macthecadillac/nextcloud-podman.sh

## nextcloud-podman.sh
#!/bin/bash
systemd_tasks() {
    podman generate systemd --new --name $1 > ~/.config/systemd/user/$1.service
    podman container stop $1
    systemctl --user daemon-reload
    systemctl --user --now enable $1.service
}

mkdir -p ~/.config/systemd/user
mkdir -p ~/.local/share/nextcloud-pod/mariadb
mkdir -p ~/.local/share/nextcloud-pod/nextcloud
mkdir ~/data
mkdir ~/shared
podman unshare chmod -R 755 ~/shared
podman unshare chown -R 33:33 ~/shared ~/data ~/.local/share/nextcloud-pod/*

podman pod create \
    --hostname example.com \
    --name nextcloud-server
sleep 0.5
podman network create nextcloud-net
sleep 0.5

podman run \
    --detach \
    --pod nextcloud-server \
    --name mariadb \
    --label io.containers.autoupdate=registry \
    --label PODMAN_SYSTEMD_UNIT=mariadb.service \
    --network nextcloud-net \
    --env MYSQL_DATABASE=nextcloud \
    --env MYSQL_USER=nextcloud \
    --env MYSQL_PASSWORD="MYSQL_PASSWORD" \
    --env MYSQL_ROOT_PASSWORD="MYSQL_ROOT_PASSWORD" \
    --env TZ="US/Pacific" \
    --volume ~/.local/share/nextcloud-pod/mariadb:/var/lib/mysql:Z \
    docker.io/library/mariadb:latest
sleep 1
systemd_tasks "mariadb"

podman run \
    --detach \
    --pod nextcloud-server \
    --name redis \
    --label io.containers.autoupdate=registry \
    --label PODMAN_SYSTEMD_UNIT=redis.service \
    --network nextcloud-net \
    --env TZ="US/Pacific" \
    docker.io/library/redis:alpine \
    redis-server --requirepass "REDIS_PASSWORD" --save "" --appendonly no
sleep 1
systemd_tasks "redis"

podman run \
    --detach \
    --pod nextcloud-server \
    --name imaginary \
    --cap-add SYS_NICE \
    --label io.containers.autoupdate=registry \
    --label PODMAN_SYSTEMD_UNIT=imaginary.service \
    --network nextcloud-net \
    --env TZ="US/Pacific" \
    --env MALLOC_ARENA_MAX=2 \
    docker.io/h2non/imaginary:latest
sleep 1
systemd_tasks "imaginary"

podman run \
    --detach \
    --pod nextcloud-server \
    --name nextcloud \
    --label io.containers.autoupdate=registry \
    --label PODMAN_SYSTEMD_UNIT=nextcloud.service \
    --network nextcloud-net \
    --publish 40000:80 \
    --env NEXTCLOUD_TRUSTED_DOMAINS="" \
    --env NEXTCLOUD_TRUSTED_PROXIES="myproxy" \
    --env OVERWRITEWEBROOT=/nextcloud \
    --env OVERWRITEPROTOCOL="https" \
    --env OVERWRITEHOST="example.com" \
    --env MYSQL_HOST=mariadb.dns.podman \
    --env MYSQL_DATABASE=nextcloud \
    --env MYSQL_USER=nextcloud \
    --env MYSQL_PASSWORD="MYSQL_PASSWORD" \
    --env REDIS_HOST=redis.dns.podman \
    --env REDIS_HOST_PASSWORD="REDIS_PASSWORD" \
    --env IMAGINARY_ENABLED=1 \
    --env IMAGINARY_HOST=imaginary.dns.podman \
    --env PHP_MEMORY_LIMIT=1024M \
    --env PHP_UPLOAD_LIMIT=32G \
    --env TZ="US/Pacific" \
    --volume ~/.local/share/nextcloud-pod/nextcloud:/var/www/html:z \
    --volume ~/data:/var/www/html/data:z \
    --volume ~/shared:/shared:z \
    --device /dev/dri/renderD128:/dev/dri/renderD128 \
    --annotation run.oci.keep_original_groups=1 \
    --group-add=997 \
    --entrypoint /bin/bash \
    docker.io/library/nextcloud:latest \
    -c "
        sed -i 's/Components: main$/Components: main contrib non-free non-free-firmware/g' /etc/apt/sources.list.d/debian.sources &&
        apt-get update &&
        apt-get install -y --no-install-recommends ffmpeg i965-va-driver-shaders libbz2-dev &&
        docker-php-ext-install bz2 &&
        /entrypoint.sh apache2-foreground"
sleep 1
systemd_tasks "nextcloud"

