diff options
Diffstat (limited to 'etc/ncp-config.d/nc-nextcloud.sh')
| -rw-r--r-- | etc/ncp-config.d/nc-nextcloud.sh | 266 |
1 files changed, 0 insertions, 266 deletions
diff --git a/etc/ncp-config.d/nc-nextcloud.sh b/etc/ncp-config.d/nc-nextcloud.sh deleted file mode 100644 index af39bcb7..00000000 --- a/etc/ncp-config.d/nc-nextcloud.sh +++ /dev/null @@ -1,266 +0,0 @@ -#!/bin/bash - -# Nextcloud installation on Raspbian over LAMP base -# -# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com> -# GPL licensed (see end of file) * Use at your own risk! -# -# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/ -# - -VER_=14.0.4 -BETA_=no -MAXFILESIZE_=2G -MEMORYLIMIT_=768M -MAXTRANSFERTIME_=3600 -DBADMIN=ncadmin -REDIS_MEM=3gb -PHPVER=7.2 -DESCRIPTION="Install any NextCloud version" - -APTINSTALL="apt-get install -y --no-install-recommends" -export DEBIAN_FRONTEND=noninteractive - -[ -d /var/www/nextcloud ] && { # don't show this during image build -INFOTITLE="NextCloud installation" -INFO="This new installation will cleanup current -NextCloud instance, including files and database. - -You can later use nc-init to configure to NextCloudPi defaults - -** perform backup before proceding ** - -You can use nc-backup " -} - -install() -{ - # During build, this step is run before ncp.sh. Avoid executing twice - [[ -f /usr/lib/systemd/system/nc-provisioning.service ]] && return 0 - - local RELEASE=stretch - - # Optional packets for Nextcloud and Apps - apt-get update - $APTINSTALL lbzip2 iputils-ping - $APTINSTALL -t $RELEASE php-smbclient # for external storage - $APTINSTALL -t $RELEASE imagemagick php${PHPVER}-imagick php${PHPVER}-exif # for gallery - - - # POSTFIX - $APTINSTALL postfix || { - # [armbian] workaround for bug - https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1531299 - echo "[NCP] Please, ignore the previous postfix installation error ..." - mv /usr/bin/newaliases / - ln -s /bin/true /usr/bin/newaliases - $APTINSTALL postfix - rm /usr/bin/newaliases - mv /newaliases /usr/bin/newaliases - } - - $APTINSTALL redis-server - $APTINSTALL -t $RELEASE php${PHPVER}-redis - - local REDIS_CONF=/etc/redis/redis.conf - local REDISPASS="default" - sed -i "s|# unixsocket .*|unixsocket /var/run/redis/redis.sock|" $REDIS_CONF - sed -i "s|# unixsocketperm .*|unixsocketperm 770|" $REDIS_CONF - sed -i "s|# requirepass .*|requirepass $REDISPASS|" $REDIS_CONF - sed -i 's|# maxmemory-policy .*|maxmemory-policy allkeys-lru|' $REDIS_CONF - sed -i 's|# rename-command CONFIG ""|rename-command CONFIG ""|' $REDIS_CONF - sed -i "s|^port.*|port 0|" $REDIS_CONF - echo "maxmemory $REDIS_MEM" >> $REDIS_CONF - echo 'vm.overcommit_memory = 1' >> /etc/sysctl.conf - - usermod -a -G redis www-data - - service redis-server restart - update-rc.d redis-server enable - service php${PHPVER}-fpm restart - - # service to randomize passwords on first boot - mkdir -p /usr/lib/systemd/system - cat > /usr/lib/systemd/system/nc-provisioning.service <<'EOF' -[Unit] -Description=Randomize passwords on first boot -Requires=network.target -After=mysql.service redis.service - -[Service] -ExecStart=/bin/bash /usr/local/bin/ncp-provisioning.sh - -[Install] -WantedBy=multi-user.target -EOF - [[ "$DOCKERBUILD" != 1 ]] && systemctl enable nc-provisioning - return 0 -} - -configure() -{ - ## IF BETA SELECTED ADD "pre" to DOWNLOAD PATH - [[ "$BETA_" == yes ]] && local PREFIX="pre" - - ## DOWNLOAD AND (OVER)WRITE NEXTCLOUD - cd /var/www/ - - local URL="https://download.nextcloud.com/server/${PREFIX}releases/nextcloud-$VER_.tar.bz2" - echo "Downloading Nextcloud $VER_..." - wget -q "$URL" -O nextcloud.tar.bz2 || { - echo "couldn't download $URL" - return 1 - } - rm -rf nextcloud - - echo "Installing Nextcloud $VER_..." - tar -xf nextcloud.tar.bz2 - rm nextcloud.tar.bz2 - - ## CONFIGURE FILE PERMISSIONS - local ocpath='/var/www/nextcloud' - local htuser='www-data' - local htgroup='www-data' - local rootuser='root' - - printf "Creating possible missing Directories\n" - mkdir -p $ocpath/data - mkdir -p $ocpath/updater - - printf "chmod Files and