voltron/Nextcloud-Install
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
ff77cf26f5a400ab3b1e2621e0709f45622a1981
Nextcloud-Install/nextcloud_install_production.sh
David Schroeder ff77cf26f5 v1
2019-11-14 20:26:32 -06:00

530 lines
16 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# T&M Hansson IT AB © - 2019, https://www.hanssonit.se/
# Prefer IPv4
sed -i "s|#precedence ::ffff:0:0/96 100|precedence ::ffff:0:0/96 100|g" /etc/gai.conf
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
. <(curl -sL https://git.schroedercity.com/voltron/Nextcloud-Install/raw/branch/master/lib.sh)
# Check if dpkg or apt is running
is_process_running apt
is_process_running dpkg
# Install curl if not existing
if [ "$(dpkg-query -W -f='${Status}' "curl" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
print_text_in_color "$IGreen" "curl OK"
else
apt update -q4 & spinner_loading
apt install curl -y
fi
# Install lshw if not existing
if [ "$(dpkg-query -W -f='${Status}' "lshw" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
print_text_in_color "$IGreen" "lshw OK"
else
apt update -q4 & spinner_loading
apt install lshw -y
fi
# Install net-tools if not existing
if [ "$(dpkg-query -W -f='${Status}' "net-tools" 2>/dev/null | grep -c "ok installed")" == "1" ]
then
print_text_in_color "$IGreen" "net-tools OK"
else
apt update -q4 & spinner_loading
apt install net-tools -y
fi
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
FIRST_IFACE=1 && CHECK_CURRENT_REPO=1 . <(curl -sL https://git.schroedercity.com/voltron/Nextcloud-Install/raw/branch/master/lib.sh)
unset FIRST_IFACE
unset CHECK_CURRENT_REPO
# Check for errors + debug code and abort if something isn't right
# 1 = ON
# 0 = OFF
DEBUG=0
debug_mode
# Check if root
root_check
# Set keyboard layout
if [ "$KEYBOARD_LAYOUT" != "se" ]
then
print_text_in_color "$ICyan" "Current keyboard layout is $KEYBOARD_LAYOUT"
if [[ "no" == $(ask_yes_or_no "Do you want to change keyboard layout?") ]]
then
print_text_in_color "$ICyan" "Not changing keyboard layout..."
sleep 1
else
dpkg-reconfigure keyboard-configuration
msg_box "The server will now be rebooted to apply the new keyboard settings. Please run this script again once rebooted."
reboot
fi
fi
# Set locales
KEYBOARD_LAYOUT=$(localectl status | grep "Layout" | awk '{print $3}')
install_if_not language-pack-en-base
if [ "$KEYBOARD_LAYOUT" = "se" ]
then
sudo locale-gen "sv_SE.UTF-8" && sudo dpkg-reconfigure --frontend=noninteractive locales
elif [ "$KEYBOARD_LAYOUT" = "de" ]
then
sudo locale-gen "de_DE.UTF-8" && sudo dpkg-reconfigure --frontend=noninteractive locales
else
sudo locale-gen "en_US.UTF-8" && sudo dpkg-reconfigure --frontend=noninteractive locales
fi
# Test RAM size (2GB min) + CPUs (min 1)
ram_check 2 Nextcloud
cpu_check 1 Nextcloud
# Create new current user
download_static_script adduser
bash $SCRIPTS/adduser.sh "nextcloud_install_production.sh"
rm -f $SCRIPTS/adduser.sh
# Check distribution and version
check_distro_version
check_universe
check_multiverse
# Check if key is available
if ! site_200 "$NCREPO"
then
msg_box "Nextcloud repo is not available, exiting..."
exit 1
fi
# Check if it's a clean server
stop_if_installed postgresql
stop_if_installed apache2
stop_if_installed php
stop_if_installed php-fpm
stop_if_installed php"$PHPVER"-fpm
stop_if_installed php7.0-fpm
stop_if_installed php7.1-fpm
stop_if_installed php7.3-fpm
stop_if_installed mysql-common
stop_if_installed mariadb-server
# Create $SCRIPTS dir
if [ ! -d "$SCRIPTS" ]
then
mkdir -p "$SCRIPTS"
fi
# Create $VMLOGS dir
if [ ! -d "$VMLOGS" ]
then
mkdir -p "$VMLOGS"
fi
# Install needed network
install_if_not netplan.io
install_if_not network-manager
# Install build-essentials to get make
install_if_not build-essential
# Set dual or single drive setup
msg_box "This VM is designed to run with two disks, one for OS and one for DATA. This will get you the best performance since the second disk is using ZFS which is a superior filesystem.
