feat: immich permissions problems not anymore

gitea/gitea.container

@@ -3,7 +3,7 @@ Description=Gitea Container
 
 [Container]
 ContainerName=gitea
-Image=docker.io/gitea/gitea:latest
+Image=ghcr.io/go-gitea/gitea:latest
 
 # Enable auto-update container
 AutoUpdate=registry

headscale/headscale.container

@@ -4,7 +4,7 @@ Description=Headscale Container
 [Container]
 Network=host
 ContainerName=headscale
-Image=docker.io/headscale/headscale:latest
+Image=ghcr.io/juanfont/headscale:latest
 Exec=serve
 
 # Enable auto-update container

immich/immich.pod

@@ -6,7 +6,3 @@ PodName=immich
 #PublishPort=2283:2283
 Network=host
 Volume=%h/podman/immich/.socket:/tmp/immich
-
-# to satisfy immich bitch permissions problems
-UIDMap=1000:0:1
-UIDMap=0:1:1000

matrix/synapse.container

@@ -6,7 +6,7 @@ After=synapse_db.service
 [Container]
 Pod=matrix.pod
 ContainerName=synapse
-Image=docker.io/matrixdotorg/synapse:latest
+Image=ghcr.io/element-hq/synapse:latest
 
 # Enable auto-update container
 AutoUpdate=registry

nextcloud/nextcloud-entrypoint.sh

@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -eu
+
+####################
+# My Special Sauce #
+####################
+#################################################################
+# This script is to make the www-data in /entrypoint.sh to	#
+# any user specified by $PUID environment variable,		#
+# so that your nextcloud can run or update properly.		#
+#################################################################
+
+# fix nextcloud not setting Local Time zone
+apk add --no-cache tzdata
+
+# default to UID=1000 if not set
+TARGET_UID="${PUID:-1000}"
+
+# add user as the su in image doesn't know user ID we will pass
+adduser -D -u "${TARGET_UID}" "abc" || true
+
+# Overwrite /usr/local/etc/php-fpm.d/zz-docker.conf to make php-fpm listen on unix socket
+cat <<EOF >/usr/local/etc/php-fpm.d/zz-docker.conf
+; Generated by /nextcloud-entrypoint.sh
+; DO NOT EDIT THIS FILE, IT WILL BE OVERWRITTEN !!
+; please make changes in the /nextcloud-entrypoint.sh script
+[global]
+daemonize = no
+
+[www]
+access.log = /tmp/fpm-access.log
+listen = ${NEXTCLOUD_FPM_SOCK:-/tmp/docker/nextcloud-fpm.sock}
+
+listen.owner = ${TARGET_UID}
+listen.group = ${TARGET_UID}
+; Restricting socket to owner and group only
+listen.mode = 0660
+
+user = ${TARGET_UID}
+group = ${TARGET_UID}
+
+pm.max_children = 50
+pm.start_servers = 10
+pm.min_spare_servers = 5
+pm.max_spare_servers = 15
+pm.max_requests = 1000
+EOF
+
+# replace "www-data" with numeric $PUID in /entrypoint.sh
+sed -i "s/www-data/abc/g" /entrypoint.sh
+
+# execute the patched entrypoint with all args
+exec /entrypoint.sh php-fpm

nextcloud/nextcloud-notify-push-entrypoint.sh

@@ -9,29 +9,50 @@ export DATABASE_PREFIX="oc_"
 # Clean shutdown handler
 cleanup() {
 	echo "[*] Stopping notify_push..."
-	kill -TERM "$NOTIFY_PID" 2>/dev/null && echo "[*] notify push stopped.." || echo "Unable to Kill Notify Push.."
+	kill -TERM "$NOTIFY_PID" 2>/dev/null && echo "[✓] notify push stopped.." || echo "Unable to Kill Notify Push.."
-	echo "[*] Bye"
+	echo "[✓] Bye..."
 }
 trap 'cleanup' TERM INT
 
+echo "[*] Checking Nextcloud Host Presence..."
+while ! curl -s --fail --max-time 15 "$NEXTCLOUD_URL/status.php" >/dev/null; do
+	echo "[*] Waiting for Nextcloud to start..."
+	sleep 5
+done
+
+echo "[✓] Nextcloud Host is UP and Serving."
 echo "[*] Ensuring notify_push app is installed and enabled..."
 php occ app:install notify_push || true
 php occ app:enable notify_push || true
 
 echo "[*] Starting notify_push binary..."
-/var/www/html/apps/notify_push/bin/x86_64/notify_push &
+/var/www/html/custom_apps/notify_push/bin/x86_64/notify_push &
 NOTIFY_PID=$!
 
-# Wait for the socket to appear, max 30 seconds
+# Posix compliance check to ensure notify_push is running
+if kill -0 "$PID" 2>/dev/null; then
+	echo "[✓] Notify Push is UP and running."
+else
+	echo "[X] Notify Push is not Running!! Exiting.."
+	exit 1
+fi
+
+# Wait for the socket to active and respond, max 30 seconds
 i=1
 while [ $i -le 6 ]; do
-	echo "[*] Waiting 5 seconds for notify_push to be ready... (try $i/6)"
-	sleep 5
 	if [ -S "$SOCKET_PATH" ]; then
-		echo "[*] Socket found, running occ notify_push:setup"
+		echo "[*] Socket file exists, testing HTTP response..."
+		if curl -s --max-time 5 --unix-socket "$SOCKET_PATH" http://localhost/ -o /dev/null; then
+			echo "[*] Running occ notify_push:setup"
 			php occ notify_push:setup "${NEXTCLOUD_URL}/push" || true
 			break
+		else
+			echo "[!] Socket exists, but no HTTP response yet"
 		fi
+	fi
+
+	echo "[*] Waiting 5 seconds for notify_push to be ready... (try $i/6)"
+	sleep 5
 	: $((i += 1))
 done
 

nextcloud/nextcloud.container

@@ -3,14 +3,11 @@ Description=Nextcloud Container
 Requires=nextcloud_db.service nextcloud_valkey.service
 After=nextcloud_db.service nextcloud_valkey.service
 
-AssertPathIsDirectory=%h/podman/nextcloud
-AssertPathIsDirectory=%h/podman/nextcloud/html
-AssertPathIsDirectory=%h/nextcloud
-
 [Container]
 Pod=nextcloud.pod
 ContainerName=nextcloud
 Image=docker.io/library/nextcloud:fpm-alpine
+Entrypoint=/nextcloud-entrypoint.sh
 
 # Enable auto-update container
 AutoUpdate=registry
@@ -26,8 +23,8 @@ EnvironmentFile=./.env
 
 Volume=%h/podman/nextcloud/html:/var/www/html
 Volume=%h/nextcloud:/var/www/html/data
-Volume=./zz-docker.conf:/usr/local/etc/php-fpm.d/zz-docker.conf
 Volume=${EXTERNAL_DIR}:${EXTERNAL_DIR}
+Volume=./nextcloud-entrypoint.sh:/nextcloud-entrypoint.sh
 
 [Service]
 # pass this to autofill above variables

nextcloud/zz-docker.conf

@@ -1,20 +0,0 @@
-[global]
-daemonize = no
-
-[www]
-access.log = /tmp/fpm-access.log
-listen = /tmp/docker/nextcloud-fpm.sock
-
-listen.owner = 1000
-listen.group = 1000
-listen.mode = 0777
-
-user = 1000
-group = 1000
-
-pm.max_children = 50
-pm.start_servers = 10
-pm.min_spare_servers = 5
-pm.max_spare_servers = 15
-pm.max_requests = 1000
-