ncp updates and motd. structure directoriesv0.1.0

author: nachoparker <nacho@ownyourbits.com> 2017-03-29 19:33:55 +0300
committer: nachoparker <nacho@ownyourbits.com> 2017-03-31 18:42:32 +0300
commit: 75b42680feb34185107c6ebeae6162ec26f07f48 (patch)
tree: db1b1dd3d200ecbfd74df60827f268685cfe218e /etc
parent: 7aa9c1c0910901b4f93b5307a3c42e1e340f2aef (diff)
12 files changed, 1075 insertions, 0 deletions
diff --git a/etc/library.sh b/etc/library.sh
new file mode 100755
index 00000000..a9a4bc94
--- /dev/null
+++ b/etc/library.sh
@@ -0,0 +1,276 @@
+#!/bin/bash
+
+# Library to install software on Raspbian ARM through QEMU
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# More at ownyourbits.com
+#
+
+
+IMGNAME=$( basename $IMGFILE .img )_$( basename $INSTALL_SCRIPT .sh ).img
+CFGOUT=config_$( basename $INSTALL_SCRIPT .sh ).txt
+DBG=x
+
+# $IMGOUT will contain the name of the last step
+function launch_install_qemu()
+{
+  local IMG=$1
+  local IP=$2
+  [[ "$IP"      == ""  ]] && { echo "usage: launch_install_qemu <script> <img> <IP>"; return 1; }
+  test -f $IMG            || { echo "input file $IMG not found";                      return 1; }
+
+  local BASE=$( sed 's=-stage[[:digit:]]=='         <<< $IMG )
+  local NUM=$(  sed 's=.*-stage\([[:digit:]]\)=\1=' <<< $IMG )
+  [[ "$BASE" == "$IMG" ]] && NUM=0
+
+  local NUM_REBOOTS=$( grep -c reboot $INSTALL_SCRIPT )
+  while [[ $NUM_REBOOTS != -1 ]]; do
+    NUM=$(( NUM+1 ))
+    IMGOUT="$BASE-stage$NUM"
+    cp -v $IMG $IMGOUT || return 1 # take a copy of the input image for processing ( append "-stage1" )
+
+    launch_qemu $IMGOUT &
+    sleep 10
+    wait_SSH $IP
+    launch_installation_qemu $IP || return 1
+    wait 
+    IMG="$IMGOUT"
+    NUM_REBOOTS=$(( NUM_REBOOTS-1 ))
+  done
+  echo "$IMGOUT generated successfully"
+}
+
+function launch_qemu()
+{
+  local IMG=$1
+  test -f $1 || { echo "Image $IMG not found"; return 1; }
+  test -d qemu-raspbian-network || git clone https://github.com/nachoparker/qemu-raspbian-network.git
+  sed -i '30s/NO_NETWORK=1/NO_NETWORK=0/' qemu-raspbian-network/qemu-pi.sh
+  echo "Starting QEMU image $IMG"
+  ( cd qemu-raspbian-network && sudo ./qemu-pi.sh ../$IMG 2>/dev/null )
+}
+
+function ssh_pi()
+{
+  local IP=$1
+  local ARGS=${@:2}
+  local PIUSER=${PIUSER:-pi}
+  local PIPASS=${PIPASS:-raspberry}
+  local SSH=( ssh -q  -o UserKnownHostsFile=/dev/null\
+                      -o StrictHostKeyChecking=no\
+                      -o ServerAliveInterval=20\
+                      -o ConnectTimeout=20\
+                      -o LogLevel=quiet                  )
+  type sshpass &>/dev/null && local SSHPASS=( sshpass -p$PIPASS )
+  if [[ "${SSHPASS[@]}" == "" ]]; then
+    ${SSH[@]} ${PIUSER}@$IP $ARGS; 
+  else
+    ${SSHPASS[@]} ${SSH[@]} ${PIUSER}@$IP $ARGS 
+    local RET=$?
+    [[ $RET -eq 5 ]] && { ${SSH[@]} ${PIUSER}@$IP $ARGS; return $?; }
+    return $RET
+  fi
+}
+
+function wait_SSH()
+{
+  local IP=$1
+  echo "Waiting for SSH to be up on $IP..."
+  while true; do
+    ssh_pi $IP : && break
+    sleep 1
+  done
+  echo "SSH is up"
+}
+
+function launch_installation()
+{
+  local IP=$1
+  [[ "$INSTALLATION_CODE"  == "" ]] && { echo "Need to run config first"    ; return 1; }
+  [[ "$INSTALLATION_STEPS" == "" ]] && { echo "No installation instructions"; return 1; }
+  local PREINST_CODE="
+set -e$DBG
+sudo su
+set -e$DBG
+"
+  echo "Launching installation"
+  echo -e "$PREINST_CODE\n$INSTALLATION_CODE\n$INSTALLATION_STEPS" | ssh_pi $IP || { echo "Installation to $IP failed" && return 1; }
+  echo "configuration saved to $CFGOUT"
+}
+
+function launch_installation_qemu()
+{
+  local IP=$1
+  [[ "$NO_CFG_STEP"  != "1" ]] && local CFG_STEP=configure
+  [[ "$NO_CLEANUP"   != "1" ]] && local CLEANUP_STEP=cleanup
+  [[ "$NO_HALT_STEP" != "1" ]] && local HALT_STEP="nohup halt &>/dev/null &"
+  local INSTALLATION_STEPS="
+install
+$CFG_STEP
+$CLEANUP_STEP
+$HALT_STEP
+"
+  launch_installation $IP
+}
+
+function launch_installation_online()
+{
+  local IP=$1
+  [[ "$NO_CFG_STEP" != "1" ]]  && local CFG_STEP=configure
+  local INSTALLATION_STEPS="
+install
+$CFG_STEP
+"
+  launch_installation $IP
+}
+
+# Initializes $INSTALLATION_CODE
+function config()
+{
+  local INSTALL_SCRIPT="$1"
+  local BACKTITLE="NextCloudPi installer configuration"
+
+  type dialog &>/dev/null || { echo "please, install dialog for interactive configuration"; return 1; }
+
+  test -f "$INSTALL_SCRIPT" || { echo "file "$INSTALL_SCRIPT" not found"; return 1; }
+  local VARS=( $( grep "^[[:alpha:]]\+_=" "$INSTALL_SCRIPT" | cut -d= -f1 | sed 's|_$||' ) )
+  local VALS=( $( grep "^[[:alpha:]]\+_=" "$INSTALL_SCRIPT" | cut -d= -f2 ) )
+
+  [[ "$NO_CONFIG" == "1" ]] || test ${#VARS[@]} -eq 0 && { INSTALLATION_CODE="$( cat "$INSTALL_SCRIPT" )"; return; }
+
+  for i in `seq 1 1 ${#VARS[@]} `; do
+    local PARAM+="${VARS[$((i-1))]} $i 1 ${VALS[$((i-1))]} $i 15 60 0 "
+  done
+
+  local DIALOG_OK=0
+  local DIALOG_CANCEL=1
+  local DIALOG_ERROR=254
+  local DIALOG_ESC=255
+  local RET=0
+
+  while test $RET != 1 && test $RET != 250; do
+    local value
+    value=$( dialog --ok-label "Start" \
+                    --no-lines --backtitle "$BACKTITLE" \
+                    --form "Enter the desired configuration for $( basename "$INSTALL_SCRIPT" .sh )" \
+                    20 70 0 $PARAM \
+             3>&1 1>&2 2>&3 )
+    RET=$?
