diff options
author | Daniel Hansson <mailto@danielhansson.nu> | 2022-05-03 20:25:49 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-03 20:25:49 +0300 |
commit | d97736c616d2eb41da870cb506d4e2b2b8563473 (patch) | |
tree | 1748d3b17a5f0e3f2507151431b9c8e00bdc3d08 | |
parent | c4b764acbd4fb3c66acb24cddfe21774a1363126 (diff) |
Ubuntu 22.04 (#2279)
Signed-off-by: enoch85 <github@hanssonit.se>
-rw-r--r-- | README.md | 8 | ||||
-rw-r--r-- | addons/0-byte-files.sh | 2 | ||||
-rw-r--r-- | addons/fix_invalid_modification_time.sh | 45 | ||||
-rw-r--r-- | addons/redis-server-ubuntu.sh | 4 | ||||
-rw-r--r-- | addons/security.sh | 3 | ||||
-rw-r--r-- | apps/adminer.sh | 2 | ||||
-rw-r--r-- | apps/collabora_docker.sh | 2 | ||||
-rw-r--r-- | apps/fail2ban.sh | 3 | ||||
-rw-r--r-- | apps/fulltextsearch.sh | 2 | ||||
-rw-r--r-- | apps/onlyoffice_docker.sh | 2 | ||||
-rw-r--r-- | apps/pico_cms.sh | 2 | ||||
-rw-r--r-- | apps/talk.sh | 8 | ||||
-rw-r--r-- | apps/tmbitwarden.sh | 2 | ||||
-rw-r--r-- | apps/vaultwarden.sh | 2 | ||||
-rw-r--r-- | apps/webmin.sh | 5 | ||||
-rw-r--r-- | disk/format-chosen.sh | 2 | ||||
-rw-r--r-- | disk/format-sdb.sh | 2 | ||||
-rw-r--r-- | lets-encrypt/activate-tls.sh | 2 | ||||
-rw-r--r-- | lib.sh | 49 | ||||
-rw-r--r-- | nextcloud-startup-script.sh | 37 | ||||
-rw-r--r-- | nextcloud_install_production.sh | 67 | ||||
-rw-r--r-- | nextcloud_update.sh | 8 | ||||
-rw-r--r-- | not-supported/borgbackup.sh | 8 | ||||
-rw-r--r-- | not-supported/pi-hole.sh | 2 | ||||
-rw-r--r-- | not-supported/restore-backup.sh | 2 | ||||
-rw-r--r-- | old/format-sda-nuc-server.sh | 2 | ||||
-rw-r--r-- | static/change_db_pass.sh | 8 |
27 files changed, 197 insertions, 84 deletions
@@ -17,12 +17,12 @@ Server installation. Simplified. :cloud: -------------------- ## Dependencies: -(Ubuntu Server 20.04 LTS 64-bit) +(Ubuntu Server 22.04 LTS 64-bit) <br> -(Linux Kernel: 5.4) +(Linux Kernel: 5.15) - Apache 2.4 -- PostgreSQL 12 -- PHP-FPM 7.4 +- PostgreSQL 14 +- PHP-FPM 8.1 - Redis Memcache (latest stable version from PECL) - PHP-igbinary (latest stable version from PECL - PHP-smbclient (latest stable version from PECL) diff --git a/addons/0-byte-files.sh b/addons/0-byte-files.sh index 892599cc..8554bcc8 100644 --- a/addons/0-byte-files.sh +++ b/addons/0-byte-files.sh @@ -48,4 +48,6 @@ Please see files in red when you hit OK." do print_text_in_color "$IRed" "$each" done +else + msg_box "No 0-byte files found. *peew*" fi diff --git a/addons/fix_invalid_modification_time.sh b/addons/fix_invalid_modification_time.sh new file mode 100644 index 00000000..2ac4bebc --- /dev/null +++ b/addons/fix_invalid_modification_time.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +# T&M Hansson IT AB © - 2022, https://www.hanssonit.se/ + +true +SCRIPT_NAME="Fix 'Could not update metadata due to invalid modified time'." +# shellcheck source=lib.sh +source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) + +# Check if root +root_check + +msg_box "This is an attempt to automate a fix for the nasty bug from the Desktop Client: +https://github.com/nextcloud/desktop/wiki/How-to-fix-the-error-invalid-or-negative-modification-date#-how-to-fix-it + +Please only run this if you made a backup." + +if ! yesno_box_no "Have you made a backup?" +then + exit 1 +fi + +msg_box "OK, let's go! + +Please note, this script might take several hours to run, depening on the size of your datadir. Don't