gstone/nextcloud-selfhosted
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix username

Browse Source
This commit is contained in:
Thomas Gräfenstein
2026-03-22 12:14:33 +01:00
parent 0b334a5daf
commit cdc2ce5d05
3 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
review.md
View File

@@ -5,8 +5,8 @@
| 1 | Critical | `scripts/deploy.sh` | `SCRIPT_DIR` resolves to `scripts/` but paths assume repo root (e.g. `$SCRIPT_DIR/caddy/docker-compose.yml`). All scripts broken after move to `scripts/`. Fix: use `REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"` | DONE | | 1 | Critical | `scripts/deploy.sh` | `SCRIPT_DIR` resolves to `scripts/` but paths assume repo root (e.g. `$SCRIPT_DIR/caddy/docker-compose.yml`). All scripts broken after move to `scripts/`. Fix: use `REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"` | DONE |
| 2 | Critical | `scripts/backup.sh` | Same broken `SCRIPT_DIR` path issue | DONE | | 2 | Critical | `scripts/backup.sh` | Same broken `SCRIPT_DIR` path issue | DONE |
| 3 | Critical | `scripts/restore.sh` | Same broken `SCRIPT_DIR` path issue | DONE | | 3 | Critical | `scripts/restore.sh` | Same broken `SCRIPT_DIR` path issue | DONE |
| 4 | High | `scripts/backup.sh:20` | `pg_dumpall -U nextcloud` hardcodes DB username instead of reading from env | TODO | | 4 | High | `scripts/backup.sh:20` | `pg_dumpall -U nextcloud` hardcodes DB username instead of reading from env | DONE |
| 5 | High | `scripts/restore.sh:68` | `psql -U nextcloud` hardcodes DB username instead of reading from env | TODO | | 5 | High | `scripts/restore.sh:68` | `psql -U nextcloud` hardcodes DB username instead of reading from env | DONE |
| 6 | High | `scripts/deploy.sh:13` | `source .env` in a root-privileged script can execute arbitrary commands. Consider safer parsing or variable validation | TODO | | 6 | High | `scripts/deploy.sh:13` | `source .env` in a root-privileged script can execute arbitrary commands. Consider safer parsing or variable validation | TODO |
| 7 | Medium | `monitoring/docker-compose.yml` | Docker socket + `/proc` + `/sys` + `/` mounted into Alloy container. Consider using a Docker socket proxy to limit API access | TODO | | 7 | Medium | `monitoring/docker-compose.yml` | Docker socket + `/proc` + `/sys` + `/` mounted into Alloy container. Consider using a Docker socket proxy to limit API access | TODO |
| 8 | Medium | `caddy/Caddyfile` | No rate limiting configured at the reverse proxy layer | TODO | | 8 | Medium | `caddy/Caddyfile` | No rate limiting configured at the reverse proxy layer | TODO |

3
scripts/backup.sh
View File

@@ -3,6 +3,7 @@ set -euo pipefail
REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
source "$REPO_ROOT/.env" source "$REPO_ROOT/.env"
source "$REPO_ROOT/nextcloud/.env"
DATA_ROOT="${DATA_ROOT:-/opt/docker-data}" DATA_ROOT="${DATA_ROOT:-/opt/docker-data}"
BACKUP_DIR="/opt/backups" BACKUP_DIR="/opt/backups"
@@ -17,7 +18,7 @@ echo "==> Starting backup ($DATE)..."
# Nextcloud Postgres dump # Nextcloud Postgres dump
# ------------------------------------------------------------------ # ------------------------------------------------------------------
echo " -> Dumping Nextcloud Postgres..." echo " -> Dumping Nextcloud Postgres..."
docker exec nextcloud-postgres pg_dumpall -U nextcloud > "$BACKUP_DIR/nextcloud-db-$DATE.sql" docker exec nextcloud-postgres pg_dumpall -U "$POSTGRES_USER" > "$BACKUP_DIR/nextcloud-db-$DATE.sql"
# ------------------------------------------------------------------ # ------------------------------------------------------------------
# Nextcloud data # Nextcloud data

3
scripts/restore.sh
View File

@@ -3,6 +3,7 @@ set -euo pipefail
REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
source "$REPO_ROOT/.env" source "$REPO_ROOT/.env"
source "$REPO_ROOT/nextcloud/.env"
DATA_ROOT="${DATA_ROOT:-/opt/docker-data}" DATA_ROOT="${DATA_ROOT:-/opt/docker-data}"
BACKUP_DIR="/opt/backups" BACKUP_DIR="/opt/backups"
@@ -65,7 +66,7 @@ echo " -> Waiting for Postgres to be ready..."
sleep 5 sleep 5
echo "==> Restoring Nextcloud database..." echo "==> Restoring Nextcloud database..."
docker exec -i nextcloud-postgres psql -U nextcloud < "$DB_DUMP" docker exec -i nextcloud-postgres psql -U "$POSTGRES_USER" < "$DB_DUMP"
# ------------------------------------------------------------------ # ------------------------------------------------------------------
# Start all services # Start all services