1 9980 || exit 1 +HEALTHCHECK --start-period=360s CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" diff --git a/Containers/collabora/healthcheck.sh b/Containers/collabora/healthcheck.sh new file mode 100644 index 00000000000..67cecdc3bda --- /dev/null +++ b/Containers/collabora/healthcheck.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +nc -z 127.0.0.1 9980 || exit 1 diff --git a/Containers/fulltextsearch/Dockerfile b/Containers/fulltextsearch/Dockerfile index 571780ede2e..9b7804f7463 100644 --- a/Containers/fulltextsearch/Dockerfile +++ b/Containers/fulltextsearch/Dockerfile @@ -16,7 +16,9 @@ RUN set -ex; \ ; \ rm -rf /var/lib/apt/lists/*; +COPY --chmod=775 healthcheck.sh /healthcheck.sh + USER 1000:0 -HEALTHCHECK CMD nc -z 127.0.0.1 9200 || exit 1 +HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" diff --git a/Containers/fulltextsearch/healthcheck.sh b/Containers/fulltextsearch/healthcheck.sh new file mode 100644 index 00000000000..5e888ea6013 --- /dev/null +++ b/Containers/fulltextsearch/healthcheck.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +nc -z 127.0.0.1 9200 || exit 1 diff --git a/Containers/imaginary/Dockerfile b/Containers/imaginary/Dockerfile index 20c90fa5e87..efe0ed70f47 100644 --- a/Containers/imaginary/Dockerfile +++ b/Containers/imaginary/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:latest FROM golang:1.23.3-alpine3.20 AS go -ENV IMAGINARY_HASH=8f36a26c448be8c151a3878404b75fcd1cd3cf0c +ENV IMAGINARY_HASH=8f36a26c448be8c151a3878404b75fcd1cd3cf0c RUN set -ex; \ apk add --no-cache \ @@ -30,6 +30,7 @@ RUN set -ex; \ COPY --from=go /go/bin/imaginary /usr/local/bin/imaginary COPY --chmod=775 start.sh /start.sh +COPY --chmod=775 healthcheck.sh /healthcheck.sh ENV PORT=9000 @@ -39,5 +40,5 @@ USER 65534 ENV MALLOC_ARENA_MAX=2 ENTRYPOINT ["/start.sh"] -HEALTHCHECK CMD nc -z 127.0.0.1 "$PORT" || exit 1 +HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" diff --git a/Containers/imaginary/healthcheck.sh b/Containers/imaginary/healthcheck.sh new file mode 100644 index 00000000000..46d700fcb22 --- /dev/null +++ b/Containers/imaginary/healthcheck.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +nc -z 127.0.0.1 "$PORT" || exit 1 diff --git a/Containers/nextcloud/Dockerfile b/Containers/nextcloud/Dockerfile index 8ab0f9dad62..e4df8f2cae9 100644 --- a/Containers/nextcloud/Dockerfile +++ b/Containers/nextcloud/Dockerfile @@ -279,5 +279,5 @@ USER root ENTRYPOINT ["/start.sh"] CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] -HEALTHCHECK --start-period=60s CMD sudo -E -u www-data bash /healthcheck.sh +HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" diff --git a/Containers/onlyoffice/Dockerfile b/Containers/onlyoffice/Dockerfile index 412ce05458e..bfecd246362 100644 --- a/Containers/onlyoffice/Dockerfile +++ b/Containers/onlyoffice/Dockerfile @@ -4,5 +4,7 @@ FROM onlyoffice/documentserver:8.2.2.1 # USER root is probably used -HEALTHCHECK CMD nc -z 127.0.0.1 80 || exit 1 +COPY --chmod=775 healthcheck.sh /healthcheck.sh + +HEALTHCHECK --start-period=360s CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" diff --git a/Containers/onlyoffice/healthcheck.sh b/Containers/onlyoffice/healthcheck.sh new file mode 100644 index 00000000000..7a9d79d0aad --- /dev/null +++ b/Containers/onlyoffice/healthcheck.