+
+    case $RET in
+      $DIALOG_CANCEL)
+        dialog \
+          --no-lines --clear \
+          --backtitle "$BACKTITLE" \
+          --yesno "Really quit?" 10 30
+        case $? in
+          $DIALOG_OK)
+            echo "Aborted"
+            return 1
+            ;;
+          $DIALOG_CANCEL)
+            RET=99
+            ;;
+        esac
+        ;;
+      $DIALOG_OK)
+        local RET=( $value )
+        for i in `seq 0 1 $(( ${#RET[@]} - 1 )) `; do
+          local SEDRULE+="s|^${VARS[$i]}_=.*|${VARS[$i]}_=${RET[$i]}|;"
+          local CONFIG+="${VARS[$i]}=${RET[$i]}\n"
+        done
+        break
+        ;;
+      $DIALOG_ERROR)
+        echo "ERROR!$value"
+        return 1
+        ;;
+      $DIALOG_ESC)
+        echo "ESC pressed."
+        return 1
+        ;;
+      *)
+        echo "Return code was $RET"
+        return 1
+        ;;
+    esac
+  done
+
+  INSTALLATION_CODE="$( sed $SEDRULE "$INSTALL_SCRIPT" )"
+  [[ "$CFGOUT" != "" ]] && echo -e "$CONFIG" > "$CFGOUT"
+}
+
+
+function install_script()
+{
+  (
+    local SCRIPT=$1
+    source ./$SCRIPT 
+    echo -e "Installing \e[1m$( basename $SCRIPT .sh )\e[0m"
+    set +x
+    install
+    cleanup
+  )
+}
+
+function configure_script()
+{
+  (
+    local SCRIPT=$1
+    cd /usr/local/etc/nextcloudpi-config.d/
+    config $SCRIPT || return 1                 # writes "$INSTALLATION_CODE"
+    echo -e "$INSTALLATION_CODE" > $SCRIPT     # save configuration
+    source ./$SCRIPT                           # load configuration
+    echo -e "Configuring \e[1m$( basename $SCRIPT .sh )\e[0m"
+    set +x
+    configure
+  )
+}
+
+function copy_to_image()
+{
+  local IMG=$1
+  local DST=$2
+  local SRC=${@: 3 }
+  local SECTOR=$( fdisk -l $IMG | grep Linux | awk '{ print $2 }' )
+  local OFFSET=$(( SECTOR * 512 ))
+
+  [ -f "$IMG" ] || { echo "no image"; return 1; }
+  mkdir -p tmpmnt
+  sudo mount $IMG -o offset=$OFFSET tmpmnt || return 1
+  sudo cp -v $SRC tmpmnt/$DST || return 1
+  sudo umount -l tmpmnt
+  rmdir tmpmnt &>/dev/null
+}
+
+function pack_image()
+{
+  local IMGOUT="$1"
+  local IMGNAME="$2"
+  local TARNAME=$( basename $IMGNAME .img ).tar.bz2
+  echo "copying $IMGOUT → $IMGNAME"
+  cp "$IMGOUT" "$IMGNAME" || return 1
+  echo "packing $IMGNAME → $TARNAME"
+  tar -I pbzip2 -cvf $TARNAME "$IMGNAME" &>/dev/null && \
+    echo -e "$TARNAME packed successfully"
+}
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/ncp-ascii.txt b/etc/ncp-ascii.txt
new file mode 100644
index 00000000..9e48f50b
--- /dev/null
+++ b/etc/ncp-ascii.txt
@@ -0,0 +1,30 @@
+[48;5;16;38;5;16m▄▄▄[38;5;235m▄[48;5;232;38;5;31m▄[48;5;23;38;5;32m▄[48;5;24m▄[48;5;31m▄[48;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;31m▄[48;5;24m▄[48;5;23m▄[48;5;232;38;5;25m▄[48;5;16;38;5;233m▄[38;5;16m▄▄▄[0m
+[48;5;16;38;5;16m▄[38;5;235m▄[48;5;23;38;5;32m▄[48;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;31m▄[48;5;233;38;5;31m▄[48;5;16;38;5;233m▄[38;5;16m▄[0m
+[48;5;232;38;5;23m▄[48;5;31;38;5;32m▄[48;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;25m▄[48;5;16;38;5;23m▄[0m
