v1
This commit is contained in:
138
lib.sh
138
lib.sh
@@ -30,14 +30,15 @@ WANIP4=$(curl -s -k -m 5 https://ipv4bot.whatismyipaddress.com)
|
||||
[ -n "$LOAD_IP6" ] && WANIP6=$(curl -s -k -m 5 https://ipv6bot.whatismyipaddress.com)
|
||||
INTERFACES="/etc/netplan/01-netcfg.yaml"
|
||||
GATEWAY=$(ip route | grep default | awk '{print $3}')
|
||||
DNS1="9.9.9.9"
|
||||
DNS2="149.112.112.112"
|
||||
DNS1="10.10.10.10"
|
||||
DNS2="10.5.10.5"
|
||||
# Repo
|
||||
GITHUB_REPO="https://raw.githubusercontent.com/nextcloud/vm/master"
|
||||
STATIC="$GITHUB_REPO/static"
|
||||
LETS_ENC="$GITHUB_REPO/lets-encrypt"
|
||||
APP="$GITHUB_REPO/apps"
|
||||
NCREPO="https://download.nextcloud.com/server/releases"
|
||||
#NCREPO="https://download.nextcloud.com/server/releases"
|
||||
NCREPO="https://download.nextcloud.com/server/prereleases"
|
||||
ISSUES="https://github.com/nextcloud/vm/issues"
|
||||
# User information
|
||||
NCPASS=nextcloud
|
||||
@@ -53,7 +54,8 @@ NEWMARIADBPASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head
|
||||
ETCMYCNF=/etc/mysql/my.cnf
|
||||
MYCNF=/root/.my.cnf
|
||||
[ -n "$MYCNFPW" ] && MARIADBMYCNFPASS=$(grep "password" $MYCNF | sed -n "/password/s/^password='\(.*\)'$/\1/p")
|
||||
PGDB_PASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
|
||||
DB_USER='nextcloud'
|
||||
DB_PASS='Dc$@2057'
|
||||
NEWPGPASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
|
||||
[ -n "$NCDB" ] && NCCONFIGDB=$(grep "dbname" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g")
|
||||
[ -n "$NCDBPASS" ] && NCCONFIGDBPASS=$(grep "dbpassword" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g")
|
||||
@@ -63,8 +65,11 @@ SSL_CONF="/etc/apache2/sites-available/nextcloud_ssl_domain_self_signed.conf"
|
||||
HTTP_CONF="/etc/apache2/sites-available/nextcloud_http_domain_self_signed.conf"
|
||||
# Nextcloud version
|
||||
[ -n "$NC_UPDATE" ] && CURRENTVERSION=$(sudo -u www-data php $NCPATH/occ status | grep "versionstring" | awk '{print $3}')
|
||||
# [ -n "$NC_UPDATE" ] && NCVERSION=$(curl -s -m 900 $NCREPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)
|
||||
# [ -n "$NC_UPDATE" ] && STABLEVERSION="nextcloud-$NCVERSION"
|
||||
[ -n "$NC_UPDATE" ] && NCVERSION=$(curl -s -m 900 $NCREPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)
|
||||
[ -n "$NC_UPDATE" ] && STABLEVERSION="nextcloud-$NCVERSION"
|
||||
|
||||
[ -n "$NC_UPDATE" ] && NCMAJOR="${NCVERSION%%.*}"
|
||||
[ -n "$NC_UPDATE" ] && NCBAD=$((NCMAJOR-2))
|
||||
# Keys
|
||||
@@ -85,7 +90,7 @@ DHPARAMS="$CERTFILES/$SUBDOMAIN/dhparam.pem"
|
||||
HTTPS_CONF="/etc/apache2/sites-available/$SUBDOMAIN.conf"
|
||||
HTTP2_CONF="/etc/apache2/mods-available/http2.conf"
|
||||
# PHP-FPM
|
||||
PHPVER=7.2
|
||||
PHPVER=7.3
|
||||
PHP_FPM_DIR=/etc/php/$PHPVER/fpm
|
||||
PHP_INI=$PHP_FPM_DIR/php.ini
|
||||
PHP_POOL_DIR=$PHP_FPM_DIR/pool.d
|
||||
@@ -270,97 +275,6 @@ then
|
||||
fi
|
||||
}
|
||||
|
||||
# Warn user that HTTP/2 will be disabled if installing app that use Apache2 PHP instead of PHP-FPM
|
||||
# E.g: http2_warn Modsecurity
|
||||
http2_warn() {
|
||||
msg_box "This VM has HTTP/2 enabled by default.