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +nc -z 127.0.0.1 80 || exit 1 diff --git a/Containers/redis/Dockerfile b/Containers/redis/Dockerfile index 98fb8529988..64b1c2faafa 100644 --- a/Containers/redis/Dockerfile +++ b/Containers/redis/Dockerfile @@ -14,8 +14,10 @@ RUN set -ex; \ # Get rid of unused binaries rm -f /usr/local/bin/gosu; +COPY --chmod=775 healthcheck.sh /healthcheck.sh + USER 999 ENTRYPOINT ["/start.sh"] -HEALTHCHECK CMD redis-cli -a $REDIS_HOST_PASSWORD PING || exit 1 +HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" diff --git a/Containers/redis/healthcheck.sh b/Containers/redis/healthcheck.sh new file mode 100644 index 00000000000..6588229f13d --- /dev/null +++ b/Containers/redis/healthcheck.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +redis-cli -a "$REDIS_HOST_PASSWORD" PING || exit 1 diff --git a/Containers/talk-recording/Dockerfile b/Containers/talk-recording/Dockerfile index 1d7df91446d..a935db93656 100644 --- a/Containers/talk-recording/Dockerfile +++ b/Containers/talk-recording/Dockerfile @@ -2,6 +2,7 @@ FROM python:3.13.0-alpine3.20 COPY --chmod=775 start.sh /start.sh +COPY --chmod=775 healthcheck.sh /healthcheck.sh ENV RECORDING_VERSION=v0.1 ENV ALLOW_ALL=false @@ -54,5 +55,5 @@ USER 122 ENTRYPOINT ["/start.sh"] CMD ["python", "-m", "nextcloud.talk.recording", "--config", "/conf/recording.conf"] -HEALTHCHECK CMD nc -z 127.0.0.1 1234 || exit 1 +HEALTHCHECK CMD /healthcheck.sh LABEL com.centurylinklabs.watchtower.enable="false" diff --git a/Containers/talk-recording/healthcheck.sh b/Containers/talk-recording/healthcheck.sh new file mode 100644 index 00000000000..8397ab3cea0 --- /dev/null +++ b/Containers/talk-recording/healthcheck.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +nc -z 127.0.0.1 1234 || exit 1 diff --git a/Containers/whiteboard/Dockerfile b/Containers/whiteboard/Dockerfile index c4446756fc8..3d178c18fdb 100644 --- a/Containers/whiteboard/Dockerfile +++ b/Containers/whiteboard/Dockerfile @@ -1,4 +1,5 @@ # syntax=docker/dockerfile:latest +# Probably from this file: https://github.com/nextcloud/whiteboard/blob/main/Dockerfile FROM ghcr.io/nextcloud-releases/whiteboard:v1.0.4 USER root @@ -8,6 +9,9 @@ RUN set -ex; \ USER 65534 COPY --chmod=775 start.sh /start.sh +COPY --chmod=775 healthcheck.sh /healthcheck.sh + +HEALTHCHECK CMD /healthcheck.sh ENTRYPOINT ["/start.sh"] diff --git a/Containers/whiteboard/healthcheck.sh b/Containers/whiteboard/healthcheck.sh new file mode 100644 index 00000000000..4f53988a631 --- /dev/null +++ b/Containers/whiteboard/healthcheck.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +nc -z "$REDIS_HOST" 6379 || exit 0 +nc -z 127.0.0.1 3002 || exit 1 diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index a8719b1b1e0..7e1364b2ebc 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -25,6 +25,8 @@ set -ex cd manual-install cp latest.yml latest.yml.backup +# Additional config +# shellcheck disable=SC1083 sed -i -E '/^( *- )(NET_RAW|SYS_NICE|MKNOD|SYS_ADMIN)$/!s/( *- )([A-Z_]+)$/\1\2=${\2}/' latest.yml cp sample.conf /tmp/ sed -i 's|^|export |' /tmp/sample.conf @@ -117,6 +119,12 @@ EOL DEPLOYMENTS="$(find ./ -name '*deployment.yaml')" mapfile -t DEPLOYMENTS <<< "$DEPLOYMENTS" for variable in "${DEPLOYMENTS[@]}"; do + if grep -q livenessProbe "$variable"; then + sed -n "/.*livenessProbe/,/timeoutSeconds.