v1

2019-11-14 20:26:32 -06:00
parent ac7cd93dfe
commit ff77cf26f5
4 changed files with 30 additions and 415 deletions
--- a/nextcloud_install_production.sh
+++ b/nextcloud_install_production.sh
@@ -8,7 +8,7 @@ sed -i "s|#precedence ::ffff:0:0/96  100|precedence ::ffff:0:0/96  100|g" /etc/g
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+. <(curl -sL https://git.schroedercity.com/voltron/Nextcloud-Install/raw/branch/master/lib.sh)

 # Check if dpkg or apt is running
 is_process_running apt
@@ -44,7 +44,7 @@ fi
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-FIRST_IFACE=1 && CHECK_CURRENT_REPO=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+FIRST_IFACE=1 && CHECK_CURRENT_REPO=1 . <(curl -sL https://git.schroedercity.com/voltron/Nextcloud-Install/raw/branch/master/lib.sh)
 unset FIRST_IFACE
 unset CHECK_CURRENT_REPO

@@ -216,50 +216,6 @@ else
    fi
 fi

-# Install PostgreSQL
-# sudo add-apt-repository "deb http://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main"
-# curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
-apt update -q4 & spinner_loading
-apt install postgresql-10 -y
-
-# Create DB
-cd /tmp
-sudo -u postgres psql <<END
-CREATE USER $NCUSER WITH PASSWORD '$PGDB_PASS';
-CREATE DATABASE nextcloud_db WITH OWNER $NCUSER TEMPLATE template0 ENCODING 'UTF8';
-END
-print_text_in_color "$ICyan" "PostgreSQL password: $PGDB_PASS"
-service postgresql restart
-
-# Install Apache
-check_command apt install apache2 -y
-a2enmod rewrite \
-        headers \
-        proxy \
-        proxy_fcgi \
-        setenvif \
-        env \
-        mime \
-        dir \
-        authz_core \
-        alias \
-        ssl
-
-# We don't use Apache PHP (just to be sure)
-a2dismod mpm_prefork
-
-# Disable server tokens in Apache
-if ! grep -q 'ServerSignature' /etc/apache2/apache2.conf
-then
-{
-echo "# Turn off ServerTokens for both Apache and PHP"
-echo "ServerSignature Off"
-echo "ServerTokens Prod"
-} >> /etc/apache2/apache2.conf
-
-    check_command systemctl restart apache2.service
-fi
-
 # Install PHP "$PHPVER"
 apt update -q4 & spinner_loading
 check_command apt install -y \
@@ -268,12 +224,15 @@ check_command apt install -y \
    php"$PHPVER"-ldap \
    php"$PHPVER"-imap \
    php"$PHPVER"-gd \
-    php"$PHPVER"-pgsql \
+    php"$PHPVER"-mysql \
    php"$PHPVER"-curl \
-    php"$PHPVER"-xml \
+    php"$PHPVER"-xsl \
    php"$PHPVER"-zip \
    php"$PHPVER"-mbstring \
    php"$PHPVER"-soap \
+	php"$PHPVER"-opcache \
+	php"$PHPVER"-xml \
+	php"$PHPVER"-xmlrpc \
    php"$PHPVER"-smbclient \
    php"$PHPVER"-json \
    php"$PHPVER"-gmp \
@@ -282,55 +241,7 @@ check_command apt install -y \
    # php"$PHPVER"-imagick \
    # libmagickcore-6.q16-3-extra

