From 117f72abca4a0720474cc4f918e1850ec329037a Mon Sep 17 00:00:00 2001 From: nachoparker Date: Wed, 26 Apr 2017 19:20:03 +0200 Subject: [update 11.0.3] split installation between base LAMP and NC. Cleaner to just update NC releases over the base --- batch.sh | 20 ++-- install-nextcloud.sh | 7 +- nextcloud.sh | 159 ++++++++++++++++++++++++++++++ nextcloud_base.sh | 272 ++++++++++++++++----------------------------------- 4 files changed, 251 insertions(+), 207 deletions(-) create mode 100755 nextcloud.sh diff --git a/batch.sh b/batch.sh index 36238172..fbb4e16a 100755 --- a/batch.sh +++ b/batch.sh @@ -11,22 +11,18 @@ source etc/library.sh # initializes $IMGNAME -IP=$1 # First argument is the QEMU Raspbian IP address +IP=$1 # First argument is the QEMU Raspbian IP address -IMGFILE="NextCloudPi_$( date "+%m-%d-%y" ).img" +IMGBASE="NextCloudPi_$( date "+%m-%d-%y" )_base.img" -NO_CONFIG=1 NO_HALT_STEP=1 ./install-nextcloud.sh $IP $IMGFILE -NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh fail2ban.sh $IP $( ls -1t *.img | head -1 ) -NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh no-ip.sh $IP $( ls -1t *.img | head -1 ) -NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh dnsmasq.sh $IP $( ls -1t *.img | head -1 ) -NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh letsencrypt.sh $IP $( ls -1t *.img | head -1 ) -NO_CONFIG=1 ./installer.sh unattended-upgrades.sh $IP $( ls -1t *.img | head -1 ) -NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh modsecurity.sh $IP $( ls -1t *.img | head -1 ) +NO_CONFIG=1 NO_HALT_STEP=1 ./install-nextcloud.sh $IP $IMGBASE +NO_CONFIG=1 ./installer.sh nextcloud.sh $IP $( ls -1t *.img | head -1 ) -IMGOUT=$( ls -1t *.img | head -1 ) -IMGFULL=$( basename "$IMGFILE" .img )_FULL.img +IMGFILE=$( ls -1t *.img | head -1 ) +IMGOUT=$( basename "$IMGFILE" _base_nextcloud.img ).img -pack_image "$IMGOUT" "$IMGFULL" +pack_image "$IMGFILE" "$IMGOUT" +md5sum $( ls -1t *.img | head -1 ) # License # diff --git a/install-nextcloud.sh b/install-nextcloud.sh index f4a77509..1ea466fe 100755 --- a/install-nextcloud.sh +++ b/install-nextcloud.sh @@ -20,7 +20,7 @@ IMGFILE=$2 # Second argument is the name for the output image DOWNLOAD=1 # Download the latest image EXTRACT=1 # Extract the image from zip, so start from 0 IMG=raspbian_lite_latest -INSTALL_SCRIPT=nextcloud.sh +INSTALL_SCRIPT=nextcloud_base.sh source etc/library.sh # initializes $IMGNAME @@ -31,13 +31,10 @@ source etc/library.sh # initializes $IMGNAME qemu-img resize $IMGFILE +1G || exit } -IMGOUT="NextCloudPi_$( date "+%m-%d-%y" ).img" - config $INSTALL_SCRIPT || exit 1 launch_install_qemu "$IMGFILE" $IP || exit 1 # initializes $IMGOUT -pack_image $IMGFILE $IMGOUT - +pack_image $IMGOUT $IMGFILE # License # diff --git a/nextcloud.sh b/nextcloud.sh new file mode 100755 index 00000000..402e5b02 --- /dev/null +++ b/nextcloud.sh @@ -0,0 +1,159 @@ +#!/bin/bash + +# Nextcloud installation on Raspbian over LAMP base +# Tested with 2017-03-02-raspbian-jessie-lite.img +# +# Copyleft 2017 by Ignacio Nunez Hernanz +# GPL licensed (see end of file) * Use at your own risk! +# +# Usage: +# +# ./installer.sh nextcloud.sh () +# +# See installer.sh instructions for details +# +# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/ +# + +VER=11.0.3 +ADMINUSER_=admin +DBADMIN_=ncadmin +DBPASSWD_=ownyourbits +MAXFILESIZE_=768M +MAXTRANSFERTIME_=3600 +OPCACHEDIR=/var/www/nextcloud/data/.opcache + +install() +{ + cd /var/www/ + wget https://download.nextcloud.com/server/releases/nextcloud-$VER.tar.bz2 -O nextcloud.tar.bz2 + tar -xvf nextcloud.tar.bz2 + rm nextcloud.tar.bz2 + + ocpath='/var/www/nextcloud' + htuser='www-data' + htgroup='www-data' + rootuser='root' + + printf "Creating possible missing Directories\n" + mkdir -p $ocpath/data + mkdir -p $ocpath/updater + mkdir -p $OPCACHEDIR + + printf "chmod Files and Directories\n" + find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640 + find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750 + + printf "chown Directories\n" + # recommended defaults do not play well with updater app + # re-check this with every new version + #chown -R ${rootuser}:${htgroup} ${ocpath}/ + chown -R ${htuser}:${htgroup} ${ocpath}/ + chown -R ${htuser}:${htgroup} ${ocpath}/apps/ + chown -R ${htuser}:${htgroup} ${ocpath}/config/ + chown -R ${htuser}:${htgroup} ${ocpath}/data/ + chown -R ${htuser}:${htgroup} ${ocpath}/themes/ + chown -R ${htuser}:${htgroup} ${ocpath}/updater/ + chown -R ${htuser}:${htgroup} $OPCACHEDIR + + chmod +x ${ocpath}/occ + + printf "chmod/chown .htaccess\n" + if [ -f ${ocpath}/.htaccess ]; then + # breaks updater, see above + #chmod 0644 ${ocpath}/.htaccess + chmod 0664 ${ocpath}/.htaccess + chown ${rootuser}:${htgroup} ${ocpath}/.htaccess + fi + if [ -f ${ocpath}/data/.htaccess ]; then + chmod 0644 ${ocpath}/data/.htaccess + chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess + fi + +cat > /etc/apache2/sites-available/000-default.conf <<'EOF' + + DocumentRoot /var/www/nextcloud + + RewriteEngine On + RewriteCond %{HTTPS} !=on + RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] + + +EOF + + mkdir -p /usr/lib/systemd/system + cat > /usr/lib/systemd/system/nextcloud-domain.service <<'EOF' +[Unit] +Description=Register Current IP as Nextcloud trusted domain +Requires=network.target +After=mysql.service + +[Service] +ExecStart=/bin/bash /usr/local/bin/nextcloud-domain.sh + +[Install] +WantedBy=multi-user.target +EOF + systemctl enable nextcloud-domain + + cat > /usr/local/bin/nextcloud-domain.sh <<'EOF' +#!/bin/bash +IFACE=$( ip r | grep "default via" | awk '{ print $5 }' ) +IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(.\d{1,3}){3}' | head -1 ) +cd /var/www/nextcloud +sudo -u www-data php occ config:system:set trusted_domains 1 --value=$IP +EOF +} + +configure() +{ + cd /var/www/nextcloud/ + + sudo -u www-data php occ maintenance:install --database \ + "mysql" --database-name "nextcloud" --database-user "$DBADMIN_" --database-pass \ + "$DBPASSWD_" --admin-user "$ADMINUSER_" --admin-pass "$DBPASSWD_" + + sudo -u www-data php occ background:cron + + sed -i '$s|^.*$| '\''memcache.local'\'' => '\''\\\\OC\\\\Memcache\\\\APCu'\'',\\n);|' /var/www/nextcloud/config/config.php + + sed -i "s/post_max_size=.*/post_max_size=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini + sed -i "s/upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini + sed -i "s/memory_limit=.*/memory_limit=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini + + # slow transfers will be killed after this time + cat >> /var/www/nextcloud/.user.ini <<< "max_execution_time=$MAXTRANSFERTIME_" + + echo "*/15 * * * * php -f /var/www/nextcloud/cron.php" > /tmp/crontab_http + crontab -u www-data /tmp/crontab_http + rm /tmp/crontab_http +} + +cleanup() +{ + [ "$STATE" != "1" ] && return + apt-get autoremove + apt-get clean + rm /var/lib/apt/lists/* -r + rm -f /home/pi/.bash_history + + systemctl disable ssh + nohup halt &>/dev/null & +} +# License +# +# This script is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This script is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this script; if not, write to the +# Free Software Foundation, Inc., 59 Temple Place, Suite 330, +# Boston, MA 02111-1307 USA + diff --git a/nextcloud_base.sh b/nextcloud_base.sh index 0c3af744..44a75f21 100755 --- a/nextcloud_base.sh +++ b/nextcloud_base.