+[48;5;24;38;5;31m▄[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;24;38;5;31m▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[38;5;31m▄[38;5;24m▄[38;5;23m▄[38;5;235m▄[38;5;234m▄[38;5;233m▄[38;5;234m▄[38;5;236m▄[38;5;23m▄[38;5;31m▄[38;5;32m▄▄▄▄[38;5;31m▄[38;5;23m▄[38;5;235m▄[38;5;234m▄[38;5;233m▄[38;5;234m▄[38;5;235m▄[38;5;23m▄[38;5;24m▄[38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;23;38;5;237m▄[48;5;232;38;5;58m▄[48;5;234;38;5;70m▄[48;5;58;38;5;106m▄[48;5;64m▄▄▄▄[48;5;58m▄[48;5;235;38;5;70m▄[48;5;232;38;5;64m▄[48;5;24;38;5;233m▄[48;5;32;38;5;31m▄[38;5;23m▄[48;5;236;38;5;234m▄[48;5;232;38;5;64m▄[48;5;235;38;5;106m▄[48;5;64m▄▄▄▄[48;5;58m▄▄[48;5;233;38;5;70m▄[38;5;235m▄[48;5;25;38;5;24m▄[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;236;38;5;23m▄[48;5;58;38;5;234m▄[48;5;106;38;5;106m▄▄[48;5;70m▄[48;5;64;38;5;70m▄[48;5;70;38;5;58m▄[48;5;106m▄[38;5;70m▄[38;5;106m▄▄[48;5;64;38;5;70m▄[48;5;236;38;5;232m▄[48;5;232;38;5;235m▄[48;5;64;38;5;106m▄[48;5;106m▄▄[38;5;64m▄[38;5;58m▄[48;5;70m▄[48;5;64;38;5;70m▄[48;5;70;38;5;106m▄[48;5;106m▄[38;5;70m▄[48;5;234;38;5;233m▄[48;5;24;38;5;31m▄[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;31m▄[48;5;232;38;5;236m▄[48;5;64;38;5;58m▄[48;5;106;38;5;106m▄▄▄▄[48;5;64m▄[48;5;235;38;5;70m▄[48;5;64;38;5;235m▄[48;5;106;38;5;58m▄[48;5;70m▄[48;5;232;38;5;16m▄[48;5;235m▄[48;5;106;38;5;58m▄[38;5;236m▄[48;5;58;38;5;58m▄[48;5;236;38;5;106m▄[48;5;64m▄[48;5;106m▄▄▄[38;5;70m▄[48;5;64;38;5;234m▄[48;5;235;38;5;23m▄[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;24m▄[48;5;233;38;5;24m▄[48;5;58;38;5;233m▄[48;5;106;38;5;236m▄[38;5;70m▄[38;5;106m▄▄▄[48;5;70;38;5;58m▄[48;5;233;38;5;16m▄[48;5;16m▄▄▄▄[48;5;235;38;5;232m▄[48;5;106;38;5;64m▄[38;5;106m▄▄▄[38;5;70m▄[48;5;70;38;5;234m▄[48;5;236m▄[48;5;235;38;5;31m▄[48;5;31;38;5;32m▄[48;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;25;38;5;25m▄[48;5;234;38;5;234m▄[48;5;233;38;5;232m▄[48;5;58;38;5;52m▄▄[48;5;235;38;5;233m▄[48;5;16;38;5;16m▄[38;5;52m▄[38;5;125m▄[48;5;233m▄[48;5;232m▄[48;5;16;38;5;89m▄[38;5;234m▄[48;5;232;38;5;232m▄[48;5;236;38;5;52m▄[48;5;58m▄[38;5;233m▄[48;5;232;38;5;16m▄[48;5;236;38;5;237m▄[48;5;31;38;5;31m▄[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄[38;5;74m▄▄[38;5;32m▄▄▄▄▄▄▄[38;5;31m▄[48;5;24;38;5;233m▄[48;5;233;38;5;88m▄[48;5;52;38;5;125m▄[48;5;125m▄▄[38;5;232m▄[48;5;232;38;5;16m▄[48;5;52;38;5;52m▄[48;5;125;38;5;125m▄▄▄▄▄▄[48;5;52;38;5;52m▄[48;5;89;38;5;232m▄[48;5;125;38;5;89m▄[38;5;125m▄[48;5;88m▄[48;5;232;38;5;89m▄[48;5;234;38;5;16m▄[48;5;31;38;5;236m▄[48;5;32;38;5;32m▄▄▄▄▄▄▄▄[38;5;74m▄▄[38;5;32m▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄[38;5;189m▄[48;5;74;38;5;231m▄[48;5;189m▄[48;5;231m▄▄▄▄[48;5;195m▄[48;5;110m▄[48;5;32;38;5;189m▄[38;5;32m▄▄▄[48;5;24;38;5;24m▄[48;5;232;38;5;234m▄[48;5;125;38;5;125m▄[38;5;88m▄[48;5;89;38;5;232m▄[48;5;232;38;5;16m▄[48;5;16;38;5;52m▄▄▄[48;5;52;38;5;232m▄[48;5;125;38;5;16m▄[38;5;232m▄[38;5;16m▄▄[48;5;52;38;5;52m▄[48;5;16;38;5;89m▄[38;5;88m▄[38;5;52m▄[48;5;88;38;5;16m▄[48;5;125;38;5;52m▄[38;5;125m▄[48;5;234;38;5;52m▄[48;5;232;38;5;16m▄[48;5;32;38;5;31m▄[38;5;32m▄▄[38;5;74m▄[38;5;231m▄[48;5;116m▄[48;5;231m▄▄▄▄▄[48;5;153m▄[48;5;74m▄[48;5;32;38;5;152m▄[38;5;32m▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄[38;5;189m▄[48;5;195;38;5;231m▄[48;5;231m▄▄▄▄▄▄▄▄▄▄[48;5;195m▄[48;5;74;38;5;195m▄[48;5;32;38;5;60m▄[48;5;23;38;5;232m▄[48;5;232;38;5;234m▄[48;5;234;38;5;16m▄[48;5;16m▄[48;5;233;38;5;89m▄[48;5;89;38;5;125m▄[48;5;125m▄▄▄▄[48;5;234m▄[48;5;16;38;5;16m▄[38;5;234m▄[48;5;88;38;5;125m▄[48;5;125m▄▄▄▄[48;5;89m▄[48;5;232;38;5;88m▄[48;5;233;38;5;16m▄[48;5;234;38;5;233m▄[48;5;16;38;5;234m▄[48;5;24;38;5;232m▄[48;5;32;38;5;67m▄[48;5;74;38;5;231m▄[48;5;231m▄▄▄▄▄▄▄▄▄▄▄[48;5;189m▄[48;5;32;38;5;152m▄[38;5;32m▄▄▄[0m
