nextcloud.sh - packer-builds - Packer Builds for LXC and Libvirt

nextcloud.sh (4715B)
      1 #!/usr/bin/env bash
      2 
      3 set -o errexit
      4 set -o nounset
      5 set -o xtrace
      6 
      7 # Installation on Debian like OS:
      8 # * https://docs.nextcloud.com/server/latest/admin_manual/installation/example_ubuntu.html
      9 # * https://docs.nextcloud.com/server/latest/admin_manual/installation/source_installation.html
     10 
     11 # install Apache and tools
     12 apt-get install -y apache2 libapache2-mod-php
     13 apt-get install -y php-gd php-mysql php-curl php-mbstring php-intl
     14 apt-get install -y php-gmp php-bcmath php-imagick php-xml php-zip php-apcu
     15 apt-get install -y curl bzip2 sudo certbot python-certbot-apache
     16 
     17 # download and install Nextcloud
     18 curl -O https://download.nextcloud.com/server/releases/latest.tar.bz2
     19 tar -C /var/www/ -xf latest.tar.bz2
     20 chown -R www-data:www-data /var/www/nextcloud/
     21 
     22 # configure Apache
     23 cat << EOF > /etc/apache2/sites-available/nextcloud.conf
     24 Alias $NEXTCLOUD_REWRITE_BASE "/var/www/nextcloud/"
     25 
     26 <Directory /var/www/nextcloud/>
     27   Require all granted
     28   AllowOverride All
     29   Options FollowSymLinks MultiViews
     30 
     31   <IfModule mod_dav.c>
     32     Dav off
     33   </IfModule>
     34 
     35 </Directory>
     36 EOF
     37 
     38 # tune php mem limit
     39 sed -i 's/memory_limit = 128M/memory_limit = 512M/g' /etc/php/7.3/apache2/php.ini
     40 
     41 # enable opcache
     42 # https://docs.nextcloud.com/server/16/admin_manual/installation/server_tuning.html
     43 sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php/7.3/apache2/php.ini
     44 
     45 # enable apcu cli
     46 # https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/caching_configuration.html
     47 cat << EOF > /etc/php/7.3/mods-available/nextcloud-cli.ini
     48 apc.enable_cli=1
     49 EOF
     50 ln -s /etc/php/7.3/mods-available/nextcloud-cli.ini /etc/php/7.3/cli/conf.d/99-nexcloud.ini
     51 
     52 # enable config
     53 a2ensite nextcloud.conf
     54 
     55 # enable Apache modules
     56 a2enmod rewrite
     57 a2enmod headers
     58 a2enmod env
     59 a2enmod dir
     60 a2enmod mime
     61 a2enmod ssl
     62 
     63 OCC="/var/www/nextcloud/occ"
     64 APACHE_USER="www-data"
     65 APACHE_GROUP="www-data"
     66 
     67 # status
     68 which php
     69 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" status
     70 
     71 # install nextcloud
     72 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" maintenance:install \
     73  --database "$NEXTCLOUD_DATABASE" --database-name "$NEXTCLOUD_DATABASE_NAME" --database-host "$NEXTCLOUD_DATABASE_HOST" --database-port "$NEXTCLOUD_DATABASE_PORT" \
     74  --database-user "$NEXTCLOUD_DATABASE_USER" --database-pass "$NEXTCLOUD_DATABASE_PASS" \
     75  --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD" \
     76  --data-dir "$NEXTCLOUD_DATADIR" || exit 0
     77 
     78 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" status
     79 
     80 # set trusted domains
     81 urls=($NEXTCLOUD_URLS)
     82 for u in "${urls[@]}"; do
     83   sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" config:system:set trusted_domains 1 --value="$u"
     84 done;
     85 
     86 # configure certbot
     87 #certbot --apache --non-interactive --agree-tos --email "$CERTBOT_MAIL" --domain "${urls[0]}"
     88 
     89 # configure strict transport security
     90 # https://docs.nextcloud.com/server/19/admin_manual/installation/harden_server.html
     91 #sed -i '/^<\/VirtualHost\>/i <IfModule mod_headers.c>\nHeader always set Strict-Transport-Security "max-age=15552000; includeSubDomains"\n<\/IfModule>' \
     92 # /etc/apache2/sites-available/000-default-le-ssl.conf
     93 #a2ensite 000-default-le-ssl
     94 
     95 # add additional users
     96 users=($NEXTCLOUD_ADDITIONAL_USERS)
     97 passwords=($NEXTCLOUD_ADDITIONAL_PASSWORDS)
     98 no_users="${#users[@]}"
     99 for ((i = 0 ; i < $no_users ; i++)); do
    100   sudo -u "$APACHE_USER" -g "$APACHE_GROUP" OC_PASS="${passwords[$i]}" php "$OCC" user:add ${users[$i]} --password-from-env
    101 done;
    102 
    103 # install totp 2fa
    104 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" app:install twofactor_totp
    105 
    106 # remove features
    107 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" config:app:set text workspace_available --value=0
    108 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" app:disable recommendations
    109 
    110 # configure rewrite base and cli url
    111 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" config:system:set htaccess.RewriteBase --value="$NEXTCLOUD_REWRITE_BASE"
    112 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" config:system:set overwrite.cli.url --value="$NEXTCLOUD_CLI_URL"
    113 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" maintenance:update:htaccess
    114 
    115 # enable cron jobs
    116 cat << EOF > /etc/systemd/system/nextcloudcron.service
    117 [Unit]
    118 Description=Nextcloud cron.php job
    119 
    120 [Service]
    121 User=www-data
    122 ExecStart=/usr/bin/php -f /var/www/nextcloud/cron.php
    123 EOF
    124 
    125 cat << EOF > /etc/systemd/system/nextcloudcron.timer
    126 [Unit]
    127 Description=Run Nextcloud cron.php every 5 minutes
    128 
    129 [Timer]
    130 OnBootSec=5min
    131 OnUnitActiveSec=5min
    132 Unit=nextcloudcron.service
    133 
    134 [Install]
    135 WantedBy=timers.target
    136 EOF
    137 
    138 systemctl start nextcloudcron.timer
    139 
    140 # enable APCU data cache in Nextcloud
    141 sudo -u "$APACHE_USER" -g "$APACHE_GROUP" php "$OCC" config:system:set memcache.local --value="\OC\Memcache\APCu"
	packer-builds Packer Builds for LXC and Libvirt
	git clone https://git.in0rdr.ch/packer-builds.git
	Log \| Files \| Refs \| Pull requests \| README