-# Enable php-fpm
-a2enconf php"$PHPVER"-fpm

-# Enable HTTP/2 server wide
-print_text_in_color "$ICyan" "Enabling HTTP/2 server wide..."
-cat << HTTP2_ENABLE > "$HTTP2_CONF"
-<IfModule http2_module>
-    Protocols h2 h2c http/1.1
-    H2Direct on
-</IfModule>
-HTTP2_ENABLE
-print_text_in_color "$IGreen" "$HTTP2_CONF was successfully created"
-a2enmod http2
-restart_webserver
-
-# Set up a php-fpm pool with a unixsocket
-cat << POOL_CONF > "$PHP_POOL_DIR"/nextcloud.conf
-[Nextcloud]
-user = www-data
-group = www-data
-listen = /run/php/php"$PHPVER"-fpm.nextcloud.sock
-listen.owner = www-data
-listen.group = www-data
-pm = dynamic
-; max_children is set dynamically with calculate_php_fpm()
-pm.max_children = 8
-pm.start_servers = 3
-pm.min_spare_servers = 2
-pm.max_spare_servers = 3
-env[HOSTNAME] = $(hostname -f)
-env[PATH] = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
-env[TMP] = /tmp
-env[TMPDIR] = /tmp
-env[TEMP] = /tmp
-security.limit_extensions = .php
-php_admin_value [cgi.fix_pathinfo] = 1
-
-; Optional
-; pm.max_requests = 2000
-POOL_CONF
-
-# Disable the idling example pool.
-mv "$PHP_POOL_DIR"/www.conf "$PHP_POOL_DIR"/www.conf.backup
-
-# Enable the new php-fpm config
-restart_webserver
-
-# Calculate the values of PHP-FPM based on the amount of RAM available (it's done in the startup script as well)
-calculate_php_fpm

 # Enable SMB client # already loaded with php-smbclient
 # echo '# This enables php-smbclient' >> /etc/php/"$PHPVER"/apache2/php.ini
@@ -361,10 +272,11 @@ print_text_in_color "$ICyan" "Installing Nextcloud..."
 cd "$NCPATH"
 occ_command maintenance:install \
 --data-dir="$NCDATA" \
--database=pgsql \
--database-name=nextcloud_db \
--database-user="$NCUSER" \
--database-pass="$PGDB_PASS" \
+--database=mysql \
+--database-host=10.5.10.51 \
+--database-name=nextcloud \
+--database-user="$DB_USER" \
+--database-pass="$DB_PASS" \
 --admin-user="$NCUSER" \
 --admin-pass="$NCPASS"
 echo
@@ -435,17 +347,6 @@ sed -i "s|;emergency_restart_threshold.*|emergency_restart_threshold = 10|g" /et
 sed -i "s|;emergency_restart_interval.*|emergency_restart_interval = 1m|g" /etc/php/"$PHPVER"/fpm/php-fpm.conf
 sed -i "s|;process_control_timeout.*|process_control_timeout = 10|g" /etc/php/"$PHPVER"/fpm/php-fpm.conf

-# PostgreSQL values for PHP (https://docs.nextcloud.com/server/latest/admin_manual/configuration_database/linux_database_configuration.html#postgresql-database)
-{
-echo ""
-echo "[PostgresSQL]"
-echo "pgsql.allow_persistent = On"
-echo "pgsql.auto_reset_persistent = Off"
-echo "pgsql.max_persistent = -1"
-echo "pgsql.max_links = -1"
-echo "pgsql.ignore_notice = 0"
-echo "pgsql.log_notice = 0"
-} >> "$PHP_FPM_DIR"/conf.d/20-pdo_pgsql.ini

 # Install Redis (distrubuted cache)
 run_static_script redis-server-ubuntu
@@ -509,144 +410,6 @@ occ_command db:add-missing-indices
 # Install Figlet
 install_if_not figlet

