#!/bin/bash # T&M Hansson IT AB © - 2019, https://www.hanssonit.se/ # Prefer IPv4 sed -i "s|#precedence ::ffff:0:0/96 100|precedence ::ffff:0:0/96 100|g" /etc/gai.conf # shellcheck disable=2034,2059 true # shellcheck source=lib.sh . <(curl -sL https://git.schroedercity.com/voltron/Nextcloud-Install/raw/branch/master/lib.sh) # Check if dpkg or apt is running is_process_running apt is_process_running dpkg # Install curl if not existing if [ "$(dpkg-query -W -f='${Status}' "curl" 2>/dev/null | grep -c "ok installed")" == "1" ] then print_text_in_color "$IGreen" "curl OK" else apt update -q4 & spinner_loading apt install curl -y fi # Install lshw if not existing if [ "$(dpkg-query -W -f='${Status}' "lshw" 2>/dev/null | grep -c "ok installed")" == "1" ] then print_text_in_color "$IGreen" "lshw OK" else apt update -q4 & spinner_loading apt install lshw -y fi # Install net-tools if not existing if [ "$(dpkg-query -W -f='${Status}' "net-tools" 2>/dev/null | grep -c "ok installed")" == "1" ] then print_text_in_color "$IGreen" "net-tools OK" else apt update -q4 & spinner_loading apt install net-tools -y fi # shellcheck disable=2034,2059 true # shellcheck source=lib.sh FIRST_IFACE=1 && CHECK_CURRENT_REPO=1 . <(curl -sL https://git.schroedercity.com/voltron/Nextcloud-Install/raw/branch/master/lib.sh) unset FIRST_IFACE unset CHECK_CURRENT_REPO # Check for errors + debug code and abort if something isn't right # 1 = ON # 0 = OFF DEBUG=0 debug_mode # Check if root root_check # Set keyboard layout if [ "$KEYBOARD_LAYOUT" != "se" ] then print_text_in_color "$ICyan" "Current keyboard layout is $KEYBOARD_LAYOUT" if [[ "no" == $(ask_yes_or_no "Do you want to change keyboard layout?") ]] then print_text_in_color "$ICyan" "Not changing keyboard layout..." sleep 1 else dpkg-reconfigure keyboard-configuration msg_box "The server will now be rebooted to apply the new keyboard settings. Please run this script again once rebooted." reboot fi fi # Set locales KEYBOARD_LAYOUT=$(localectl status | grep "Layout" | awk '{print $3}') install_if_not language-pack-en-base if [ "$KEYBOARD_LAYOUT" = "se" ] then sudo locale-gen "sv_SE.UTF-8" && sudo dpkg-reconfigure --frontend=noninteractive locales elif [ "$KEYBOARD_LAYOUT" = "de" ] then sudo locale-gen "de_DE.UTF-8" && sudo dpkg-reconfigure --frontend=noninteractive locales else sudo locale-gen "en_US.UTF-8" && sudo dpkg-reconfigure --frontend=noninteractive locales fi # Test RAM size (2GB min) + CPUs (min 1) ram_check 2 Nextcloud cpu_check 1 Nextcloud # Create new current user download_static_script adduser bash $SCRIPTS/adduser.sh "nextcloud_install_production.sh" rm -f $SCRIPTS/adduser.sh # Check distribution and version check_distro_version check_universe check_multiverse # Check if key is available if ! site_200 "$NCREPO" then msg_box "Nextcloud repo is not available, exiting..." exit 1 fi # Check if it's a clean server stop_if_installed postgresql stop_if_installed apache2 stop_if_installed php stop_if_installed php-fpm stop_if_installed php"$PHPVER"-fpm stop_if_installed php7.0-fpm stop_if_installed php7.1-fpm stop_if_installed php7.3-fpm stop_if_installed mysql-common stop_if_installed mariadb-server # Create $SCRIPTS dir if [ ! -d "$SCRIPTS" ] then mkdir -p "$SCRIPTS" fi # Create $VMLOGS dir if [ ! -d "$VMLOGS" ] then mkdir -p "$VMLOGS" fi # Install needed network install_if_not netplan.io install_if_not network-manager # Install build-essentials to get make install_if_not