nick
/
Proxmox_Scripts
mirror of https://github.com/tteck/Proxmox.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update alpine-nextcloud-install.sh 

code refactoring
This commit is contained in:
tteckster 2023-09-29 18:32:43 -04:00 committed by GitHub
parent 7af2bda039
commit 1f63d49e42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
install/alpine-nextcloud-install.sh
View File

@ -21,7 +21,6 @@ $STD apk add openssh
$STD apk add nano
$STD apk add mc
$STD apk add nginx
echo -e "export VISUAL=nano\nexport EDITOR=nano" >>/etc/profile
msg_ok "Installed Dependencies"
msg_info "Installing PHP/Redis"
@ -30,57 +29,35 @@ $STD apk add php82-redis
$STD apk add php82-apcu
$STD apk add php82-fpm
$STD apk add php82-sysvsem
$STD apk add php82-pecl-imagick
$STD apk add php82-pecl-smbclient
$STD apk add php82-pecl-imagick
$STD apk add php82-exif
$STD apk add redis
sed -i -e 's|;opcache.enable=1|opcache.enable=1|' /etc/php82/php.ini
sed -i -e 's|;opcache.enable_cli=1|opcache.enable_cli=1|' /etc/php82/php.ini
sed -i -e 's|;opcache.interned_strings_buffer=8|opcache.interned_strings_buffer=16|' /etc/php82/php.ini
sed -i -e 's|;opcache.max_accelerated_files=10000|opcache.max_accelerated_files=10000|' /etc/php82/php.ini
sed -i -e 's|;opcache.memory_consumption=128|opcache.memory_consumption=256|' /etc/php82/php.ini
sed -i -e 's|;opcache.save_comments=1|opcache.save_comments=1|' /etc/php82/php.ini
sed -i -e 's|;opcache.revalidate_freq=1|opcache.revalidate_freq=1|' /etc/php82/php.ini
$STD rc-update add redis
$STD rc-service redis start
msg_ok "Installed PHP/Redis"
msg_info "Creating Credentials"
msg_info "Installing MySQL Database"
DB_NAME=nextcloud
DB_USER=nextcloud
DB_PASS="$(openssl rand -base64 18 | cut -c1-13)"
ROOT_PASS="$(openssl rand -base64 18 | cut -c1-13)"
ADMIN_USER=ncAdmin
ADMIN_PASS="$(openssl rand -base64 18 | cut -c1-13)"
echo "" >>~/nextcloud.creds
echo -e "MySQL Admin Password: \e[32m$ROOT_PASS\e[0m" >>~/nextcloud.creds
echo -e "MySQL Admin Password: \e[32m$ADMIN_PASS\e[0m" >>~/nextcloud.creds
echo -e "Nextcloud Database Username: \e[32m$DB_USER\e[0m" >>~/nextcloud.creds
echo -e "Nextcloud Database Password: \e[32m$DB_PASS\e[0m" >>~/nextcloud.creds
echo -e "Nextcloud Database Name: \e[32m$DB_NAME\e[0m" >>~/nextcloud.creds
echo "" >>~/nextcloud.creds
echo -e "Nextcloud Admin Username: \e[32m$ADMIN_USER\e[0m" >>~/nextcloud.creds
echo -e "Nextcloud Admin Password: \e[32m$ADMIN_PASS\e[0m (Initially enter twice)" >>~/nextcloud.creds
msg_ok "Created Credentials"
msg_info "Installing MySQL Database"
$STD apk add nextcloud-mysql mariadb mariadb-client
$STD mysql_install_db --user=mysql --datadir=/var/lib/mysql
$STD service mariadb start
$STD rc-update add mariadb
mysql -uroot -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '$ROOT_PASS' WITH GRANT OPTION;FLUSH PRIVILEGES;"
mysql -uroot -p$ROOT_PASS -e "DELETE FROM mysql.user WHERE User='';"
mysql -uroot -p$ROOT_PASS -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
mysql -uroot -p$ROOT_PASS -e "DROP DATABASE test;"
mysql -uroot -p$ROOT_PASS -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
mysql -uroot -p$ROOT_PASS -e "CREATE DATABASE $DB_NAME;"
mysql -uroot -p$ROOT_PASS -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';"
mysql -uroot -p$ROOT_PASS -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost.localdomain' IDENTIFIED BY '$DB_PASS';"
mysql -uroot -p$ROOT_PASS -e "FLUSH PRIVILEGES;"
mysql -uroot -p"$ADMIN_PASS" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '$ADMIN_PASS' WITH GRANT OPTION; DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); DROP DATABASE test; DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'; CREATE DATABASE $DB_NAME; GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS'; GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost.localdomain' IDENTIFIED BY '$DB_PASS'; FLUSH PRIVILEGES;"
$STD apk del mariadb-client
msg_ok "Installed MySQL Database"
msg_info "Installing Nextcloud"
ADMIN_USER=ncAdmin
echo "" >>~/nextcloud.creds
echo -e "Nextcloud Admin Username: \e[32m$ADMIN_USER\e[0m" >>~/nextcloud.creds
echo -e "Nextcloud Admin Password: \e[32m$ADMIN_PASS\e[0m (Initially enter twice)" >>~/nextcloud.creds
$STD apk add nextcloud-initscript
$STD openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nextcloud-selfsigned.key -out /etc/ssl/certs/nextcloud-selfsigned.crt -subj "/C=US/O=Nextcloud/OU=Domain Control Validated/CN=nextcloud.local"
cat <<'EOF' >/usr/share/webapps/nextcloud/config/config.php
@ -91,13 +68,11 @@ $CONFIG = array (
'logdateformat' => 'F d, Y H:i:s',
'log_rotate_size' => 104857600,
'apps_paths' => array (
// Read-only location for apps shipped with Nextcloud and installed by apk.