abort it!" + +# Download the script +curl_to_dir https://raw.githubusercontent.com/nextcloud-gmbh/mtime_fixer_tool_kit/master solvable_files.sh $NCPATH + +# Run all the needed variables +ncdb + +if [[ $NCDBTYPE = mysql ]] +then + msg_box "We only support PostgreSQL, sorry!" + exit +fi + +# Run the script and remove it +print_text_in_color "$ICyan" "Running the scan and fixing broken files..." +bash "$NCPATH"/solvable_files.sh "$NCDATA" "$NCDBTYPE" "$NCDBHOST" "$NCDBUSER" "$NCDBPASS" "$NCDB" fix use_birthday verbose +rm "$NCPATH"/solvable_files.sh + +# Scan all files +nextcloud_occ files:scan --all diff --git a/addons/redis-server-ubuntu.sh b/addons/redis-server-ubuntu.sh index 3564f94d..9328a9a6 100644 --- a/addons/redis-server-ubuntu.sh +++ b/addons/redis-server-ubuntu.sh @@ -16,9 +16,9 @@ debug_mode root_check # Check Ubuntu version -if ! version 16.04 "$DISTRO" 20.04.6 +if ! version 18.04 "$DISTRO" 22.04.10 then - msg_box "Your current Ubuntu version is $DISTRO but must be between 16.04 - 20.04.6 to run this script." + msg_box "Your current Ubuntu version is $DISTRO but must be between 18.04 - 22.04.10 to run this script." msg_box "Please contact us to get support for upgrading your server: https://www.hanssonit.se/#contact https://shop.hanssonit.se/" diff --git a/addons/security.sh b/addons/security.sh index 71e072aa..1c368c89 100644 --- a/addons/security.sh +++ b/addons/security.sh @@ -73,6 +73,9 @@ a2enmod reqtimeout # http://httpd.apache.org/docs/2.4/mod/mod_reqtimeout.html # Download the spamhaus script download_script STATIC spamhaus-drop +# Install iptables +install_if_not iptables + # Make the file executable chmod +x "$SCRIPTS"/spamhaus-drop.sh diff --git a/apps/adminer.sh b/apps/adminer.sh index 5cd584df..da441136 100644 --- a/apps/adminer.sh +++ b/apps/adminer.sh @@ -56,7 +56,7 @@ curl_to_dir "https://raw.githubusercontent.com/Niyko/Hydra-Dark-Theme-for-Admine ln -s "$ADMINERDIR"/latest.php "$ADMINERDIR"/adminer.php # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi diff --git a/apps/collabora_docker.sh b/apps/collabora_docker.sh index 75ac4408..6bef4347 100644 --- a/apps/collabora_docker.sh +++ b/apps/collabora_docker.sh @@ -135,7 +135,7 @@ a2enmod ssl a2enmod headers # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi diff --git a/apps/fail2ban.sh b/apps/fail2ban.sh index e2e6478f..93a74dfb 100644 --- a/apps/fail2ban.sh +++ b/apps/fail2ban.sh @@ -112,6 +112,9 @@ do fi done +# Install iptables +install_if_not iptables + # remove ncdata, else it will be used rm -f $NCDATA/nextcloud.log diff --git a/apps/fulltextsearch.sh b/apps/fulltextsearch.sh index 44548b14..e914256b 100644 --- a/apps/fulltextsearch.sh +++ b/apps/fulltextsearch.sh @@ -36,7 +36,7 @@ else # Ask for removal or reinstallation reinstall_remove_menu "$SCRIPT_NAME" # Reset database table - check_command sudo -Hiu postgres psql "$NCCONFIGDB" -c "TRUNCATE TABLE oc_fulltextsearch_ticks;" + check_command sudo -Hiu postgres psql "$NCDB" -c "TRUNCATE TABLE oc_fulltextsearch_ticks;" # Reset Full Text Search to be able to index again, and also remove the app to be able to install it again nextcloud_occ_no_check fulltextsearch:reset APPS=(fulltextsearch fulltextsearch_elasticsearch files_fulltextsearch) diff --git a/apps/onlyoffice_docker.sh b/apps/onlyoffice_docker.sh index 6d525e3b..d8930948 100644 --- a/apps/onlyoffice_docker.sh +++ b/apps/onlyoffice_docker.sh @@ -147,7 +147,7 @@ a2enmod ssl a2enmod headers # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi diff --git a/apps/pico_cms.sh b/apps/pico_cms.sh index 0fbacec3..478f48f8 100644 --- a/apps/pico_cms.sh +++ b/apps/pico_cms.sh @@ -215,7 +215,7 @@ a2enmod ssl a2enmod headers # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi diff --git a/apps/talk.sh b/apps/talk.sh index 4db8d0a9..a1185982 100644 --- a/apps/talk.sh +++ b/apps/talk.sh @@ -65,8 +65,8 @@ else removal_popup "$SCRIPT_NAME" fi -# Must be 20.04 -if ! version 20.04 "$DISTRO" 20.04.6 +# Must be 22.04 +if ! version 20.04 "$DISTRO" 22.04.10 then msg_box "Your current Ubuntu version is $DISTRO but must be between 20.04 - 20.04.10 to install Talk" msg_box "Please contact us to get support for upgrading your server: @@ -76,7 +76,7 @@ exit fi # Nextcloud 19 is required. -lowest_compatible_nc 19 +lowest_compatible_nc 20 ####################### TALK (COTURN) @@ -333,7 +333,7 @@ echo "Hi there! :) If you see this page, the Apache2 proxy for $SCRIPT_NAME is u chown -R www-data:www-data /var/www/html/error # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi diff --git a/apps/tmbitwarden.sh b/apps/tmbitwarden.sh index 0269b074..29328ce7 100644 --- a/apps/tmbitwarden.sh +++ b/apps/tmbitwarden.sh @@ -242,7 +242,7 @@ a2enmod headers a2enmod remoteip # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi diff --git a/apps/vaultwarden.sh b/apps/vaultwarden.sh index 0a40dd85..adb5c827 100644 --- a/apps/vaultwarden.sh +++ b/apps/vaultwarden.sh @@ -123,7 +123,7 @@ a2enmod headers a2enmod remoteip # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi diff --git a/apps/webmin.sh b/apps/webmin.sh index 7c2dd550..8e835108 100644 --- a/apps/webmin.sh +++ b/apps/webmin.sh @@ -50,7 +50,6 @@ install_if_not libpam-runtime install_if_not libio-pty-perl install_if_not apt-show-versions install_if_not python2 -install_if_not python install_if_not unzip install_if_not zip @@ -71,8 +70,8 @@ install_if_not webmin if ! dpkg-query -W -f='${Status}' "webmin" | grep -q "ok installed" then - wget http://prdownloads.sourceforge.net/webadmin/webmin_1.984_all.deb - dpkg --install webmin_1.984_all.deb + wget http://prdownloads.sourceforge.net/webadmin/webmin_1.991_all.deb + dpkg --install webmin_1.991_all.deb fi print_text_in_color "$ICyan" "Configuring Webmin..." diff --git a/disk/format-chosen.sh b/disk/format-chosen.sh index 80bd0639..8233fe70 100644 --- a/disk/format-chosen.sh +++ b/disk/format-chosen.sh @@ -10,7 +10,7 @@ source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercont # Check if root root_check -# Needs to be Ubuntu 18.04 and Multiverse +# Needs to be Ubuntu 20.04 and Multiverse check_distro_version check_multiverse diff --git a/disk/format-sdb.sh b/disk/format-sdb.sh index 8aa78d07..148b8288 100644 --- a/disk/format-sdb.sh +++ b/disk/format-sdb.sh @@ -10,7 +10,7 @@ source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercont # Check if root root_check -# Needs to be Ubuntu 18.04 and Multiverse +# Needs to be Ubuntu 20.04 and Multiverse check_distro_version check_multiverse diff --git a/lets-encrypt/activate-tls.sh b/lets-encrypt/activate-tls.sh index 7c372253..32c72091 100644 --- a/lets-encrypt/activate-tls.sh +++ b/lets-encrypt/activate-tls.sh @@ -116,7 +116,7 @@ fi check_php # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi @@ -8,6 +8,15 @@ true # see https://github.com/koalaman/shellcheck/wiki/Directive +##### LEGACY ##### +## Remove 2022-09-01 +NCPASS=nextcloud +NCUSER=ncadmin +PGDB_USER=nextcloud_db_user +NCCONFIGDBPASS=$(grep 'dbpassword "$NCPATH"/config/config.php | awk '{print $3}' | sed "s/[',]//g")" +NCCONFIGDB=$(grep 'dbname' "$NCPATH"/config/config.php | awk '{print $3}' | sed "s/[',]//g")" + + ## VARIABLES # Dirs @@ -41,7 +50,7 @@ gen_passwd() { DISTRO=$(lsb_release -sr) KEYBOARD_LAYOUT=$(localectl status | grep "Layout" | awk '{print $3}') # Hypervisor -# HYPERVISOR=$(dmesg --notime | grep -i hypervisor | cut -d ':' -f2 | head -1 | tr -d ' ') TODO +### TODO ### HYPERVISOR=$(dmesg --notime | grep -i hypervisor | cut -d ':' -f2 | head -1 | tr -d ' ') SYSVENDOR=$(cat /sys/devices/virtual/dmi/id/sys_vendor) # Network IFACE=$(ip r | grep "default via" | awk '{print $5}') @@ -103,8 +112,8 @@ GEOBLOCKDAT="$GITHUB_REPO/geoblockdat" NCREPO="https://download.nextcloud.com/server/releases" ISSUES="https://github.com/nextcloud/vm/issues" # User information -NCPASS=nextcloud -NCUSER=ncadmin +GUIUSER=ncadmin +GUIPASS=nextcloud UNIXUSER=$SUDO_USER UNIXUSER_PROFILE="/home/$UNIXUSER/.bash_profile" ROOT_PROFILE="/root/.bash_profile" @@ -113,16 +122,16 @@ BITWARDEN_USER=bitwarden BITWARDEN_HOME=/home/"$BITWARDEN_USER" # Database SHUF=$(shuf -i 25-29 -n 1) +PGDB_USER=nextcloud_db_user PGDB_PASS=$(gen_passwd "$SHUF" "a-zA-Z0-9@#*") NEWPGPASS=$(gen_passwd "$SHUF" "a-zA-Z0-9@#*") ncdb() { - NCCONFIGDB=$(grep "dbname" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g") -} -[ -n "$NCDB" ] && ncdb # TODO: remove this line someday -ncdbpass() { - NCCONFIGDBPASS=$(grep "dbpassword" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g") + NCDB=$(grep "dbname" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g") + NCDBPASS=$(grep "dbpassword" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g") + NCDBUSER=$(grep "dbuser" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g") + NCDBTYPE=$(grep "dbtype" /var/www/nextcloud/config/config.php | awk '{print $3}' | sed "s/[',]//g") + NCDBHOST=$(grep "dbhost" /var/www/nextcloud/config/config.php | awk '{print $3}' | sed "s/[',]//g") } -[ -n "$NCDBPASS" ] && ncdbpass # TODO: remove this line someday # Path to specific files SECURE="$SCRIPTS/setup_secure_permissions_nextcloud.sh" # Nextcloud version @@ -134,7 +143,6 @@ nc_update() { NCBAD=$((NCMAJOR-2)) NCNEXT="$((${CURRENTVERSION%%.*}+1))" } -[ -n "$NC_UPDATE" ] && nc_update # TODO: remove this line someday # Set the hour for automatic updates. This would be 18:00 as only the hour is configurable. AUT_UPDATES_TIME="18" # Keys @@ -151,7 +159,7 @@ HTTP_CONF="nextcloud_http_domain_self_signed.conf" HTTPS_CONF="$SITES_AVAILABLE/$SUBDOMAIN.conf" HTTP2_CONF="/etc/apache2/mods-available/http2.conf" # PHP-FPM -PHPVER=7.4 +PHPVER=8.1 PHP_FPM_DIR=/etc/php/$PHPVER/fpm PHP_INI=$PHP_FPM_DIR/php.ini PHP_POOL_DIR=$PHP_FPM_DIR/pool.d @@ -200,7 +208,6 @@ turn_install() { NC_SECRET=$(gen_passwd "$SHUF" "a-zA-Z0-9@#*") SIGNALING_SERVER_CONF=/etc/signaling/server.conf } -[ -n "$TURN_INSTALL" ] && turn_install # TODO: remove this line someday ## FUNCTIONS @@ -691,10 +698,10 @@ version(){ [[ $2 != "$h" && $2 != "$t" ]] } -if ! version 18.04 "$DISTRO" 20.04.10 +if ! version 20.04 "$DISTRO" 22.04.10 then print_text_in_color "$IRed" "Your current Ubuntu version is $DISTRO but must be between \ -18.04 - 20.04.10 to run this script." +20.04 - 22.04.10 to run this