Skip to content

Update Collabora image version & banned-password-list #202

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cryinkfly wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Update Collabora image version & banned-password-list #202

cryinkfly wants to merge 6 commits into from
+15 −2

Conversation

@cryinkfly
Copy link

@cryinkfly cryinkfly commented Jan 13, 2026

No description provided.

@michaelstingl
Copy link
Contributor

michaelstingl commented Jan 13, 2026

Alternative: URL-based loading

Instead of committing 10k lines to the repo, consider URL-based loading via env var.

Simple (single list):

command: ["-c", "
  [ -n \"$BANNED_PASSWORDS_URL\" ] && curl -sfL \"$BANNED_PASSWORDS_URL\" -o /etc/opencloud/banned-password-list.txt;
  opencloud init || true; opencloud server
"]
# .env
BANNED_PASSWORDS_URL=https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/Language-Specific/German_common-password-list.txt

Advanced (multiple lists, merged):

command: ["-c", "
  [ -n \"$BANNED_PASSWORDS_URLS\" ] && echo \"$BANNED_PASSWORDS_URLS\" | tr ',' '\\n' | xargs -I{} curl -sfL {} | sort -u > /etc/opencloud/banned-password-list.txt;
  opencloud init || true; opencloud server
"]
# .env
BANNED_PASSWORDS_URLS=https://.../German_common-password-list.txt,https://.../10-million-password-list-top-1000.txt

Benefits:

  • No large files in Git
  • User chooses list(s) per deployment
  • Bundled file remains as fallback when env unset

@cryinkfly
Copy link
Author

cryinkfly commented Jan 14, 2026
edited
Loading

Thank you for your feedback!

Yes, that looks good!

command: ["-c", "
  [ -n \"$BANNED_PASSWORDS_URLS\" ] && echo \"$BANNED_PASSWORDS_URLS\" | tr ',' '\\n' | xargs -I{} curl -sfL {} | sort -u > /etc/opencloud/banned-password-list.txt;
  opencloud init || true; opencloud server
"]

... and the following is then included in the .env.example:

### Banned Password List Settings ###
# By default OpenCloud use this:
# OC_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: banned-password-list.txt
# from here: https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/banned-password-list.txt
# ./config/opencloud/banned-password-list.txt:/etc/opencloud/banned-password-list.txt
#
# Here is an example where multiple lists from different sources can be merged into one:
#BANNED_PASSWORDS_URLS=https://raw.githubusercontent.com/opencloud-eu/opencloud-compose/refs/heads/main/config/opencloud/banned-password-list.txt,https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/Language-Specific/German_common-password-list.txt
# But it's important that the content of the txt file is formatted exactly the same as in the original OpenCloud banned-password-list.txt!

Ultimately, this change isn’t strictly necessary, but including a few sources in the official documentation, like Pi-hole does with its lists, would benefit end users.

However, what could be important is updating Collabora to the new stable version 25.04.8.1.1.

@cryinkfly
Copy link
Author

cryinkfly commented Jan 14, 2026
edited
Loading

I've updated the .env.example and docker-compose.yml files. And I've reset the banned-password-list.txt file to its original values. Thanks for the help! 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cryinkfly @michaelstingl