0 => array (
'path' => '/usr/share/webapps/nextcloud/apps',
'url' => '/apps',
'writable' => false,
),
// Writable location for apps installed from AppStore.
1 => array (
'path' => '/var/lib/nextcloud/apps',
'url' => '/apps-appstore',
@ -106,14 +81,7 @@ $CONFIG = array (
),
'updatechecker' => false,
'check_for_working_htaccess' => false,
// Uncomment to enable Zend OPcache.
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.distributed' => '\\OC\\Memcache\\Redis',
// Uncomment this and add user nextcloud to the redis group to enable Redis
// cache for file locking. This is highly recommended, see
// https://github.com/nextcloud/server/issues/9305.
'memcache.local' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' => array(
'host' => 'localhost',
@ -124,7 +92,7 @@ $CONFIG = array (
'installed' => false,
);
EOF
rm /etc/nginx/http.d/default.conf
rm -rf /etc/nginx/http.d/default.conf
cat <<'EOF' >/etc/nginx/http.d/nextcloud.conf
server {
listen [::]:80;
@ -132,59 +100,38 @@ server {
return 301 https://$host$request_uri;
server_name localhost;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name localhost;
root /usr/share/webapps/nextcloud;
index index.php index.html index.htm;
disable_symlinks off;
ssl_certificate /etc/ssl/certs/nextcloud-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nextcloud-selfsigned.key;
ssl_session_timeout 5m;
#Enable Perfect Forward Secrecy and ciphers without known vulnerabilities
#Beware! It breaks compatibility with older OS and browsers (e.g. Windows XP, Android 2.x, etc.)
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA;
ssl_prefer_server_ciphers on;
location / {
try_files $uri $uri/ /index.html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
#fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/run/php-fpm/socket;
fastcgi_pass unix:/run/nextcloud/fastcgi.sock; # From the nextcloud-initscript package
fastcgi_index index.php;
include fastcgi.conf;
}
# Help pass nextcloud's configuration checks after install:
# Per https://docs.nextcloud.com/server/22/admin_manual/issues/general_troubleshooting.html#service-discovery
location ^~ /.well-known/carddav { return 301 /remote.php/dav/; }
location ^~ /.well-known/caldav { return 301 /remote.php/dav/; }
location ^~ /.well-known/webfinger { return 301 /index.php/.well-known/webfinger; }
location ^~ /.well-known/nodeinfo { return 301 /index.php/.well-known/nodeinfo; }
}
EOF
sed -i -e 's|memory_limit = 128M|memory_limit = 512M|; $aapc.enable_cli=1' /etc/php82/php.ini
sed -i -E '/^php_admin_(flag|value)\[opcache/s/^/;/' /etc/php82/php-fpm.d/nextcloud.conf
sed -i -e 's|client_max_body_size 1m;|client_max_body_size 5120m;|' /etc/nginx/nginx.conf
sed -i -e 's|php_admin_value\[memory_limit\] = 512M|php_admin_value\[memory_limit\] = 5120M|' /etc/php82/php-fpm.d/nextcloud.conf
sed -i -e 's|php_admin_value\[post_max_size\] = 513M|php_admin_value\[post_max_size\] = 5121M|' /etc/php82/php-fpm.d/nextcloud.conf
sed -i -e 's|php_admin_value\[upload_max_filesize\] = 513M|php_admin_value\[upload_max_filesize\] = 5121M|' /etc/php82/php-fpm.d/nextcloud.conf
sed -i -e 's|upload_max_filesize = 513M|upload_max_filesize = 5121M|' /etc/php82/php.ini
sed -i -e 's|memory_limit = 128M|memory_limit = 512M|' /etc/php82/php.ini
sed -i -e '$aapc.enable_cli=1' /etc/php82/php.ini
msg_ok "Installed Nextcloud"
msg_info "Adding Additional Nextcloud Packages"
@ -210,6 +157,8 @@ $STD apk add nextcloud-weather_status
msg_ok "Added Additional Nextcloud Packages"
msg_info "Starting Services"
$STD rc-service redis start
$STD rc-update add redis default
$STD rc-service php-fpm82 start
chown -R nextcloud:www-data /var/log/nextcloud/
$STD rc-service php-fpm82 restart
@ -220,6 +169,7 @@ $STD rc-update add nextcloud default
msg_ok "Started Services"
msg_info "Start Nextcloud Setup-Wizard"
echo -e "export VISUAL=nano\nexport EDITOR=nano" >>/etc/profile
cd /usr/share/webapps/nextcloud
$STD su nextcloud -s /bin/sh -c "php82 occ maintenance:install \
--database='mysql' --database-name $DB_NAME \