+[48;5;32;38;5;32m▄▄[48;5;74;38;5;189m▄[48;5;231;38;5;231m▄▄▄▄[38;5;153m▄[38;5;32m▄[48;5;153m▄▄[48;5;231m▄[38;5;152m▄[38;5;231m▄▄▄[48;5;250;38;5;237m▄[48;5;232;38;5;52m▄[48;5;89;38;5;125m▄[48;5;125m▄[48;5;16;38;5;232m▄[48;5;233;38;5;52m▄[48;5;125;38;5;125m▄▄▄▄▄▄▄[48;5;232;38;5;232m▄[48;5;52;38;5;234m▄[48;5;125;38;5;125m▄▄▄▄▄▄▄[48;5;232;38;5;233m▄[48;5;88;38;5;89m▄[48;5;125;38;5;125m▄[48;5;52m▄[48;5;235;38;5;16m▄[48;5;231;38;5;245m▄[38;5;231m▄▄▄[38;5;74m▄[48;5;195;38;5;32m▄[48;5;153m▄[48;5;189m▄[48;5;231m▄[38;5;189m▄[38;5;231m▄▄▄▄[48;5;32;38;5;116m▄[38;5;32m▄▄[0m
+[48;5;32;38;5;32m▄[38;5;74m▄[48;5;231;38;5;231m▄▄▄▄[38;5;189m▄[48;5;32;38;5;32m▄▄▄▄▄▄[48;5;189;38;5;110m▄[48;5;231;38;5;231m▄[48;5;254;38;5;254m▄[48;5;232;38;5;16m▄[48;5;125;38;5;125m▄▄▄[48;5;232;38;5;16m▄[48;5;52;38;5;233m▄[48;5;125;38;5;125m▄▄▄▄▄▄[48;5;88;38;5;233m▄[48;5;16;38;5;16m▄▄[48;5;125;38;5;234m▄[38;5;125m▄▄▄▄▄[38;5;89m▄[48;5;232;38;5;16m▄[48;5;89;38;5;52m▄[48;5;125;38;5;125m▄▄[48;5;233;38;5;233m▄[48;5;238;38;5;236m▄[48;5;231;38;5;231m▄▄[48;5;116;38;5;74m▄[48;5;32;38;5;32m▄▄▄▄▄[48;5;74m▄[48;5;231;38;5;231m▄▄▄▄[48;5;189m▄[48;5;32;38;5;32m▄▄[0m
+[48;5;32;38;5;32m▄[48;5;74m▄[48;5;231;38;5;231m▄▄▄▄[48;5;153m▄[48;5;32;38;5;32m▄▄▄▄▄▄[48;5;110;38;5;189m▄[48;5;231;38;5;231m▄▄[48;5;232;38;5;241m▄[48;5;89;38;5;234m▄[48;5;125;38;5;125m▄[48;5;88;38;5;234m▄[48;5;16;38;5;16m▄▄[48;5;52m▄[48;5;125;38;5;233m▄[38;5;52m▄▄[38;5;232m▄[48;5;233;38;5;52m▄[48;5;232;38;5;125m▄[48;5;233m▄▄[48;5;16m▄[48;5;234;38;5;52m▄[48;5;125;38;5;232m▄[38;5;233m▄▄[38;5;16m▄[48;5;233m▄[48;5;16m▄[48;5;52;38;5;232m▄[48;5;125;38;5;125m▄[38;5;52m▄[48;5;232;38;5;16m▄[48;5;239;38;5;249m▄[48;5;231;38;5;231m▄▄[48;5;74;38;5;116m▄[48;5;32;38;5;32m▄▄▄▄▄[38;5;74m▄[48;5;231;38;5;231m▄▄▄▄[38;5;195m▄[48;5;32;38;5;32m▄▄[0m
+[48;5;32;38;5;32m▄▄[48;5;189;38;5;74m▄[48;5;231;38;5;231m▄▄▄▄[48;5;153m▄[48;5;32;38;5;195m▄[38;5;116m▄[38;5;110m▄[38;5;189m▄[48;5;152;38;5;231m▄[48;5;231m▄▄▄[48;5;254m▄[48;5;235;38;5;244m▄[48;5;233;38;5;16m▄[48;5;232;38;5;88m▄[48;5;52;38;5;125m▄[48;5;234m▄[48;5;16;38;5;88m▄[38;5;16m▄▄▄[48;5;52;38;5;125m▄[48;5;125m▄▄▄▄▄▄[48;5;52;38;5;89m▄[48;5;16;38;5;16m▄▄[38;5;52m▄[48;5;52;38;5;125m▄[48;5;125m▄[48;5;89m▄[48;5;232;38;5;52m▄[48;5;16;38;5;16m▄[48;5;241;38;5;252m▄[48;5;231;38;5;231m▄▄▄▄[48;5;74m▄[48;5;32;38;5;153m▄[38;5;110m▄[38;5;152m▄[38;5;231m▄[48;5;189m▄[48;5;231m▄▄▄▄[48;5;116;38;5;68m▄[48;5;32;38;5;32m▄▄[0m