-# To be able to use snakeoil certs
-install_if_not ssl-cert
-
-# Generate $HTTP_CONF
-if [ ! -f $HTTP_CONF ]
-then
-    touch "$HTTP_CONF"
-    cat << HTTP_CREATE > "$HTTP_CONF"
-<VirtualHost *:80>
-
-### YOUR SERVER ADDRESS ###
-#    ServerAdmin admin@example.com
-#    ServerName example.com
-#    ServerAlias subdomain.example.com
-
-### SETTINGS ###
-    <FilesMatch "\.php$">
-        SetHandler "proxy:unix:/run/php/php$PHPVER-fpm.nextcloud.sock|fcgi://localhost"
-    </FilesMatch>
-
-    DocumentRoot $NCPATH
-
-    <Directory $NCPATH>
-    Options Indexes FollowSymLinks
-    AllowOverride All
-    Require all granted
-    Satisfy Any
-    </Directory>
-
-    <IfModule mod_dav.c>
-    Dav off
-    </IfModule>
-
-    <Directory "$NCDATA">
-    # just in case if .htaccess gets disabled
-    Require all denied
-    </Directory>
-    
-    # The following lines prevent .htaccess and .htpasswd files from being
-    # viewed by Web clients.
-    <Files ".ht*">
-    Require all denied
-    </Files>
-    
-    # Disable HTTP TRACE method.
-    TraceEnable off
-
-    # Disable HTTP TRACK method.
-    RewriteEngine On
-    RewriteCond %{REQUEST_METHOD} ^TRACK
-    RewriteRule .* - [R=405,L]
-
-    SetEnv HOME $NCPATH
-    SetEnv HTTP_HOME $NCPATH
-    
-    # Avoid "Sabre\DAV\Exception\BadRequest: expected filesize XXXX got XXXX"
-    <IfModule mod_reqtimeout.c>
-    RequestReadTimeout body=0
-    </IfModule>
-    
-</VirtualHost>
-HTTP_CREATE
-    print_text_in_color "$IGreen" "$HTTP_CONF was successfully created."
-fi
-
-# Generate $SSL_CONF
-if [ ! -f $SSL_CONF ]
-then
-    touch "$SSL_CONF"
-    cat << SSL_CREATE > "$SSL_CONF"
-<VirtualHost *:443>
-    Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
-    SSLEngine on
-
-### YOUR SERVER ADDRESS ###
-#    ServerAdmin admin@example.com
-#    ServerName example.com
-#    ServerAlias subdomain.example.com
-
-### SETTINGS ###
-    <FilesMatch "\.php$">
-        SetHandler "proxy:unix:/run/php/php$PHPVER-fpm.nextcloud.sock|fcgi://localhost"
-    </FilesMatch>
-
-    DocumentRoot $NCPATH
-
-    <Directory $NCPATH>
-    Options Indexes FollowSymLinks
-    AllowOverride All
-    Require all granted
-    Satisfy Any
-    </Directory>
-
-    <IfModule mod_dav.c>
-    Dav off
-    </IfModule>
-
-    <Directory "$NCDATA">
-    # just in case if .htaccess gets disabled
-    Require all denied
-    </Directory>
-    
-    # The following lines prevent .htaccess and .htpasswd files from being
-    # viewed by Web clients.
-    <Files ".ht*">
-    Require all denied
-    </Files>
-    
-    # Disable HTTP TRACE method.
-    TraceEnable off
-
-    # Disable HTTP TRACK method.
-    RewriteEngine On
-    RewriteCond %{REQUEST_METHOD} ^TRACK
-    RewriteRule .* - [R=405,L]
-
-    SetEnv HOME $NCPATH
-    SetEnv HTTP_HOME $NCPATH
-    
-    # Avoid "Sabre\DAV\Exception\BadRequest: expected filesize XXXX got XXXX"
-    <IfModule mod_reqtimeout.c>
-    RequestReadTimeout body=0
-    </IfModule>
-
-### LOCATION OF CERT FILES ###
-    SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
-    SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
-</VirtualHost>
-SSL_CREATE
-    print_text_in_color "$IGreen" "$SSL_CONF was successfully created."
-fi
-
-# Enable new config
-a2ensite nextcloud_ssl_domain_self_signed.conf
-a2ensite nextcloud_http_domain_self_signed.conf
-a2dissite default-ssl
-restart_webserver
-
 whiptail --title "Install apps or software" --checklist --separate-output "Automatically configure and install selected apps or software\nDeselect by pressing the spacebar" "$WT_HEIGHT" "$WT_WIDTH" 4 \
 "Calendar" "            " on \
 "Contacts" "            " on \