*/p" "$variable" > /tmp/liveness.probe + cat /tmp/liveness.probe + sed -i "s|livenessProbe|readinessProbe|" /tmp/liveness.probe + sed -i "/^ image:/r /tmp/liveness.probe" "$variable" + fi if grep -q volumeMounts "$variable"; then if echo "$variable" | grep -q database; then sed -i "/^ spec:/r /tmp/initcontainers.database" "$variable" @@ -197,6 +205,8 @@ find ./ -name '*deployment.yaml' -exec sed -i "s|manual-install-nextcloud-aio|ne # shellcheck disable=SC1083 find ./ -name '*deployment.yaml' -exec sed -i "/medium: Memory/d" \{} \; # shellcheck disable=SC1083 +find ./ -name '*.yaml' -exec sed -i "/kompose.cmd/d" \{} \; +# shellcheck disable=SC1083 find ./ -name '*deployment.yaml' -exec sed -i "s|emptyDir:|emptyDir: \{\}|" \{} \; # shellcheck disable=SC1083 find ./ -name '*deployment.yaml' -exec sed -i "/hostPort:/d" \{} \; diff --git a/php/containers-schema.json b/php/containers-schema.json index cf3f893fb44..7055d0db9d1 100644 --- a/php/containers-schema.json +++ b/php/containers-schema.json @@ -94,6 +94,36 @@ } } }, + "healthcheck": { + "type": "object", + "additionalProperties": false, + "minProperties": 6, + "properties": { + "interval": { + "type": "string", + "pattern": "^[0-9]+s$" + }, + "timeout": { + "type": "string", + "pattern": "^[0-9]+s$" + }, + "retries": { + "type": "integer" + }, + "start_period": { + "type": "string", + "pattern": "^[0-9]+s$" + }, + "start_interval": { + "type": "string", + "pattern": "^[0-9]+s$" + }, + "test": { + "type": "string", + "pattern": "^.*$" + } + } + }, "aio_variables": { "type": "array", "items": { diff --git a/php/containers.json b/php/containers.json index 17f60b2d7fd..cf302369992 100644 --- a/php/containers.json +++ b/php/containers.json @@ -15,6 +15,14 @@ "image": "nextcloud/aio-apache", "user": "33", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "ports": [ { "ip_binding": "%APACHE_IP_BINDING%", @@ -81,6 +89,14 @@ "image": "nextcloud/aio-postgresql", "user": "999", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "5432" ], @@ -140,6 +156,14 @@ "display_name": "Nextcloud", "image": "nextcloud/aio-nextcloud", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "9000", "9001" @@ -255,6 +279,14 @@ "image": "nextcloud/aio-notify-push", "user": "33", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "7867" ], @@ -297,6 +329,14 @@ "image": "nextcloud/aio-redis", "user": "999", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "6379" ], @@ -333,6 +373,14 @@ "display_name": "Collabora", "image": "nextcloud/aio-collabora", "init": true, + "healthcheck": { + "start_period": "360s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "9980" ], @@ -372,6 +420,14 @@ "image": "nextcloud/aio-talk", "user": "1000", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "ports": [ { "ip_binding": "", @@ -429,6 +485,14 @@ "image": "nextcloud/aio-talk-recording", "user": "122", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "1234" ], @@ -591,6 +655,14 @@ "image": "nextcloud/aio-clamav", "user": "100", "init": false, + "healthcheck": { + "start_period": "360s", + "test": "clamdcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "3310" ], @@ -630,6 +702,14 @@ "display_name": "OnlyOffice", "image": "nextcloud/aio-onlyoffice", "init": true, + "healthcheck": { + "start_period": "360s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "80" ], @@ -672,6 +752,14 @@ "image": "nextcloud/aio-imaginary", "user": "65534", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "9000" ], @@ -708,6 +796,14 @@ "display_name": "Fulltextsearch", "image": "nextcloud/aio-fulltextsearch", "init": false, + "healthcheck": { + "start_period": "60s", + "test": "/healthcheck.sh", + "interval": "10s", + "timeout": "5s", + "start_interval": "5s", + "retries": 5 + }, "expose": [ "9200" ], @@ -778,6 +874,14 @@ "image": "nextcloud/aio-whiteboard", "user": "65534", "init": true, + "healthcheck": { + "start_period": "0s", + "test": "/healthcheck.sh", + "interval": "30s", + "timeout": "30s", + "start_interval": "5s", + "retries": 3 + }, "expose": [ "3002" ],