build-essential # Set dual or single drive setup msg_box "This VM is designed to run with two disks, one for OS and one for DATA. This will get you the best performance since the second disk is using ZFS which is a superior filesystem. You could still choose to only run on one disk though, which is not recommended, but maybe your only option depending on which hypervisor you are running. You will now get the option to decide which disk you want to use for DATA, or run the automatic script that will choose the available disk automatically." whiptail --title "Choose disk format" --radiolist --separate-output "How would you like to configure your disks?\nSelect by pressing the spacebar and ENTER" "$WT_HEIGHT" "$WT_WIDTH" 4 \ "2 Disks Auto" "(Automatically configured) " on \ "2 Disks Auto NUC Server" "(Nextcloud Home/SME Server, /dev/sda) " off \ "2 Disks Manual" "(Choose by yourself) " off \ "1 Disk" "(Only use one disk /mnt/ncdata - NO ZFS!) " off 2>results choice=$(< results) case "$choice" in "2 Disks Auto") run_static_script format-sdb ;; "2 Disks Auto NUC Server") run_static_script format-sda-nuc-server ;; "2 Disks Manual") run_static_script format-chosen ;; "1 Disk") print_text_in_color "$IRed" "1 Disk setup chosen." sleep 2 ;; *) ;; esac # Check where the best mirrors are and update echo printf "Your current server repository is: ${ICyan}%s${Color_Off}\n" "$REPO" if [[ "no" == $(ask_yes_or_no "Do you want to try to find a better mirror?") ]] then print_text_in_color "$ICyan" "Keeping $REPO as mirror..." sleep 1 else print_text_in_color "$ICyan" "Locating the best mirrors..." apt update -q4 & spinner_loading apt install python-pip -y pip install \ --upgrade pip \ apt-select apt-select -m up-to-date -t 5 -c sudo cp /etc/apt/sources.list /etc/apt/sources.list.backup && \ if [ -f sources.list ] then sudo mv sources.list /etc/apt/ fi fi # Install PHP "$PHPVER" apt update -q4 & spinner_loading check_command apt install -y \ php"$PHPVER"-fpm \ php"$PHPVER"-intl \ php"$PHPVER"-ldap \ php"$PHPVER"-imap \ php"$PHPVER"-gd \ php"$PHPVER"-mysql \ php"$PHPVER"-curl \ php"$PHPVER"-xsl \ php"$PHPVER"-zip \ php"$PHPVER"-mbstring \ php"$PHPVER"-soap \ php"$PHPVER"-opcache \ php"$PHPVER"-xml \ php"$PHPVER"-xmlrpc \ php"$PHPVER"-smbclient \ php"$PHPVER"-json \ php"$PHPVER"-gmp \ php"$PHPVER"-bz2 \ php-pear # php"$PHPVER"-imagick \ # libmagickcore-6.q16-3-extra # Enable SMB client # already loaded with php-smbclient # echo '# This enables php-smbclient' >> /etc/php/"$PHPVER"/apache2/php.ini # echo 'extension="smbclient.so"' >> /etc/php/"$PHPVER"/apache2/php.ini # Install VM-tools install_if_not open-vm-tools # Download and validate Nextcloud package check_command download_verify_nextcloud_stable if [ ! -f "$HTML/$STABLEVERSION.tar.bz2" ] then msg_box "Aborting,something went wrong with the download of $STABLEVERSION.tar.bz2" exit 1 fi # Extract package tar -xjf "$HTML/$STABLEVERSION.tar.bz2" -C "$HTML" & spinner_loading rm "$HTML/$STABLEVERSION.tar.bz2" # Secure permissions download_static_script setup_secure_permissions_nextcloud bash $SECURE & spinner_loading # Install Nextcloud print_text_in_color "$ICyan" "Installing Nextcloud..." cd "$NCPATH" occ_command maintenance:install \ --data-dir="$NCDATA" \ --database=mysql \ --database-host=10.5.10.51 \ --database-name=nextcloud \ --database-user="$DB_USER" \ --database-pass="$DB_PASS" \ --admin-user="$NCUSER" \ --admin-pass="$NCPASS" echo print_text_in_color "$ICyan" "Nextcloud version:" occ_command status sleep 3 echo # Prepare cron.php to be run every 15 minutes crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NCPATH/cron.php > /dev/null 2>&1"; } | crontab -u www-data - # Change values in php.ini (increase max file size) # max_execution_time sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI" # max_input_time sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI" # memory_limit sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI" # post_max sed -i "s|post_max_size =.*|post_max_size = 1100M|g" "$PHP_INI" # upload_max sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1000M|g" "$PHP_INI" # Set loggging occ_command config:system:set log_type --value=file occ_command config:system:set logfile --value="$VMLOGS/nextcloud.log" rm -f "$NCDATA/nextcloud.log" occ_command config:system:set loglevel --value=2 occ_command config:app:set admin_audit logfile --value="$VMLOGS/audit.log" install_and_enable_app admin_audit # Set SMTP mail occ_command config:system:set mail_smtpmode --value="smtp" # Forget login/session after 30 minutes occ_command config:system:set remember_login_cookie_lifetime --value="1800" # Set logrotate (max 10 MB) occ_command config:system:set log_rotate_size --value="10485760" # Set trashbin retention obligation (save it in trahbin for 6 months or delete when space is needed) occ_command config:system:set trashbin_retention_obligation --value="auto, 180" # Set versions retention obligation (save versions for 12 months or delete when space is needed) occ_command config:system:set versions_retention_obligation --value="auto, 365" # Remove simple signup occ_command config:system:set simpleSignUpLink.shown --value="false" # Enable OPCache for PHP # https://docs.nextcloud.com/server/14/admin_manual/configuration_server/server_tuning.html#enable-php-opcache phpenmod opcache { echo "# OPcache settings for Nextcloud" echo "opcache.enable=1" echo "opcache.enable_cli=1" echo "opcache.interned_strings_buffer=8" echo "opcache.max_accelerated_files=10000" echo "opcache.memory_consumption=256" echo "opcache.save_comments=1" echo "opcache.revalidate_freq=1" echo "opcache.validate_timestamps=1" } >> "$PHP_INI" # PHP-FPM optimization # https://geekflare.com/php-fpm-optimization/ sed -i "s|;emergency_restart_threshold.*|emergency_restart_threshold = 10|g" /etc/php/"$PHPVER"/fpm/php-fpm.conf sed -i "s|;emergency_restart_interval.*|emergency_restart_interval = 1m|g" /etc/php/"$PHPVER"/fpm/php-fpm.conf sed -i "s|;process_control_timeout.*|process_control_timeout = 10|g" /etc/php/"$PHPVER"/fpm/php-fpm.conf # Install Redis (distrubuted cache) run_static_script redis-server-ubuntu # Enable igbinary for PHP # https://github.com/igbinary/igbinary if is_this_installed "php$PHPVER"-dev then if ! yes no | pecl install -Z igbinary then msg_box "igbinary PHP module installation failed" exit else print_text_in_color "$IGreen" "igbinary PHP module installation OK!" fi { echo "# igbinary for PHP" echo "extension=igbinary.so" echo "session.serialize_handler=igbinary" echo "igbinary.compact_strings=On" } >> "$PHP_INI" restart_webserver fi # APCu (local cache) if is_this_installed "php$PHPVER"-dev then if ! yes no | pecl install -Z apcu then msg_box "APCu PHP module installation failed" exit else print_text_in_color "$IGreen" "APCu PHP module installation OK!" fi { echo "# APCu settings for Nextcloud" echo "extension=apcu.so" echo "apc.enabled=1" echo "apc.max_file_size=5M" echo "apc.shm_segments=1" echo "apc.shm_size=128M" echo "apc.entries_hint=4096" echo "apc.ttl=3600" echo "apc.gc_ttl=7200" echo "apc.mmap_file_mask=NULL" echo "apc.slam_defense=1" echo "apc.enable_cli=1" echo "apc.use_request_time=1" echo "apc.serializer=igbinary" echo "apc.coredump_unmap=0" echo "apc.preload_path" } >> "$PHP_INI" restart_webserver fi # Fix https://github.com/nextcloud/vm/issues/714 print_text_in_color "$ICyan" "Optimizing Nextcloud..." yes | occ_command db:convert-filecache-bigint occ_command db:add-missing-indices # Install Figlet install_if_not figlet whiptail --title "Install apps or software" --checklist --separate-output "Automatically configure and install selected apps or software\nDeselect by pressing the spacebar" "$WT_HEIGHT" "$WT_WIDTH" 4 \ "Calendar" " " on \ "Contacts" " " on \ "IssueTemplate" " " on \ "PDFViewer" " " on \ "Extract" " " on \ "Text" " " on \ "Mail" " " on \ "Webmin" " " on 2>results while read -r -u 9 choice do case "$choice" in Calendar) install_and_enable_app calendar ;; Contacts) install_and_enable_app contacts ;; IssueTemplate) install_and_enable_app issuetemplate ;; PDFViewer) install_and_enable_app files_pdfviewer ;; Extract) if install_and_enable_app extract then install_if_not unrar install_if_not p7zip install_if_not p7zip-full fi ;; Text) install_and_enable_app text ;; Mail) install_and_enable_app mail ;; Webmin) run_app_script webmin ;; *) ;; esac done 9< results rm -f results # Get needed scripts for first bootup check_command curl_to_dir "$GITHUB_REPO" nextcloud-startup-script.sh "$SCRIPTS" check_command curl_to_dir "$GITHUB_REPO" lib.sh "$SCRIPTS" download_static_script instruction download_static_script history download_static_script static_ip if home_sme_server then # Change nextcloud-startup-script.sh check_command sed -i "s|VM|Home/SME Server|g" $SCRIPTS/nextcloud-startup-script.sh fi # Make $SCRIPTS excutable chmod +x -R "$SCRIPTS" chown root:root -R "$SCRIPTS" # Prepare first bootup check_command run_static_script change-ncadmin-profile check_command run_static_script change-root-profile # Upgrade apt update -q4 & spinner_loading apt dist-upgrade -y # Remove LXD (always shows up as failed during boot) apt purge lxd -y # Cleanup apt autoremove -y apt autoclean find /root "/home/$UNIXUSER" -type f \( -name '*.sh*' -o -name '*.html*' -o -name '*.tar*' -o -name '*.zip*' \) -delete # Install virtual kernels for Hyper-V, and extra for UTF8 kernel module + Collabora and OnlyOffice # Kernel 4.15 apt install -y --install-recommends \ linux-virtual \ linux-tools-virtual \ linux-cloud-tools-virtual \ linux-image-virtual \ linux-image-extra-virtual # Add aliases if [ -f /root/.bash_aliases ] then if ! grep -q "nextcloud" /root/.bash_aliases then { echo "alias nextcloud_occ='sudo -u www-data php /var/www/nextcloud/occ'" echo "alias run_update_nextcloud='bash /var/scripts/update.sh'" } >> /root/.bash_aliases fi elif [ ! -f /root/.bash_aliases ] then { echo "alias nextcloud_occ='sudo -u www-data php /var/www/nextcloud/occ'" echo "alias run_update_nextcloud='bash /var/scripts/update.sh'" } > /root/.bash_aliases fi # Set secure permissions final (./data/.htaccess has wrong permissions otherwise) bash $SECURE & spinner_loading # Force MOTD to show correct number of updates sudo /usr/lib/update-notifier/update-motd-updates-available --force # Reboot print_text_in_color "$IGreen" "Installation done, system will now reboot..." reboot