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Nextcloud installation on Raspbian +# Nextcloud LAMP base installation on Raspbian # Tested with 2017-03-02-raspbian-jessie-lite.img # # Copyleft 2017 by Ignacio Nunez Hernanz @@ -8,7 +8,7 @@ # # Usage: # -# ./installer.sh no-ip.sh () +# ./installer.sh nextcloud_base.sh () # # See installer.sh instructions for details # @@ -20,12 +20,8 @@ # More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/ # -VER=11.0.2 -ADMINUSER_=admin DBADMIN_=ncadmin DBPASSWD_=ownyourbits -MAXFILESIZE_=768M -MAXTRANSFERTIME_=3600 OPCACHEDIR=/var/www/nextcloud/data/.opcache CONFDIR=/usr/local/etc/nextcloudpi-config.d/ STATE_FILE=/home/pi/.installation_state @@ -34,58 +30,58 @@ APTINSTALL="apt-get install -y --no-install-recommends" install() { -test -f $STATE_FILE && STATE=$( cat $STATE_FILE 2>/dev/null ) -if [ "$STATE" == "" ]; then + test -f $STATE_FILE && STATE=$( cat $STATE_FILE 2>/dev/null ) + if [ "$STATE" == "" ]; then - # RESIZE IMAGE - ########################################## + # RESIZE IMAGE + ########################################## - SECTOR=$( fdisk -l /dev/sda | grep Linux | awk '{ print $2 }' ) - echo -e "d\n2\nn\np\n2\n$SECTOR\n\nw\n" | fdisk /dev/sda || true + SECTOR=$( fdisk -l /dev/sda | grep Linux | awk '{ print $2 }' ) + echo -e "d\n2\nn\np\n2\n$SECTOR\n\nw\n" | fdisk /dev/sda || true - echo 0 > $STATE_FILE - nohup reboot &>/dev/null & -elif [ "$STATE" == "0" ]; then + echo 0 > $STATE_FILE + nohup reboot &>/dev/null & + elif [ "$STATE" == "0" ]; then - # UPDATE EVERYTHING - ########################################## - resize2fs /dev/sda2 + # UPDATE EVERYTHING + ########################################## + resize2fs /dev/sda2 - apt-get update - apt-get upgrade - apt-get dist-upgrade - $APTINSTALL rpi-update - echo -e "y\n" | rpi-update + apt-get update + apt-get upgrade -y + apt-get dist-upgrade -y + $APTINSTALL rpi-update + echo -e "y\n" | rpi-update - echo 1 > $STATE_FILE - nohup reboot &>/dev/null & -elif [ "$STATE" == "1" ]; then + echo 1 > $STATE_FILE + nohup reboot &>/dev/null & + elif [ "$STATE" == "1" ]; then - # GET STRETCH SOURCES FOR HTTP2 AND PHP7 - ########################################## + # GET STRETCH SOURCES FOR HTTP2 AND PHP7 + ########################################## - echo "deb http://mirrordirector.raspbian.org/raspbian/ stretch main contrib non-free rpi" >> /etc/apt/sources.list - cat > /etc/apt/preferences <> /etc/apt/sources.list + cat > /etc/apt/preferences </etc/apache2/conf-available/http2.conf <> /etc/apache2/apache2.conf <> /etc/apache2/apache2.conf < Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" EOF - cat > /etc/php/7.0/mods-available/apcu.ini < /etc/php/7.0/mods-available/apcu.ini < /etc/php/7.0/mods-available/opcache.ini < /etc/php/7.0/mods-available/opcache.ini < $STATE_FILE - nohup reboot &>/dev/null & - -elif [ "$STATE" == "2" ]; then - # INSTALL NEXTCLOUD - ########################################## - - cd /var/www/ - wget https://download.nextcloud.com/server/releases/nextcloud-$VER.tar.bz2 -O nextcloud.tar.bz2 - tar -xvf nextcloud.tar.bz2 - rm nextcloud.tar.bz2 - - ocpath='/var/www/nextcloud' - htuser='www-data' - htgroup='www-data' - rootuser='root' - - printf "Creating possible missing Directories\n" - mkdir -p $ocpath/data - mkdir -p $ocpath/updater - mkdir -p $OPCACHEDIR - - printf "chmod Files and Directories\n" - find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640 - find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750 - - printf "chown Directories\n" - # recommended defaults do not play well with updater app - # re-check this with every new version - #chown -R ${rootuser}:${htgroup} ${ocpath}/ - chown -R ${htuser}:${htgroup} ${ocpath}/ - chown -R ${htuser}:${htgroup} ${ocpath}/apps/ - chown -R ${htuser}:${htgroup} ${ocpath}/config/ - chown -R ${htuser}:${htgroup} ${ocpath}/data/ - chown -R ${htuser}:${htgroup} ${ocpath}/themes/ - chown -R ${htuser}:${htgroup} ${ocpath}/updater/ - chown -R ${htuser}:${htgroup} $OPCACHEDIR - - chmod +x ${ocpath}/occ - - printf "chmod/chown .htaccess\n" - if [ -f ${ocpath}/.htaccess ]; then - # breaks updater, see above - #chmod 0644 ${ocpath}/.htaccess - chmod 0664 ${ocpath}/.htaccess - chown ${rootuser}:${htgroup} ${ocpath}/.htaccess - fi - if [ -f ${ocpath}/data/.htaccess ]; then - chmod 0644 ${ocpath}/data/.htaccess - chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess - fi + a2enmod http2 + a2enconf http2 + a2enmod proxy_fcgi setenvif + a2enconf php7.0-fpm + a2enmod rewrite + a2enmod headers + a2enmod env + a2enmod dir + a2enmod mime + a2enmod ssl -cat > /etc/apache2/sites-available/000-default.conf <<'EOF' - - DocumentRoot /var/www/nextcloud - - RewriteEngine On - RewriteCond %{HTTPS} !=on - RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] - - -EOF + # CONFIGURE LAMP FOR NEXTCLOUD + ########################################## -cat > /etc/apache2/sites-available/nextcloud.conf <<'EOF' + $APTINSTALL ssl-cert # self signed snakeoil certs + + cat > /etc/apache2/sites-available/nextcloud.conf <<'EOF' DocumentRoot /var/www/nextcloud @@ -218,28 +156,28 @@ cat > /etc/apache2/sites-available/nextcloud.conf <<'EOF' EOF - a2ensite nextcloud + a2ensite nextcloud - mysql -u root -p$DBPASSWD_ < /etc/update-motd.d/10logo < /etc/update-motd.d/20updates <<'EOF' + cat > /etc/update-motd.d/20updates <<'EOF' #!/bin/bash /usr/local/bin/ncp-check-updates EOF - chmod a+x /etc/update-motd.d/* + chmod a+x /etc/update-motd.d/* - # NEXTCLOUDPI UPDATES - ########################################## - $APTINSTALL git + # NEXTCLOUDPI UPDATES + ########################################## + $APTINSTALL git - cat > /etc/cron.daily/ncp-check-version < /etc/cron.daily/ncp-check-version < /usr/local/bin/ncp-update <<'EOF' @@ -288,64 +226,18 @@ EOF exit } EOF - chmod a+x /usr/local/bin/ncp-update + chmod a+x /usr/local/bin/ncp-update - # update to latest version from github as part of the build process - /usr/local/bin/ncp-update -fi + # update to latest version from github as part of the build process + /usr/local/bin/ncp-update + fi } -configure() -{ - [ "$STATE" != "2" ] && return - cd /var/www/nextcloud/ - - sudo -u www-data php occ maintenance:install --database \ - "mysql" --database-name "nextcloud" --database-user "$DBADMIN_" --database-pass \ - "$DBPASSWD_" --admin-user "$ADMINUSER_" --admin-pass "$DBPASSWD_" - - sudo -u www-data php occ background:cron - - sed -i '$s|^.*$| '\''memcache.local'\'' => '\''\\\\OC\\\\Memcache\\\\APCu'\'',\\n);|' /var/www/nextcloud/config/config.php - - sed -i "s/post_max_size=.*/post_max_size=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini - sed -i "s/upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini - sed -i "s/memory_limit=.*/memory_limit=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini - - # slow transfers will be killed after this time - cat >> /var/www/nextcloud/.user.ini <<< "max_execution_time=$MAXTRANSFERTIME_" - - echo "*/15 * * * * php -f /var/www/nextcloud/cron.php" > /tmp/crontab_http - crontab -u www-data /tmp/crontab_http - rm /tmp/crontab_http - - cat > /usr/local/bin/nextcloud-domain.sh <<'EOF' -#!/bin/bash -IFACE=$( ip r | grep "default via" | awk '{ print $5 }' ) -IP=$( ip a | grep "global $IFACE" | grep -oP '\d{1,3}(.\d{1,3}){3}' | head -1 ) -cd /var/www/nextcloud -sudo -u www-data php occ config:system:set trusted_domains 1 --value=$IP -EOF - - mkdir -p /usr/lib/systemd/system - cat > /usr/lib/systemd/system/nextcloud-domain.service <<'EOF' -[Unit] -Description=Register Current IP as Nextcloud trusted domain -Requires=network.target -After=mysql.service - -[Service] -ExecStart=/bin/bash /usr/local/bin/nextcloud-domain.sh - -[Install] -WantedBy=multi-user.target -EOF - systemctl enable nextcloud-domain -} +configure() { :; } cleanup() { - [ "$STATE" != "2" ] && return + [ "$STATE" != "1" ] && return apt-get autoremove apt-get clean rm /var/lib/apt/lists/* -r -- cgit v1.2.3