script." print_text_in_color "$ICyan" "Please contact us for support upgrading your server:" print_text_in_color "$ICyan" "https://www.hanssonit.se/#contact" print_text_in_color "$ICyan" "https://shop.hanssonit.se/" @@ -1020,13 +1027,13 @@ remove_from_trusted_domains() { check_distro_version() { # Check Ubuntu version -if lsb_release -sc | grep -ic "bionic" &> /dev/null || lsb_release -sc | grep -ic "focal" &> /dev/null +if lsb_release -sc | grep -ic "jammy" &> /dev/null || lsb_release -sc | grep -ic "bionic" &> /dev/null then OS=1 elif lsb_release -i | grep -ic "Ubuntu" &> /dev/null then OS=1 -elif uname -a | grep -ic "bionic" &> /dev/null || uname -a | grep -ic "focal" &> /dev/null +elif uname -a | grep -ic "jammy" &> /dev/null || uname -a | grep -ic "bionic" &> /dev/null then OS=1 elif uname -v | grep -ic "Ubuntu" &> /dev/null @@ -1043,8 +1050,8 @@ You can find the download link here: https://www.ubuntu.com/download/server" exit 1 fi -if ! version 18.04 "$DISTRO" 20.04.10; then - msg_box "Your current Ubuntu version is $DISTRO but must be between 18.04 - 20.04.10 to run this script." +if ! version 20.04.10 "$DISTRO" 22.04.10; then + msg_box "Your current Ubuntu version is $DISTRO but must be between 20.04 - 22.04.10 to run this script." msg_box "Please contact us to get support for upgrading your server: https://www.hanssonit.se/#contact https://shop.hanssonit.se/" @@ -1096,7 +1103,7 @@ then To bypass this check, comment out (add # before the line) 'ram_check X' in the script that you are trying to run. -In nextcloud_install_production.sh you can find the check somewhere around line #98. +In nextcloud_install_production.sh you can find the check somewhere around line #48. Please note this may affect performance. USE AT YOUR OWN RISK!" exit 1 @@ -1169,7 +1176,7 @@ version(){ [[ $2 != "$h" && $2 != "$t" ]] } -if version 18.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then print_text_in_color "$ICyan" "Testing if network is OK..." if site_200 github.com @@ -1194,7 +1201,7 @@ then fi fi else - msg_box "Your current Ubuntu version is $DISTRO but must be between 18.04 - 20.04.10 to run this script." + msg_box "Your current Ubuntu version is $DISTRO but must be between 20.04 - 22.04.10 to run this script." msg_box "Please contact us to get support for upgrading your server: https://www.hanssonit.se/#contact https://shop.hanssonit.se/" diff --git a/nextcloud-startup-script.sh b/nextcloud-startup-script.sh index e977271b..151e2e34 100644 --- a/nextcloud-startup-script.sh +++ b/nextcloud-startup-script.sh @@ -348,31 +348,36 @@ bash $SCRIPTS/additional_apps.sh ### Change passwords # CLI USER -msg_box "For better security, we will now change the password for the CLI user in Ubuntu." UNIXUSER="$(getent group sudo | cut -d: -f4 | cut -d, -f1)" -while : -do - UNIX_PASSWORD=$(input_box_flow "Please type in the new password for the current CLI user in Ubuntu: $UNIXUSER.") - if [[ "$UNIX_PASSWORD" == *" "* ]] - then - msg_box "Please don't use spaces." - else - break - fi -done -if check_command echo "$UNIXUSER:$UNIX_PASSWORD" | sudo chpasswd +if [[ "$UNIXUSER" != "ncadmin" ]] then - msg_box "The new password for the current CLI user in Ubuntu ($UNIXUSER) is now set to: $UNIX_PASSWORD + print_text_in_color "$ICyan" "No need to change password for CLI user '$UNIXUSER' since it's not the default user." +else + msg_box "For better security, we will now change