+[48;5;32;38;5;32m▄▄▄[48;5;195;38;5;74m▄[48;5;231;38;5;231m▄▄▄▄▄▄▄▄▄▄▄▄[38;5;74m▄[48;5;67;38;5;32m▄[48;5;16;38;5;234m▄[48;5;125;38;5;89m▄[38;5;125m▄▄▄[48;5;88m▄[48;5;16;38;5;52m▄[38;5;16m▄[48;5;125;38;5;89m▄[38;5;125m▄▄▄▄▄▄[38;5;88m▄[48;5;16;38;5;233m▄[48;5;52;38;5;125m▄[48;5;125m▄▄▄▄[48;5;52;38;5;52m▄[48;5;234;38;5;23m▄[48;5;74;38;5;32m▄[48;5;231;38;5;110m▄[38;5;231m▄▄▄▄▄▄▄▄▄▄▄[38;5;195m▄[48;5;153;38;5;32m▄[48;5;32m▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄[48;5;74m▄[48;5;195m▄[48;5;231;38;5;116m▄[38;5;231m▄▄▄▄▄▄[38;5;153m▄[48;5;195;38;5;32m▄[48;5;74m▄[48;5;32m▄▄[48;5;23;38;5;25m▄[48;5;52;38;5;232m▄[48;5;125;38;5;89m▄[38;5;125m▄▄▄▄[48;5;232;38;5;233m▄[48;5;52;38;5;16m▄[48;5;125;38;5;52m▄[38;5;125m▄▄▄[38;5;89m▄[38;5;234m▄[48;5;233;38;5;16m▄[48;5;52;38;5;89m▄[48;5;125;38;5;125m▄▄▄▄[38;5;52m▄[48;5;232;38;5;233m▄[48;5;24;38;5;31m▄[48;5;32;38;5;32m▄▄[48;5;110m▄[48;5;231;38;5;74m▄[38;5;189m▄[38;5;231m▄▄▄▄▄[38;5;195m▄[38;5;74m▄[48;5;189;38;5;32m▄[48;5;32m▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄[48;5;74m▄▄▄▄[48;5;32m▄▄▄▄▄▄▄[48;5;23m▄[48;5;232;38;5;24m▄[48;5;88;38;5;233m▄[48;5;125m▄[38;5;52m▄[38;5;233m▄[48;5;232;38;5;16m▄[48;5;16;38;5;232m▄[38;5;52m▄▄[48;5;232;38;5;88m▄▄[48;5;16m▄[38;5;52m▄[38;5;232m▄[48;5;89m▄[48;5;125;38;5;52m▄▄[38;5;233m▄[48;5;52;38;5;235m▄[48;5;232;38;5;25m▄[48;5;24;38;5;32m▄[48;5;32m▄▄▄▄▄▄▄[48;5;74m▄[48;5;110m▄[48;5;74m▄▄[48;5;32m▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;23m▄[48;5;16;38;5;24m▄[38;5;235m▄[38;5;16m▄[48;5;125;38;5;52m▄[38;5;125m▄▄▄▄▄▄[48;5;88;38;5;233m▄[48;5;16;38;5;232m▄[38;5;237m▄[48;5;232;38;5;31m▄[48;5;24;38;5;32m▄[48;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;25m▄[48;5;234;38;5;31m▄[48;5;52;38;5;23m▄[48;5;88;38;5;234m▄[48;5;125;38;5;232m▄[48;5;89;38;5;234m▄[48;5;52;38;5;23m▄[48;5;233;38;5;31m▄[48;5;236;38;5;32m▄[48;5;31m▄[48;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;31m▄[48;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[0m
+[48;5;31;38;5;24m▄[48;5;32;38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[48;5;31;38;5;24m▄[0m
+[48;5;23;38;5;232m▄[48;5;32;38;5;25m▄[38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[38;5;24m▄[48;5;234;38;5;16m▄[0m
+[48;5;16;38;5;16m▄[48;5;233m▄[48;5;31;38;5;233m▄[48;5;32;38;5;31m▄[38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[38;5;31m▄[48;5;25;38;5;232m▄[48;5;232;38;5;16m▄[48;5;16m▄[0m
+[48;5;16;38;5;16m▄▄▄[48;5;233m▄[48;5;25m▄[48;5;32;38;5;235m▄[38;5;24m▄[38;5;31m▄[38;5;32m▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄[38;5;31m▄[38;5;24m▄[38;5;233m▄[48;5;24;38;5;16m▄[48;5;232m▄[48;5;16m▄▄▄[0m
diff --git a/etc/nextcloudpi-config.d/dnsmasq.sh b/etc/nextcloudpi-config.d/dnsmasq.sh
new file mode 100755
index 00000000..657c51cf
--- /dev/null
+++ b/etc/nextcloudpi-config.d/dnsmasq.sh
@@ -0,0 +1,78 @@
+#!/bin/bash
+
+# dnsmasq DNS server with cache installation on Raspbian 
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh dnsmasq.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+# More at: https://ownyourbits.com/2017/03/09/dnsmasq-as-dns-cache-server-for-nextcloudpi-and-raspbian/
+#
+
+ACTIVE_=yes
+DOMAIN_=mycloud.ownyourbits.com
+IP_=127.0.0.1
+DNSSERVER_=8.8.8.8
+CACHESIZE_=150 
+DESCRIPTION="DNS server with cache"
+
+install()
+{
+  apt-get update
+  apt-get install -y dnsmasq
+  update-rc.d dnsmasq disable
+}
+
+configure()
+{
+  [[ $ACTIVE_ == "no" ]] && { service dnsmasq stop; update-rc.d dnsmasq disable; return; }
+
+  cat > /etc/dnsmasq.conf <<EOF
+domain-needed         # Never forward plain names (without a dot or domain part)
+bogus-priv            # Never forward addresses in the non-routed address spaces.