|
||||
|
||||
If you continue with installing $1, HTTP/2 will be disabled since it's not compatible with the mpm module used by $1.
|
||||
|
||||
This is what Apache will say in the error.log if you enable $1 anyway:
|
||||
'The mpm module (prefork.c) is not supported by mod_http2.
|
||||
The mpm determines how things are processed in your server.
|
||||
HTTP/2 has more demands in this regard and the currently selected mpm will just not do.
|
||||
This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.'"
|
||||
|
||||
if [[ "no" == $(ask_yes_or_no "Do you really want to enable $1 anyway?") ]]
|
||||
then
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
calculate_php_fpm() {
|
||||
# Minimum amount of max children (lower than this won't work with 2 GB RAM)
|
||||
min_max_children=8
|
||||
# If start servers are lower than this then it's likely that there are room for max_spare_servers
|
||||
min_start_servers=20
|
||||
# Maximum amount of children is only set if the min_start_servers value are met
|
||||
min_max_spare_servers=35
|
||||
|
||||
# Calculate the sum of the current values
|
||||
CURRENT_START="$(grep pm.start_servers "$PHP_POOL_DIR"/nextcloud.conf | awk '{ print $3}')"
|
||||
CURRENT_MAX="$(grep pm.max_spare_servers "$PHP_POOL_DIR"/nextcloud.conf | awk '{ print $3}')"
|
||||
CURRENT_MIN="$(grep pm.min_spare_servers "$PHP_POOL_DIR"/nextcloud.conf | awk '{ print $3}')"
|
||||
CURRENT_SUM="$((CURRENT_START + CURRENT_MAX + CURRENT_MIN))"
|
||||
|
||||
# Calculate max_children depending on RAM
|
||||
# Tends to be between 30-50MB per children
|
||||
average_php_memory_requirement=50
|
||||
available_memory=$(awk '/MemAvailable/ {printf "%d", $2/1024}' /proc/meminfo)
|
||||
PHP_FPM_MAX_CHILDREN=$((available_memory/average_php_memory_requirement))
|
||||
|
||||
# Lowest possible value is 8
|
||||
print_text_in_color "$ICyan" "Automatically configures pm.max_children for php-fpm..."
|
||||
if [ $PHP_FPM_MAX_CHILDREN -lt $min_max_children ]
|
||||
then
|
||||
msg_box "The current max_children value available to set is $PHP_FPM_MAX_CHILDREN, and with that value PHP-FPM won't function properly.
|
||||
The minimum value is 8, and the value is calculated depening on how much RAM you have left to use in the system.
|
||||
|
||||
The absolute minimum amount of RAM required to run the VM is 2 GB, but we recomend 4 GB.
|
||||
|
||||
You now have two choices:
|
||||
1. Import this VM again, raise the amount of RAM with at least 1 GB, and then run this script again,
|
||||
installing it in the same way as you did before.
|
||||
2. Import this VM again without raising the RAM, but don't install any of the following apps:
|
||||
1) Collabora
|
||||
2) OnlyOffice
|
||||
3) Full Text Search
|
||||
|
||||
This script will now exit.
|
||||
The installation was not successful, sorry for the inconvenience.