the password for the CLI user in Ubuntu." + while : + do + UNIX_PASSWORD=$(input_box_flow "Please type in the new password for the current CLI user in Ubuntu: $UNIXUSER.") + if [[ "$UNIX_PASSWORD" == *" "* ]] + then + msg_box "Please don't use spaces." + else + break + fi + done + if check_command echo "$UNIXUSER:$UNIX_PASSWORD" | sudo chpasswd + then + msg_box "The new password for the current CLI user in Ubuntu ($UNIXUSER) is now set to: $UNIX_PASSWORD -This is used when you login to the Ubuntu CLI." + This is used when you login to the Ubuntu CLI." + fi fi unset UNIX_PASSWORD # NEXTCLOUD USER NCADMIN=$(nextcloud_occ user:list | awk '{print $3}') -if ! echo "$NCADMIN" | grep ncadmin +if [[ "$NCADMIN" != "ncadmin" ]] then - msg_box "Not changing password for the user 'ncadmin' since it doesn't exist on the system." + print_text_in_color "$ICyan" "No need to change password for GUI user '$NCADMIN' since it's not the default user." else msg_box "We will now change the username and password for the Web Admin in Nextcloud." while : diff --git a/nextcloud_install_production.sh b/nextcloud_install_production.sh index e8719d22..5cf7a354 100644 --- a/nextcloud_install_production.sh +++ b/nextcloud_install_production.sh @@ -119,7 +119,7 @@ bash $SCRIPTS/adduser.sh "nextcloud_install_production.sh" rm -f $SCRIPTS/adduser.sh # Check distribution and version -if ! version 20.04 "$DISTRO" 20.04.6 +if ! version 20.04 "$DISTRO" 22.04.10 then msg_box "This script can only be run on Ubuntu 20.04 (server)." exit 1 @@ -190,6 +190,8 @@ stop_if_installed php7.1-fpm stop_if_installed php7.2-fpm stop_if_installed php7.3-fpm stop_if_installed php8.0-fpm +stop_if_installed php8.1-fpm +stop_if_installed php8.2-fpm stop_if_installed mysql-common stop_if_installed mariadb-server @@ -222,6 +224,12 @@ install_if_not apt-transport-https # Install build-essentials to get make install_if_not build-essential +# Install a decent text editor +install_if_not nano + +# Install package for crontab +install_if_not cron + # Make sure sudo exists (needed in adduser.sh) install_if_not sudo @@ -319,7 +327,7 @@ $MENU_GUIDE" "$WT_HEIGHT" "$WT_WIDTH" 4 \ done # Install PostgreSQL -# sudo add-apt-repository "deb http://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main" +# sudo add-apt-repository "deb http://apt.postgresql.org/pub/repos/apt/ jammy-pgdg main" # curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add - apt-get update -q4 & spinner_loading apt-get install postgresql -y @@ -327,8 +335,8 @@ apt-get install postgresql -y # Create DB cd /tmp sudo -u postgres psql <<END -CREATE USER $NCUSER WITH PASSWORD '$PGDB_PASS'; -CREATE DATABASE nextcloud_db WITH OWNER $NCUSER TEMPLATE template0 ENCODING 'UTF8'; +CREATE USER $PGDB_USER WITH PASSWORD '$PGDB_PASS'; +CREATE DATABASE nextcloud_db WITH OWNER $PGDB_USER TEMPLATE template0 ENCODING 'UTF8'; END print_text_in_color "$ICyan" "PostgreSQL password: $PGDB_PASS" systemctl restart postgresql.service @@ -376,7 +384,6 @@ check_command apt-get install -y \ php"$PHPVER"-zip \ php"$PHPVER"-mbstring \ php"$PHPVER"-soap \ - php"$PHPVER"-json \ php"$PHPVER"-gmp \ php"$PHPVER"-bz2 \ php"$PHPVER"-bcmath \ @@ -434,7 +441,10 @@ restart_webserver calculate_php_fpm # Install VM-tools -install_if_not open-vm-tools +if [ "$SYSVENDOR" == "VMware, Inc." ]; +then + install_if_not open-vm-tools +fi # Get not-latest Nextcloud version if [ -n "$NOT_LATEST" ] @@ -466,6 +476,45 @@ rm "$HTML/$STABLEVERSION.tar.bz2" download_script STATIC setup_secure_permissions_nextcloud bash $SECURE & spinner_loading +# Ask to set a custom username +if yesno_box_no "Nextcloud is about to be installed.