+no-poll               # Don't poll for changes in /etc/resolv.conf
+no-resolv             # Don't use /etc/resolv.conf or any other file
+cache-size=$CACHESIZE_ 
+server=$DNSSERVER_
+address=/$DOMAIN_/$IP_  # This is optional if we add it to /etc/hosts
+EOF
+
+  sed 's|#\?IGNORE_RESOLVCONF=.*|IGNORE_RESOLVCONF=yes|' /etc/default/dnsmasq
+
+  update-rc.d dnsmasq defaults
+  service dnsmasq restart
+  cd /var/www/nextcloud
+  sudo -u www-data php occ config:system:set trusted_domains 2 --value=$DOMAIN_
+}
+
+cleanup()
+{
+  apt-get autoremove -y
+  apt-get clean
+  rm /var/lib/apt/lists/* -r
+  rm -f /home/pi/.bash_history
+  systemctl disable ssh
+}
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/fail2ban.sh b/etc/nextcloudpi-config.d/fail2ban.sh
new file mode 100755
index 00000000..758c78c0
--- /dev/null
+++ b/etc/nextcloudpi-config.d/fail2ban.sh
@@ -0,0 +1,144 @@
+#!/bin/bash
+
+# Fail2ban installation script for Raspbian 
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh fail2ban.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+# More at: https://ownyourbits.com/2017/02/24/nextcloudpi-fail2ban-installer/
+#
+
+ACTIVE_=yes
+
+# location of Nextcloud logs
+NCLOG_=/var/www/nextcloud/data/nextcloud.log     
+
+# time to ban an IP that exceeded attempts
+BANTIME_=600
+
+# cooldown time for incorrect passwords
+FINDTIME_=600                                    
+
+# bad attempts before banning an IP
+MAXRETRY_=6                                      
+
+DESCRIPTION="Brute force protection for SSH and NextCloud"
+
+install()
+{
+  apt-get update
+  apt-get install fail2ban -y
+  update-rc.d fail2ban disable
+}
+
+configure()
+{
+  [[ $ACTIVE_ == "no" ]] && { service fail2ban stop; update-rc.d fail2ban disable; return; }
+
+  touch /var/www/nextcloud/data/nextcloud.log
+  chown -R www-data /var/www/nextcloud/data
+
+  cd /var/www/nextcloud
+  sudo -u www-data php occ config:system:set loglevel --value=2
+  sudo -u www-data php occ config:system:set log_type --value=file
+  sudo -u www-data php occ config:system:set logfile  --value=$NCLOG_
+
+  cat > /etc/fail2ban/filter.d/nextcloud.conf <<'EOF'
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex = Login failed.*Remote IP.*'<HOST>'
+ignoreregex =
+EOF
+
+
+  cat > /etc/fail2ban/jail.conf <<EOF
+# The DEFAULT allows a global definition of the options. They can be overridden
+# in each jail afterwards.
+[DEFAULT]
+
+# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
+# ban a host which matches an address in this list. Several addresses can be
+# defined using space separator.
+ignoreip = 127.0.0.1/8
+
+# "bantime" is the number of seconds that a host is banned.
+bantime  = $BANTIME_
+
+# A host is banned if it has generated "maxretry" during the last "findtime"
+# seconds.
+findtime = $FINDTIME_
+maxretry = $MAXRETRY_
+
+#
+# ACTIONS
+#
+banaction = iptables-multiport
+protocol = tcp
+chain = INPUT
+action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+action_mw = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+action = %(action_)s
+
+#
+# SSH
+#
+
+[ssh]
+
+enabled  = true
+port     = ssh
+filter   = sshd
+logpath  = /var/log/auth.log
+maxretry = $MAXRETRY_
+
+#
+# HTTP servers
+#
+
+[nextcloud]
+
+enabled  = true
+port     = http,https
+filter   = nextcloud
+logpath  = $NCLOG_
+maxretry = $MAXRETRY_
+EOF
+  update-rc.d fail2ban defaults
+  service fail2ban restart
+}
+
+cleanup()
+{
+  apt-get autoremove -y
+  apt-get clean
+  rm /var/lib/apt/lists/* -r
+  rm -f /home/pi/.bash_history
+  systemctl disable ssh
+}
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/letsencrypt.sh b/etc/nextcloudpi-config.d/letsencrypt.sh
new file mode 100755
index 00000000..29047843
--- /dev/null
+++ b/etc/nextcloudpi-config.d/letsencrypt.sh
@@ -0,0 +1,68 @@
+#!/bin/bash
+
+# Let's encrypt certbot installation on Raspbian 
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh letsencrypt.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+# More at https://ownyourbits.com/2017/03/17/lets-encrypt-installer-for-apache/
+
+DOMAIN_=mycloud.ownyourbits.com
+EMAIL_=mycloud@ownyourbits.com
+VHOSTCFG_=/etc/apache2/sites-available/nextcloud.conf
+DESCRIPTION="Automatic signed SSL certificates"
+
+install()
+{
+  apt-get update
+  apt install -y --no-install-recommends git 
+  cd /etc
+  git clone https://github.com/letsencrypt/letsencrypt
+  /etc/letsencrypt/letsencrypt-auto --help # do not actually run certbot, only install packages
+}
+
+# tested with git version v0.11.0-71-g018a304
+configure() 
+{
+  grep -q ServerName $VHOSTCFG_ && \
+    sed -i "s|ServerName .*|ServerName $DOMAIN_|" $VHOSTCFG_ || \
+    sed -i "/DocumentRoot/aServerName $DOMAIN_" $VHOSTCFG_ 
+
+  /etc/letsencrypt/letsencrypt-auto -n --no-self-upgrade --apache --hsts --agree-tos -m $EMAIL_ -d $DOMAIN_
+  echo "* 1 * * 1 root /etc/letsencrypt/certbot-auto renew --quiet" > /etc/cron.d/letsencrypt-ncp
+  service apache2 reload
+}
+
+cleanup()
+{
+  apt-get autoremove -y
+  apt-get clean
+  rm /var/lib/apt/lists/* -r
+  rm -f /home/pi/.bash_history
+  systemctl disable ssh
+}
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/modsecurity.sh b/etc/nextcloudpi-config.d/modsecurity.sh
new file mode 100755
index 00000000..43639815
--- /dev/null
+++ b/etc/nextcloudpi-config.d/modsecurity.sh
@@ -0,0 +1,122 @@
+#!/bin/bash
+