Directories\n" - find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640 - find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750 - - printf "chown Directories\n" - - chown -R ${htuser}:${htgroup} ${ocpath}/ - chown -R ${htuser}:${htgroup} ${ocpath}/apps/ - chown -R ${htuser}:${htgroup} ${ocpath}/config/ - chown -R ${htuser}:${htgroup} ${ocpath}/data/ - chown -R ${htuser}:${htgroup} ${ocpath}/themes/ - chown -R ${htuser}:${htgroup} ${ocpath}/updater/ - - chmod +x ${ocpath}/occ - - printf "chmod/chown .htaccess\n" - if [ -f ${ocpath}/.htaccess ]; then - chmod 0644 ${ocpath}/.htaccess - chown ${htuser}:${htgroup} ${ocpath}/.htaccess - fi - if [ -f ${ocpath}/data/.htaccess ]; then - chmod 0644 ${ocpath}/data/.htaccess - chown ${htuser}:${htgroup} ${ocpath}/data/.htaccess - fi - - # create and configure opcache dir - local OPCACHEDIR=/var/www/nextcloud/data/.opcache - sed -i "s|^opcache.file_cache=.*|opcache.file_cache=$OPCACHEDIR|" /etc/php/${PHPVER}/mods-available/opcache.ini - mkdir -p $OPCACHEDIR - chown -R www-data:www-data $OPCACHEDIR - - ## RE-CREATE DATABASE TABLE - # launch mariadb if not already running (for docker build) - if ! pgrep -c mysqld &>/dev/null; then - echo "Starting mariaDB" - mysqld & - fi - - # wait for mariadb - pgrep -x mysqld &>/dev/null || echo "mariaDB process not found" - - while :; do - [[ -S /var/run/mysqld/mysqld.sock ]] && break - sleep 0.5 - done - - echo "Setting up database..." - - # workaround to emulate DROP USER IF EXISTS ..;) - local DBPASSWD=$( grep password /root/.my.cnf | sed 's|password=||' ) - mysql <<EOF -DROP DATABASE IF EXISTS nextcloud; -CREATE DATABASE nextcloud - CHARACTER SET utf8mb4 - COLLATE utf8mb4_unicode_ci; -GRANT USAGE ON *.* TO '$DBADMIN'@'localhost' IDENTIFIED BY '$DBPASSWD'; -DROP USER '$DBADMIN'@'localhost'; -CREATE USER '$DBADMIN'@'localhost' IDENTIFIED BY '$DBPASSWD'; -GRANT ALL PRIVILEGES ON nextcloud.* TO $DBADMIN@localhost; -EXIT -EOF - -## SET APACHE VHOST - echo "Setting up Apache..." - cat > /etc/apache2/sites-available/nextcloud.conf <<'EOF' -<IfModule mod_ssl.c> - <VirtualHost _default_:443> - DocumentRoot /var/www/nextcloud - CustomLog /var/log/apache2/nc-access.log combined - ErrorLog /var/log/apache2/nc-error.log - SSLEngine on - SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem - SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key - </VirtualHost> - <Directory /var/www/nextcloud/> - Options +FollowSymlinks - AllowOverride All - <IfModule mod_dav.c> - Dav off - </IfModule> - LimitRequestBody 0 - SSLRenegBufferSize 10486000 - </Directory> -</IfModule> -EOF - a2ensite nextcloud - - cat > /etc/apache2/sites-available/000-default.conf <<'EOF' -<VirtualHost _default_:80> - DocumentRoot /var/www/nextcloud - <IfModule mod_rewrite.c> - RewriteEngine On - RewriteCond %{HTTPS} !=on - RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] - </IfModule> -</VirtualHost> -EOF - - # some added security - sed -i 's|^ServerSignature .*|ServerSignature Off|' /etc/apache2/conf-enabled/security.conf - sed -i 's|^ServerTokens .*|ServerTokens Prod|' /etc/apache2/conf-enabled/security.conf - - echo "Setting up system..." - - ## SET LIMITS - sed -i "s/post_max_size=.*/post_max_size=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini - sed -i "s/upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini - sed -i "s/memory_limit=.*/memory_limit=$MEMORYLIMIT_/" /var/www/nextcloud/.user.ini - - # slow transfers will be killed after this time - cat >> /var/www/nextcloud/.user.ini <<< "max_execution_time=$MAXTRANSFERTIME_" - cat >> /var/www/nextcloud/.user.ini <<< "max_input_time=$MAXTRANSFERTIME_" - - ## SET CRON - echo "*/15 * * * * php -f /var/www/nextcloud/cron.php" > /tmp/crontab_http - crontab -u www-data /tmp/crontab_http - rm /tmp/crontab_http - - echo "Don't forget to run nc-init" -} - -# License -# -# This script is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This script is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this script; if not, write to the -# Free Software Foundation, Inc., 59 Temple Place, Suite 330, -# Boston, MA 02111-1307 USA - |