|
||||
|
||||
If you think this is a bug, please report it to $ISSUES"
|
||||
exit 1
|
||||
else
|
||||
check_command sed -i "s|pm.max_children.*|pm.max_children = $PHP_FPM_MAX_CHILDREN|g" "$PHP_POOL_DIR"/nextcloud.conf
|
||||
print_text_in_color "$IGreen" "pm.max_children was set to $PHP_FPM_MAX_CHILDREN"
|
||||
# Check if the sum of all the current values are more than $PHP_FPM_MAX_CHILDREN and only continue it is
|
||||
if [ $PHP_FPM_MAX_CHILDREN -gt $CURRENT_SUM ]
|
||||
then
|
||||
# Set pm.max_spare_servers
|
||||
if [ $PHP_FPM_MAX_CHILDREN -ge $min_max_spare_servers ]
|
||||
then
|
||||
if [ "$(grep pm.start_servers "$PHP_POOL_DIR"/nextcloud.conf | awk '{ print $3}')" -lt $min_start_servers ]
|
||||
then
|
||||
check_command sed -i "s|pm.max_spare_servers.*|pm.max_spare_servers = $((PHP_FPM_MAX_CHILDREN - 30))|g" "$PHP_POOL_DIR"/nextcloud.conf
|
||||
print_text_in_color "$IGreen" "pm.max_spare_servers was set to $((PHP_FPM_MAX_CHILDREN - 30))"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# If $PHP_FPM_MAX_CHILDREN is lower than the current sum of all values, revert to default settings
|
||||
if [ $PHP_FPM_MAX_CHILDREN -lt $CURRENT_SUM ]
|
||||
then
|
||||
check_command sed -i "s|pm.max_children.*|pm.max_children = $PHP_FPM_MAX_CHILDREN|g" "$PHP_POOL_DIR"/nextcloud.conf
|
||||
check_command sed -i "s|pm.start_servers.*|pm.start_servers = 3|g" "$PHP_POOL_DIR"/nextcloud.conf
|
||||
check_command sed -i "s|pm.min_spare_servers.*|pm.min_spare_servers = 2|g" "$PHP_POOL_DIR"/nextcloud.conf
|
||||
check_command sed -i "s|pm.max_spare_servers.*|pm.max_spare_servers = 3|g" "$PHP_POOL_DIR"/nextcloud.conf
|
||||
print_text_in_color "$ICyan" "All PHP-INI values were set back to default values as the value for pm.max_children ($PHP_FPM_MAX_CHILDREN) was lower than the sum of all the current values ($CURRENT_SUM)"
|
||||
print_text_in_color "$ICyan" "Please run this again to set optimal values"
|
||||
fi
|
||||
restart_webserver
|
||||
}
|
||||
|
||||
test_connection() {
|
||||
# Install dnsutils if not existing
|
||||
@@ -411,32 +325,6 @@ fi
|
||||
|
||||
}
|
||||
|
||||
# Install certbot (Let's Encrypt)
|
||||
install_certbot() {
|
||||
certbot --version 2> /dev/null
|
||||
LE_IS_AVAILABLE=$?
|
||||
if [ $LE_IS_AVAILABLE -eq 0 ]
|
||||
then
|
||||
certbot --version 2> /dev/null
|
||||
else
|
||||
print_text_in_color "$ICyan" "Installing certbot (Let's Encrypt)..."
|
||||
apt update -q4 & spinner_loading
|
||||
install_if_not software-properties-common
|
||||
add-apt-repository ppa:certbot/certbot -y
|
||||
apt update -q4 & spinner_loading
|
||||
install_if_not certbot
|
||||
apt update -q4 & spinner_loading
|
||||
apt dist-upgrade -y
|
||||
fi
|
||||
}
|
||||
|
||||
# Let's Encrypt for subdomains
|
||||
le_subdomain() {
|
||||
a2dissite 000-default.conf
|
||||
service apache2 reload
|
||||
certbot certonly --standalone --pre-hook "service apache2 stop" --post-hook "service apache2 start" --agree-tos --rsa-key-size 4096 -d "$SUBDOMAIN"
|
||||
}
|
||||
|
||||
# Check if port is open # check_open_port 443 domain.example.com
|
||||
check_open_port() {
|
||||
print_text_in_color "$ICyan" "Checking if port ${1} is open with https://ports.yougetsignal.com..."
|
||||
@@ -628,8 +516,10 @@ download_verify_nextcloud_stable() {
|
||||
while [ -z "$NCVERSION" ]
|
||||
do
|
||||
print_text_in_color "$ICyan" "Fetching the latest Nextcloud version..."
|
||||
NCVERSION=$(curl -s -m 900 $NCREPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)
|
||||
STABLEVERSION="nextcloud-$NCVERSION"
|
||||
# NCVERSION=$(curl -s -m 900 $NCREPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)
|
||||
# STABLEVERSION="nextcloud-$NCVERSION"
|
||||
NCVERSION=$(curl -s -m 900 $NCREPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)
|
||||
STABLEVERSION="nextcloud-$NCVERSION"
|
||||
print_text_in_color "$IGreen" "$NCVERSION"
|
||||
done
|
||||
install_if_not gnupg
|
||||
|
||||
Reference in New Issue
Block a user