+# modsecurity WAF installation on Raspbian 
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh modsecurity.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+# More at ownyourbits.com
+#
+
+ACTIVE_=no
+NCDIR_=/var/www/nextcloud/
+DESCRIPTION="Web Application Firewall for extra security (experimental)"
+
+install()
+{
+  apt-get update
+  apt-get install -y --no-install-recommends libapache2-mod-security2 modsecurity-crs
+
+  # COPY RULES
+  cd /usr/share/modsecurity-crs/base_rules/
+  for ruleFile in * ; do sudo ln -s /usr/share/modsecurity-crs/base_rules/$ruleFile /etc/modsecurity/$ruleFile ; done
+  cd /usr/share/modsecurity-crs/optional_rules/
+  for ruleFile in * ; do sudo ln -s /usr/share/modsecurity-crs/optional_rules/$ruleFile /etc/modsecurity/$ruleFile ; done
+  rm /etc/modsecurity/modsecurity_crs_16_session_hijacking.conf # https://github.com/SpiderLabs/owasp-modsecurity-crs/commit/e2fbef4ce89fed0c4dd338002b9a090dd2f6491d
+
+  # CONFIGURE
+  cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
+  sed -i 's|SecTmpDir .*|SecTmpDir   /var/cache/modsecurity/|' /etc/modsecurity/modsecurity.conf
+  sed -i 's|SecDataDir .*|SecDataDir /var/cache/modsecurity/|' /etc/modsecurity/modsecurity.conf
+
+  cp /usr/share/modsecurity-crs/modsecurity_crs_10_setup.conf /etc/modsecurity/modsecurity_crs_10_setup.conf
+  patch /etc/modsecurity/modsecurity_crs_10_setup.conf <<<'66,67c66
+< SecDefaultAction "phase:1,deny,log"
+< SecDefaultAction "phase:2,deny,log"
+---
+> SecDefaultAction "phase:2,pass,log"
+152c151
+< #SecAction \
+---
+> SecAction \
+278c277
+<   setvar:'\''tx.allowed_methods=GET HEAD POST OPTIONS'\'', \
+---
+>   setvar:'\''tx.allowed_methods=GET HEAD POST OPTIONS PROPFIND'\'', \
+280c279
+<   setvar:'\''tx.allowed_http_versions=HTTP/0.9 HTTP/1.0 HTTP/1.1'\'', \
+---
+>   setvar:'\''tx.allowed_http_versions=HTTP/1.1 HTTP/2.0'\'', \'
+
+cat >> /etc/modsecurity/modsecurity_crs_99_whitelist.conf <<EOF
+<Directory $NCDIR_>
+  # VIDEOS
+  SecRuleRemoveById 958291             # Range Header Checks
+  SecRuleRemoveById 981203             # Correlated Attack Attempt
+
+  # PDF
+  SecRuleRemoveById 950109             # Check URL encodings
+
+  # ADMIN (webdav)
+  SecRuleRemoveById 960024             # Repeatative Non-Word Chars (heuristic)
+  SecRuleRemoveById 981173             # SQL Injection Character Anomaly Usage
+  SecRuleRemoveById 981204             # Correlated Attack Attempt
+  SecRuleRemoveById 981243             # PHPIDS - Converted SQLI Filters
+  SecRuleRemoveById 981245             # PHPIDS - Converted SQLI Filters
+  SecRuleRemoveById 981246             # PHPIDS - Converted SQLI Filters
+  SecRuleRemoveById 981318             # String Termination/Statement Ending Injection Testing
+  SecRuleRemoveById 973332             # XSS Filters from IE
+  SecRuleRemoveById 973338             # XSS Filters - Category 3
+  SecRuleRemoveById 981143             # CSRF Protections ( TODO edit LocationMatch filter )
+
+  # COMING BACK FROM OLD SESSION
+  SecRuleRemoveById 970903             # Microsoft Office document properties leakage
+</Directory>
+EOF
+  cat >> /etc/apache2/apache2.conf <<EOF
+<IfModule mod_security2.c>
+  SecServerSignature " "
+</IfModule>
+EOF
+}
+
+configure() 
+{ 
+  [[ $ACTIVE_ == "yes" ]] && local STATE=On || local STATE=Off
+  sed -i "s|SecRuleEngine .*|SecRuleEngine $STATE|" /etc/modsecurity/modsecurity.conf
+  service apache2 restart
+}
+
+cleanup()
+{
+  apt-get autoremove -y
+  apt-get clean
+  rm /var/lib/apt/lists/* -r
+  rm -f /home/pi/.bash_history
+  systemctl disable ssh
+}
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/nc-datadir.sh b/etc/nextcloudpi-config.d/nc-datadir.sh
new file mode 100755
index 00000000..dd17901f
--- /dev/null
+++ b/etc/nextcloudpi-config.d/nc-datadir.sh
@@ -0,0 +1,68 @@
+#!/bin/bash
+
+# Data dir configuration script for NextCloudPi
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh nc-datadir.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+# More at https://ownyourbits.com/2017/03/13/nextcloudpi-gets-nextcloudpi-config/
+#
+
+DATADIR_=/media/USBdrive/ncdata
+DESCRIPTION="Change your data dir to a new location, like a USB drive"
+
+configure()
+{
+  local SRCDIR=$( cd /var/www/nextcloud; sudo -u www-data php occ config:system:get datadirectory )
+  [ -d $SRCDIR ] || { echo -e "data directory $SRCDIR not found"; return 1; }
+
+  [ -d $DATADIR_ ] && {
+    [[ $( find "$DATADIR_" -maxdepth 0 -empty | wc -l ) == 0 ]] && {
+      echo "$DATADIR_ is not empty"
+      return 1
+    }
+    rmdir "$DATADIR_" 
+  }
+
+  local BASEDIR=$( dirname "$DATADIR_" )
+  mkdir -p "$BASEDIR"
+
+  [[ $( stat -fc%d / ) == $( stat -fc%d $BASEDIR ) ]] && \
+    echo -e "INFO: moving data dir to another place in the same SD card\nIf you want to use an external mount, make sure it is properly set up"
+
+  service apache2 stop
+
+  cp -ra "$SRCDIR" "$DATADIR_" || return 1
+  
+  cd /var/www/nextcloud
+  sudo -u www-data php occ config:system:set datadirectory --value=$DATADIR_
+  service apache2 start
+}
+
+install() { :; }
+cleanup() { :; }
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/nc-httpsonly.sh b/etc/nextcloudpi-config.d/nc-httpsonly.sh
new file mode 100755
index 00000000..1ee9e7f0
--- /dev/null
+++ b/etc/nextcloudpi-config.d/nc-httpsonly.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# HTTPS rewrite configuration script for NextCloudPi