echo '[Unit]
Description=Nextcloud cron.php job

[Service]
ExecCondition=podman container exec -u 33 nextcloud php -f /var/www/html/occ status -e
ExecStart=podman container exec -u 33 nextcloud php -f /var/www/html/cron.php
KillMode=process' > ~/.config/systemd/user/nextcloud-cron.service

echo '[Unit]
Description=Run Nextcloud cron.php every 5 minutes

[Timer]
OnBootSec=5min
OnUnitActiveSec=5min
Unit=nextcloud-cron.service

[Install]
WantedBy=timers.target' > ~/.config/systemd/user/nextcloud-cron.timer

systemctl --user daemon-reload
systemctl --user --now enable nextcloud-cron.timer

syncthing() {
    mkdir -p ~/.config/syncthing-podman/$1
    podman run \
        --detach \
        --name $1-syncthing \
        --user 33 \
        --env TZ="US/Pacific" \
        --env HOSTNAME=backup-server \
        --label io.containers.autoupdate=registry \
        --label PODMAN_SYSTEMD_UNIT=$1-syncthing.service \
        --volume ~/.config/syncthing-podman/$1:/var/syncthing:z \
        --volume ~/shared/$1:/var/syncthing/files \
        --publish $(expr 22000 + $2):22000 \
        --publish $(expr 21027 + $2):21027/UDP \
        --publish $(expr 8384 + $2):8384 \
        docker.io/syncthing/syncthing:latest
    podman generate systemd --new --name $1-syncthing > ~/.config/systemd/user/$1-syncthing.service
    podman container stop $1-syncthing
    systemctl --user daemon-reload
    systemctl --user enable --now $1-syncthing.service
}

syncthing "user1" 0
syncthing "user2" 1

systemctl --user enable podman-auto-update.timer
	#!/bin/bash
	systemd_tasks() {
	podman generate systemd --new --name $1 > ~/.config/systemd/user/$1.service
	podman container stop $1
	systemctl --user daemon-reload
	systemctl --user --now enable $1.service
	}

	mkdir -p ~/.config/systemd/user
	mkdir -p ~/.local/share/nextcloud-pod/mariadb
	mkdir -p ~/.local/share/nextcloud-pod/nextcloud
	mkdir ~/data
	mkdir ~/shared
	podman unshare chmod -R 755 ~/shared
	podman unshare chown -R 33:33 ~/shared ~/data ~/.local/share/nextcloud-pod/*

	podman pod create \
	--hostname example.com \
	--name nextcloud-server
	sleep 0.5
	podman network create nextcloud-net
	sleep 0.5

	podman run \
	--detach \
	--pod nextcloud-server \
	--name mariadb \
	--label io.containers.autoupdate=registry \
	--label PODMAN_SYSTEMD_UNIT=mariadb.service \
	--network nextcloud-net \
	--env MYSQL_DATABASE=nextcloud \
	--env MYSQL_USER=nextcloud \
	--env MYSQL_PASSWORD="MYSQL_PASSWORD" \
	--env MYSQL_ROOT_PASSWORD="MYSQL_ROOT_PASSWORD" \
	--env TZ="US/Pacific" \
	--volume ~/.local/share/nextcloud-pod/mariadb:/var/lib/mysql:Z \
	docker.io/library/mariadb:latest
	sleep 1
	systemd_tasks "mariadb"

	podman run \
	--detach \
	--pod nextcloud-server \
	--name redis \
	--label io.containers.autoupdate=registry \
	--label PODMAN_SYSTEMD_UNIT=redis.service \
	--network nextcloud-net \
	--env TZ="US/Pacific" \
	docker.io/library/redis:alpine \
	redis-server --requirepass "REDIS_PASSWORD" --save "" --appendonly no
	sleep 1
	systemd_tasks "redis"