You could still choose to only run on one disk though, which is not recommended, but maybe your only option depending on which hypervisor you are running.
You will now get the option to decide which disk you want to use for DATA, or run the automatic script that will choose the available disk automatically."
whiptail --title "Choose disk format" --radiolist --separate-output "How would you like to configure your disks?\nSelect by pressing the spacebar and ENTER" "$WT_HEIGHT" "$WT_WIDTH" 4 \
"2 Disks Auto" "(Automatically configured) " on \
"2 Disks Auto NUC Server" "(Nextcloud Home/SME Server, /dev/sda) " off \
"2 Disks Manual" "(Choose by yourself) " off \
"1 Disk" "(Only use one disk /mnt/ncdata - NO ZFS!) " off 2>results
choice=$(< results)
case "$choice" in
"2 Disks Auto")
run_static_script format-sdb
;;
"2 Disks Auto NUC Server")
run_static_script format-sda-nuc-server
;;
"2 Disks Manual")
run_static_script format-chosen
;;
"1 Disk")
print_text_in_color "$IRed" "1 Disk setup chosen."
sleep 2
;;
*)
;;
esac
# Set DNS resolver
whiptail --title "Set DNS Resolver" --radiolist --separate-output "Which DNS provider should this Nextcloud box use?\nSelect by pressing the spacebar and ENTER" "$WT_HEIGHT" "$WT_WIDTH" 4 \
"Quad9" "(https://www.quad9.net/) " on \
"Cloudflare" "(https://www.cloudflare.com/dns/) " off \
"Local" "($GATEWAY + 149.112.112.112) " off 2>results
choice=$(< results)
case "$choice" in
Quad9)
sed -i "s|#DNS=.*|DNS=9.9.9.9 2620:fe::fe|g" /etc/systemd/resolved.conf
sed -i "s|#FallbackDNS=.*|FallbackDNS=149.112.112.112 2620:fe::9|g" /etc/systemd/resolved.conf
;;
Cloudflare)
sed -i "s|#DNS=.*|DNS=1.1.1.1 2606:4700:4700::1111|g" /etc/systemd/resolved.conf
sed -i "s|#FallbackDNS=.*|FallbackDNS=1.0.0.1 2606:4700:4700::1001|g" /etc/systemd/resolved.conf
;;
Local)
sed -i "s|#DNS=.*|DNS=$GATEWAY|g" /etc/systemd/resolved.conf
sed -i "s|#FallbackDNS=.*|FallbackDNS=149.112.112.112 2620:fe::9|g" /etc/systemd/resolved.conf
;;
*)
;;
esac
check_command systemctl restart network-manager.service
network_ok
# Check where the best mirrors are and update
echo
printf "Your current server repository is: ${ICyan}%s${Color_Off}\n" "$REPO"
if [[ "no" == $(ask_yes_or_no "Do you want to try to find a better mirror?") ]]
then
print_text_in_color "$ICyan" "Keeping $REPO as mirror..."
sleep 1
else
print_text_in_color "$ICyan" "Locating the best mirrors..."
apt update -q4 & spinner_loading
apt install python-pip -y
pip install \
--upgrade pip \
apt-select
apt-select -m up-to-date -t 5 -c
sudo cp /etc/apt/sources.list /etc/apt/sources.list.backup && \
if [ -f sources.list ]
then
sudo mv sources.list /etc/apt/
fi
fi
# Install PHP "$PHPVER"
apt update -q4 & spinner_loading
check_command apt install -y \
php"$PHPVER"-fpm \
php"$PHPVER"-intl \
php"$PHPVER"-ldap \
php"$PHPVER"-imap \
php"$PHPVER"-gd \
php"$PHPVER"-mysql \
php"$PHPVER"-curl \
php"$PHPVER"-xsl \
php"$PHPVER"-zip \
php"$PHPVER"-mbstring \
php"$PHPVER"-soap \
php"$PHPVER"-opcache \
php"$PHPVER"-xml \
php"$PHPVER"-xmlrpc \
php"$PHPVER"-smbclient \
php"$PHPVER"-json \
php"$PHPVER"-gmp \
php"$PHPVER"-bz2 \
php-pear
# php"$PHPVER"-imagick \
# libmagickcore-6.q16-3-extra
# Enable SMB client # already loaded with php-smbclient
# echo '# This enables php-smbclient' >> /etc/php/"$PHPVER"/apache2/php.ini
# echo 'extension="smbclient.so"' >> /etc/php/"$PHPVER"/apache2/php.ini
# Install VM-tools
install_if_not open-vm-tools
# Download and validate Nextcloud package
check_command download_verify_nextcloud_stable
if [ ! -f "$HTML/$STABLEVERSION.tar.bz2" ]
then
msg_box "Aborting,something went wrong with the download of $STABLEVERSION.tar.bz2"
exit 1
fi
# Extract package
tar -xjf "$HTML/$STABLEVERSION.tar.bz2" -C "$HTML" & spinner_loading
rm "$HTML/$STABLEVERSION.tar.bz2"
# Secure permissions
download_static_script setup_secure_permissions_nextcloud
bash $SECURE & spinner_loading
# Install Nextcloud
print_text_in_color "$ICyan" "Installing Nextcloud..."