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh nc-httpsonly.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+# More at https://ownyourbits.com/2017/03/13/nextcloudpi-gets-nextcloudpi-config/
+#
+
+ACTIVE_=yes
+DESCRIPTION="Force HTTPS"
+
+configure()
+{
+  [[ $ACTIVE_ == "no" ]] && local OPT=Off || local OPT=On
+  sed -i "s|RewriteEngine .*|RewriteEngine $OPT|" /etc/apache2/sites-available/000-default.conf
+  service apache2 reload
+}
+
+install() { :; }
+cleanup() { :; }
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/nc-limits.sh b/etc/nextcloudpi-config.d/nc-limits.sh
new file mode 100755
index 00000000..1c176d15
--- /dev/null
+++ b/etc/nextcloudpi-config.d/nc-limits.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# System limit configurator for NextCloudPi
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh nc-limits.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+# More at https://ownyourbits.com/2017/03/13/nextcloudpi-gets-nextcloudpi-config/
+#
+
+DESCRIPTION="Configure system limits for NextCloudPi"
+MAXFILESIZE_=768M
+
+configure()
+{
+  sed -i "s/post_max_size=.*/post_max_size=$MAXFILESIZE_/"             /var/www/nextcloud/.user.ini
+  sed -i "s/upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini
+  sed -i "s/memory_limit=.*/memory_limit=$MAXFILESIZE_/"               /var/www/nextcloud/.user.ini
+}
+
+install() { :; }
+cleanup() { :; }
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/nc-update.sh b/etc/nextcloudpi-config.d/nc-update.sh
new file mode 100755
index 00000000..3a0d5f2e
--- /dev/null
+++ b/etc/nextcloudpi-config.d/nc-update.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Data dir configuration script for NextCloudPi
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh nc-update.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+# More at https://ownyourbits.com/
+#
+
+DESCRIPTION="Update NextCloudPi"
+
+configure()
+{
+  /usr/local/bin/ncp-update
+}
+
+install() { :; }
+cleanup() { :; }
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/no-ip.sh b/etc/nextcloudpi-config.d/no-ip.sh
new file mode 100755
index 00000000..0cffbd2a
--- /dev/null
+++ b/etc/nextcloudpi-config.d/no-ip.sh
@@ -0,0 +1,85 @@
+#!/bin/bash
+
+# no-ip.org installation on Raspbian 
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh no-ip.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+# More at https://ownyourbits.com/2017/03/05/dynamic-dns-for-raspbian-with-no-ip-org-installer/
+#
+
+ACTIVE_=yes
+USER_=my-noip-user@email.com
+PASS_=noip-pass
+TIME_=30
+DESCRIPTION="Free Dynamic DNS provider (need account)"
+
+install()
+{
+  mkdir /tmp/noip && cd /tmp/noip
+  wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz
+  tar vzxf noip-duc-linux.tar.gz
+  cd -; cd $OLDPWD/noip-*
+  make
+  cp noip2 /usr/local/bin/
+
+  cat > /etc/init.d/noip2 <<'EOF'
+#! /bin/sh
+# /etc/init.d/noip2
+
+### BEGIN INIT INFO
+# Provides:          no-ip.org
+# Required-Start:    $local_fs $remote_fs
+# Required-Stop:     $local_fs $remote_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start no-ip.org dynamic DNS
+### END INIT INFO
+EOF
+
+  cat debian.noip2.sh >> /etc/init.d/noip2 
+
+  chmod +x /etc/init.d/noip2
+  cd -
+  rm -r /tmp/noip
+}
+
+configure() 
+{
+  [[ $ACTIVE_ == "no" ]] && { service noip2 stop; update-rc.d noip2 disable; return; }
+
+  /usr/local/bin/noip2 -C -c /usr/local/etc/no-ip2.conf -U $TIME_ -u $USER_ -p $PASS_
+  update-rc.d noip2 defaults
+  service noip2 restart
+}
+
+cleanup()
+{
+  rm -f /home/pi/.bash_history
+  systemctl disable ssh
+}
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
diff --git a/etc/nextcloudpi-config.d/unattended-upgrades.sh b/etc/nextcloudpi-config.d/unattended-upgrades.sh
new file mode 100755
index 00000000..30f0c861
--- /dev/null
+++ b/etc/nextcloudpi-config.d/unattended-upgrades.sh
@@ -0,0 +1,66 @@
+#!/bin/bash
+
+# Unattended upgrades installation on Raspbian 
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh unattended-upgrades.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+# More at: ownyourbits.com 
+#
+
+ACTIVE_=yes
+AUTOREBOOT_=yes
+DESCRIPTION="Automatic installation of security updates. Keep your cloud safe"
+
+install()
+{
+  apt-get update
+  apt install -y --no-install-recommends unattended-upgrades 
+}
+
+configure() 
+{ 
+  [[ $ACTIVE_     == "yes" ]] && local AUTOUPGRADE=1   || local AUTOUPGRADE=0
+  [[ $AUTOREBOOT_ == "yes" ]] && local AUTOREBOOT=true || local AUTOREBOOT=false
+  cat > /etc/apt/apt.conf.d/20nextcloudpi-upgrades <<EOF
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "$AUTOUPGRADE";
+APT::Periodic::MaxAge "14"; 
+APT::Periodic::AutocleanInterval "7";
+Unattended-Upgrade::Automatic-Reboot "$AUTOREBOOT";
+Unattended-Upgrade::Automatic-Reboot-Time "04:00";
+EOF
+}
+
+cleanup()
+{
+  apt-get autoremove -y
+  apt-get clean
+  rm /var/lib/apt/lists/* -r
+  rm -f /home/pi/.bash_history
+  systemctl disable ssh
+}
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
author	nachoparker <nacho@ownyourbits.com>	2017-03-29 19:33:55 +0300
committer	nachoparker <nacho@ownyourbits.com>	2017-03-31 18:42:32 +0300
commit	75b42680feb34185107c6ebeae6162ec26f07f48 (patch)
tree	db1b1dd3d200ecbfd74df60827f268685cfe218e /etc
parent	7aa9c1c0910901b4f93b5307a3c42e1e340f2aef (diff)