	podman run \
	--detach \
	--pod nextcloud-server \
	--name imaginary \
	--cap-add SYS_NICE \
	--label io.containers.autoupdate=registry \
	--label PODMAN_SYSTEMD_UNIT=imaginary.service \
	--network nextcloud-net \
	--env TZ="US/Pacific" \
	--env MALLOC_ARENA_MAX=2 \
	docker.io/h2non/imaginary:latest
	sleep 1
	systemd_tasks "imaginary"

	podman run \
	--detach \
	--pod nextcloud-server \
	--name nextcloud \
	--label io.containers.autoupdate=registry \
	--label PODMAN_SYSTEMD_UNIT=nextcloud.service \
	--network nextcloud-net \
	--publish 40000:80 \
	--env NEXTCLOUD_TRUSTED_DOMAINS="" \
	--env NEXTCLOUD_TRUSTED_PROXIES="myproxy" \
	--env OVERWRITEWEBROOT=/nextcloud \
	--env OVERWRITEPROTOCOL="https" \
	--env OVERWRITEHOST="example.com" \
	--env MYSQL_HOST=mariadb.dns.podman \
	--env MYSQL_DATABASE=nextcloud \
	--env MYSQL_USER=nextcloud \
	--env MYSQL_PASSWORD="MYSQL_PASSWORD" \
	--env REDIS_HOST=redis.dns.podman \
	--env REDIS_HOST_PASSWORD="REDIS_PASSWORD" \
	--env IMAGINARY_ENABLED=1 \
	--env IMAGINARY_HOST=imaginary.dns.podman \
	--env PHP_MEMORY_LIMIT=1024M \
	--env PHP_UPLOAD_LIMIT=32G \
	--env TZ="US/Pacific" \
	--volume ~/.local/share/nextcloud-pod/nextcloud:/var/www/html:z \
	--volume ~/data:/var/www/html/data:z \
	--volume ~/shared:/shared:z \
	--device /dev/dri/renderD128:/dev/dri/renderD128 \
	--annotation run.oci.keep_original_groups=1 \
	--group-add=997 \
	--entrypoint /bin/bash \
	docker.io/library/nextcloud:latest \
	-c "
	sed -i 's/Components: main$/Components: main contrib non-free non-free-firmware/g' /etc/apt/sources.list.d/debian.sources &&
	apt-get update &&
	apt-get install -y --no-install-recommends ffmpeg i965-va-driver-shaders libbz2-dev &&
	docker-php-ext-install bz2 &&
	/entrypoint.sh apache2-foreground"
	sleep 1
	systemd_tasks "nextcloud"

	echo '[Unit]
	Description=Nextcloud cron.php job

	[Service]
	ExecCondition=podman container exec -u 33 nextcloud php -f /var/www/html/occ status -e
	ExecStart=podman container exec -u 33 nextcloud php -f /var/www/html/cron.php
	KillMode=process' > ~/.config/systemd/user/nextcloud-cron.service

	echo '[Unit]
	Description=Run Nextcloud cron.php every 5 minutes

	[Timer]
	OnBootSec=5min
	OnUnitActiveSec=5min
	Unit=nextcloud-cron.service

	[Install]
	WantedBy=timers.target' > ~/.config/systemd/user/nextcloud-cron.timer

	systemctl --user daemon-reload
	systemctl --user --now enable nextcloud-cron.timer

	syncthing() {
	mkdir -p ~/.config/syncthing-podman/$1
	podman run \
	--detach \
	--name $1-syncthing \
	--user 33 \
	--env TZ="US/Pacific" \
	--env HOSTNAME=backup-server \
	--label io.containers.autoupdate=registry \
	--label PODMAN_SYSTEMD_UNIT=$1-syncthing.service \
	--volume ~/.config/syncthing-podman/$1:/var/syncthing:z \
	--volume ~/shared/$1:/var/syncthing/files \
	--publish $(expr 22000 + $2):22000 \
	--publish $(expr 21027 + $2):21027/UDP \
	--publish $(expr 8384 + $2):8384 \
	docker.io/syncthing/syncthing:latest
	podman generate systemd --new --name $1-syncthing > ~/.config/systemd/user/$1-syncthing.service
	podman container stop $1-syncthing
	systemctl --user daemon-reload
	systemctl --user enable --now $1-syncthing.service
	}

	syncthing "user1" 0
	syncthing "user2" 1

	systemctl --user enable podman-auto-update.timer