cd "$NCPATH"
occ_command maintenance:install \
--data-dir="$NCDATA" \
--database=mysql \
--database-host=10.5.10.51 \
--database-name=nextcloud \
--database-user="$DB_USER" \
--database-pass="$DB_PASS" \
--admin-user="$NCUSER" \
--admin-pass="$NCPASS"
echo
print_text_in_color "$ICyan" "Nextcloud version:"
occ_command status
sleep 3
echo
# Prepare cron.php to be run every 15 minutes
crontab -u www-data -l | { cat; echo "*/5 * * * * php -f $NCPATH/cron.php > /dev/null 2>&1"; } | crontab -u www-data -
# Change values in php.ini (increase max file size)
# max_execution_time
sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" "$PHP_INI"
# max_input_time
sed -i "s|max_input_time =.*|max_input_time = 3600|g" "$PHP_INI"
# memory_limit
sed -i "s|memory_limit =.*|memory_limit = 512M|g" "$PHP_INI"
# post_max
sed -i "s|post_max_size =.*|post_max_size = 1100M|g" "$PHP_INI"
# upload_max
sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1000M|g" "$PHP_INI"
# Set loggging
occ_command config:system:set log_type --value=file
occ_command config:system:set logfile --value="$VMLOGS/nextcloud.log"
rm -f "$NCDATA/nextcloud.log"
occ_command config:system:set loglevel --value=2
occ_command config:app:set admin_audit logfile --value="$VMLOGS/audit.log"
install_and_enable_app admin_audit
# Set SMTP mail
occ_command config:system:set mail_smtpmode --value="smtp"
# Forget login/session after 30 minutes
occ_command config:system:set remember_login_cookie_lifetime --value="1800"
# Set logrotate (max 10 MB)
occ_command config:system:set log_rotate_size --value="10485760"
# Set trashbin retention obligation (save it in trahbin for 6 months or delete when space is needed)
occ_command config:system:set trashbin_retention_obligation --value="auto, 180"
# Set versions retention obligation (save versions for 12 months or delete when space is needed)
occ_command config:system:set versions_retention_obligation --value="auto, 365"
# Remove simple signup
occ_command config:system:set simpleSignUpLink.shown --value="false"
# Enable OPCache for PHP
# https://docs.nextcloud.com/server/14/admin_manual/configuration_server/server_tuning.html#enable-php-opcache
phpenmod opcache
{
echo "# OPcache settings for Nextcloud"
echo "opcache.enable=1"
echo "opcache.enable_cli=1"
echo "opcache.interned_strings_buffer=8"
echo "opcache.max_accelerated_files=10000"
echo "opcache.memory_consumption=256"
echo "opcache.save_comments=1"
echo "opcache.revalidate_freq=1"
echo "opcache.validate_timestamps=1"
} >> "$PHP_INI"
# PHP-FPM optimization
# https://geekflare.com/php-fpm-optimization/
sed -i "s|;emergency_restart_threshold.*|emergency_restart_threshold = 10|g" /etc/php/"$PHPVER"/fpm/php-fpm.conf
sed -i "s|;emergency_restart_interval.*|emergency_restart_interval = 1m|g" /etc/php/"$PHPVER"/fpm/php-fpm.conf
sed -i "s|;process_control_timeout.*|process_control_timeout = 10|g" /etc/php/"$PHPVER"/fpm/php-fpm.conf
# Install Redis (distrubuted cache)
run_static_script redis-server-ubuntu
# Enable igbinary for PHP
# https://github.com/igbinary/igbinary
if is_this_installed "php$PHPVER"-dev
then
if ! yes no | pecl install -Z igbinary
then
msg_box "igbinary PHP module installation failed"
exit
else
print_text_in_color "$IGreen" "igbinary PHP module installation OK!"
fi
{
echo "# igbinary for PHP"
echo "extension=igbinary.so"
echo "session.serialize_handler=igbinary"
echo "igbinary.compact_strings=On"
} >> "$PHP_INI"
restart_webserver
fi
# APCu (local cache)
if is_this_installed "php$PHPVER"-dev
then
if ! yes no | pecl install -Z apcu
then
msg_box "APCu PHP module installation failed"
exit
else
print_text_in_color "$IGreen" "APCu PHP module installation OK!"