\nDo you want to change the standard GUI user '$GUIUSER' to something else?" +then + while : + do + GUIUSER=$(input_box_flow "Please type in the name of the Web Admin in Nextcloud. +\nThe only allowed characters for the username are: +'a-z', 'A-Z', '0-9', and '_.@-'") + if [[ "$GUIUSER" == *" "* ]] + then + msg_box "Please don't use spaces." + # - has to be escaped otherwise it won't work. + # Inspired by: https://unix.stackexchange.com/a/498731/433213 + elif [ "${GUIUSER//[A-Za-z0-9_.\-@]}" ] + then + msg_box "Allowed characters for the username are:\na-z', 'A-Z', '0-9', and '_.@-'\n\nPlease try again." + else + break + fi + done + while : + do + GUIPASS=$(input_box_flow "Please type in the new password for the new Web Admin ($GUIUSER) in Nextcloud.") + if [[ "$GUIPASS" == *" "* ]] + then + msg_box "Please don't use spaces." + fi + if [ "${GUIPASS//[A-Za-z0-9_.\-@]}" ] + then + msg_box "Allowed characters for the password are:\na-z', 'A-Z', '0-9', and '_.@-'\n\nPlease try again." + else + msg_box "The new Web Admin in Nextcloud is now: $GUIUSER\nThe password is set to: $GUIPASS +This is used when you login to Nextcloud itself, i.e. on the web." + break + fi + done + +fi + # Install Nextcloud print_text_in_color "$ICyan" "Installing Nextcloud..." cd "$NCPATH" @@ -473,10 +522,10 @@ nextcloud_occ maintenance:install \ --data-dir="$NCDATA" \ --database=pgsql \ --database-name=nextcloud_db \ ---database-user="$NCUSER" \ +--database-user="$PGDB_USER" \ --database-pass="$PGDB_PASS" \ ---admin-user="$NCUSER" \ ---admin-pass="$NCPASS" +--admin-user="$GUIUSER" \ +--admin-pass="$GUIPASS" echo print_text_in_color "$ICyan" "Nextcloud version:" nextcloud_occ status diff --git a/nextcloud_update.sh b/nextcloud_update.sh index ee8f7c7f..fcf8e846 100644 --- a/nextcloud_update.sh +++ b/nextcloud_update.sh @@ -232,7 +232,7 @@ Holding PHP to avoid upgrading to a newer version without migration..." fi # Don't allow MySQL/MariaDB -if ! grep -q pgsql /var/www/nextcloud/config/config.php || dpkg -l | grep -q mariadb-common +if [[ $NCDBTYPE = mysql ]] then msg_box "MySQL/MariaDB is not supported in this script anymore. Please contact us to get support \ for upgrading your server: https://shop.hanssonit.se/product/premium-support-per-30-minutes/" @@ -882,10 +882,10 @@ fi if is_this_installed postgresql-common then cd /tmp - if sudo -u postgres psql -c "SELECT 1 AS result FROM pg_database WHERE datname='$NCCONFIGDB'" | grep "1 row" > /dev/null + if sudo -u postgres psql -c "SELECT 1 AS result FROM pg_database WHERE datname='$NCDB'" | grep "1 row" > /dev/null then - print_text_in_color "$ICyan" "Doing pgdump of $NCCONFIGDB..." - check_command sudo -u postgres pg_dump "$NCCONFIGDB" > "$BACKUP"/nextclouddb.sql + print_text_in_color "$ICyan" "Doing pgdump of $NCDB..." + check_command sudo -u postgres pg_dump "$NCDB" > "$BACKUP"/nextclouddb.sql else print_text_in_color "$ICyan" "Doing pgdump of all databases..." check_command sudo -u postgres pg_dumpall > "$BACKUP"/alldatabases.sql diff --git a/not-supported/borgbackup.sh b/not-supported/borgbackup.sh index 6a25dca4..b63a9445 100644 --- a/not-supported/borgbackup.sh +++ b/not-supported/borgbackup.sh @@ -279,13 +279,13 @@ Please don't restart or shutdown your server until then!" nextcloud_occ_no_check maintenance:mode --on # Database export # Not really necessary since the root partition gets backed up but easier to restore on new systems - ncdb # get NCCONFIGDB + ncdb # get NCDB rm -f "$SCRIPTS"/nextclouddb.sql rm -f "$SCRIPTS"/alldatabases.sql - if sudo -Hiu postgres psql -c "SELECT 1 AS result FROM pg_database WHERE datname='$NCCONFIGDB'" | grep -q "1 row" + if sudo -Hiu postgres psql -c "SELECT 1 AS result FROM pg_database WHERE datname='$NCDB'" | grep -q "1 row" then - inform_user "$ICyan" "Doing pgdump of $NCCONFIGDB..." - sudo -Hiu postgres pg_dump "$NCCONFIGDB" > "$SCRIPTS"/nextclouddb.sql + inform_user "$ICyan" "Doing pgdump of $NCDB..." + sudo -Hiu postgres pg_dump "$NCDB" > "$SCRIPTS"/nextclouddb.sql chown root:root "$SCRIPTS"/nextclouddb.sql chmod 600 "$SCRIPTS"/nextclouddb.sql else diff --git a/not-supported/pi-hole.sh b/not-supported/pi-hole.sh index 69e4c0b3..71620ca0 100644 --- a/not-supported/pi-hole.sh +++ b/not-supported/pi-hole.sh @@ -311,7 +311,7 @@ a2enmod proxy a2enmod proxy_http # Only add TLS 1.3 on Ubuntu later than 20.04 -if version 20.04 "$DISTRO" 20.04.10 +if version 20.04 "$DISTRO" 22.04.10 then TLS13="+TLSv1.3" fi diff --git a/not-supported/restore-backup.sh b/not-supported/restore-backup.sh index f9ae1700..9bf5de10 100644 --- a/not-supported/restore-backup.sh +++ b/not-supported/restore-backup.sh @@ -79,7 +79,7 @@ then exit 1 fi # Check if dbuser is ncadmin -if [ "$(nextcloud_occ config:system:get dbuser)" != "$NCUSER" ] +if [ "$(nextcloud_occ config:system:get dbuser)" != "$PGDB_USER" ] then msg_box "It seems like the default dbuser is not ncadmin.\nThis is not supported." exit 1 diff --git a/old/format-sda-nuc-server.sh b/old/format-sda-nuc-server.sh index 9d084119..e96f81c9 100644 --- a/old/format-sda-nuc-server.sh +++ b/old/format-sda-nuc-server.sh @@ -10,7 +10,7 @@ source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercont # Check if root root_check -# Needs to be Ubuntu 18.04 and Multiverse +# Needs to be Ubuntu 20.04 and Multiverse check_distro_version check_multiverse diff --git a/static/change_db_pass.sh b/static/change_db_pass.sh index 75d39e0e..d82f4b0e 100644 --- a/static/change_db_pass.sh +++ b/static/change_db_pass.sh @@ -5,7 +5,7 @@ SCRIPT_NAME="Change Database Password" source /var/scripts/fetch_lib.sh || source <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) # Get all needed variables from the library -ncdbpass +ncdb # T&M Hansson IT AB © - 2022, https://www.hanssonit.se/ @@ -19,12 +19,12 @@ debug_mode cd /tmp sudo -u www-data php "$NCPATH"/occ config:system:set dbpassword --value="$NEWPGPASS" -if [ "$(sudo -u postgres psql -c "ALTER USER $NCUSER WITH PASSWORD '$NEWPGPASS'";)" == "ALTER ROLE" ] +if [ "$(sudo -u postgres psql -c "ALTER USER $PGDB_USER WITH PASSWORD '$NEWPGPASS'";)" == "ALTER ROLE" ] then sleep 1 else print_text_in_color "$IRed" "Changing PostgreSQL Nextcloud password failed." - sed -i "s| 'dbpassword' =>.*| 'dbpassword' => '$NCCONFIGDBPASS',|g" /var/www/nextcloud/config/config.php - print_text_in_color "$IRed" "Nothing is changed. Your old password is: $NCCONFIGDBPASS" + sed -i "s| 'dbpassword' =>.*| 'dbpassword' => '$NCDBPASS',|g" /var/www/nextcloud/config/config.php + print_text_in_color "$IRed" "Nothing is changed. Your old password is: $NCDBPASS" exit 1 fi |