fi
{
echo "# APCu settings for Nextcloud"
echo "extension=apcu.so"
echo "apc.enabled=1"
echo "apc.max_file_size=5M"
echo "apc.shm_segments=1"
echo "apc.shm_size=128M"
echo "apc.entries_hint=4096"
echo "apc.ttl=3600"
echo "apc.gc_ttl=7200"
echo "apc.mmap_file_mask=NULL"
echo "apc.slam_defense=1"
echo "apc.enable_cli=1"
echo "apc.use_request_time=1"
echo "apc.serializer=igbinary"
echo "apc.coredump_unmap=0"
echo "apc.preload_path"
} >> "$PHP_INI"
restart_webserver
fi
# Fix https://github.com/nextcloud/vm/issues/714
print_text_in_color "$ICyan" "Optimizing Nextcloud..."
yes | occ_command db:convert-filecache-bigint
occ_command db:add-missing-indices
# Install Figlet
install_if_not figlet
whiptail --title "Install apps or software" --checklist --separate-output "Automatically configure and install selected apps or software\nDeselect by pressing the spacebar" "$WT_HEIGHT" "$WT_WIDTH" 4 \
"Calendar" " " on \
"Contacts" " " on \
"IssueTemplate" " " on \
"PDFViewer" " " on \
"Extract" " " on \
"Text" " " on \
"Mail" " " on \
"Webmin" " " on 2>results
while read -r -u 9 choice
do
case "$choice" in
Calendar)
install_and_enable_app calendar
;;
Contacts)
install_and_enable_app contacts
;;
IssueTemplate)
install_and_enable_app issuetemplate
;;
PDFViewer)
install_and_enable_app files_pdfviewer
;;
Extract)
if install_and_enable_app extract
then
install_if_not unrar
install_if_not p7zip
install_if_not p7zip-full
fi
;;
Text)
install_and_enable_app text
;;
Mail)
install_and_enable_app mail
;;
Webmin)
run_app_script webmin
;;
*)
;;
esac
done 9< results
rm -f results
# Get needed scripts for first bootup
check_command curl_to_dir "$GITHUB_REPO" nextcloud-startup-script.sh "$SCRIPTS"
check_command curl_to_dir "$GITHUB_REPO" lib.sh "$SCRIPTS"
download_static_script instruction
download_static_script history
download_static_script static_ip
if home_sme_server
then
# Change nextcloud-startup-script.sh
check_command sed -i "s|VM|Home/SME Server|g" $SCRIPTS/nextcloud-startup-script.sh
fi
# Make $SCRIPTS excutable
chmod +x -R "$SCRIPTS"
chown root:root -R "$SCRIPTS"
# Prepare first bootup
check_command run_static_script change-ncadmin-profile
check_command run_static_script change-root-profile
# Upgrade
apt update -q4 & spinner_loading
apt dist-upgrade -y
# Remove LXD (always shows up as failed during boot)
apt purge lxd -y
# Cleanup
apt autoremove -y
apt autoclean
find /root "/home/$UNIXUSER" -type f \( -name '*.sh*' -o -name '*.html*' -o -name '*.tar*' -o -name '*.zip*' \) -delete
# Install virtual kernels for Hyper-V, and extra for UTF8 kernel module + Collabora and OnlyOffice
# Kernel 4.15
apt install -y --install-recommends \
linux-virtual \
linux-tools-virtual \
linux-cloud-tools-virtual \
linux-image-virtual \
linux-image-extra-virtual
# Add aliases
if [ -f /root/.bash_aliases ]
then
if ! grep -q "nextcloud" /root/.bash_aliases
then
{
echo "alias nextcloud_occ='sudo -u www-data php /var/www/nextcloud/occ'"
echo "alias run_update_nextcloud='bash /var/scripts/update.sh'"
} >> /root/.bash_aliases
fi
elif [ ! -f /root/.bash_aliases ]
then
{
echo "alias nextcloud_occ='sudo -u www-data php /var/www/nextcloud/occ'"
echo "alias run_update_nextcloud='bash /var/scripts/update.sh'"
} > /root/.bash_aliases
fi
# Set secure permissions final (./data/.htaccess has wrong permissions otherwise)
bash $SECURE & spinner_loading
# Force MOTD to show correct number of updates
sudo /usr/lib/update-notifier/update-motd-updates-available --force
# Reboot
print_text_in_color "$IGreen" "Installation done, system will now reboot..."
reboot
Reference in New Issue View Git Blame Copy Permalink