182 lines
9.2 KiB
Bash
Executable File
182 lines
9.2 KiB
Bash
Executable File
#!/bin/bash
|
|
################################################################################
|
|
# Author: poka (poka@p2p.legal)
|
|
# Version: 0.1
|
|
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
|
|
################################################################################
|
|
|
|
|
|
### Variables ###
|
|
|
|
nc_domain="" # Votre nom de domaine pour votre nextcloud. Si vide il prendra le premier argument que vous passerez, sinon le hostname de votre machine
|
|
nc_port=10050 # Numéro de port d'écoute de nginx
|
|
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1)
|
|
admin_user="$YOU" # Le pseudo du compte admin
|
|
admin_pass="0penS0urce!" # Le mot de passe que vous désirez pour le compte admin
|
|
db_pass="" # Le mot de passe que vous désirez pour MariaDB. Si vide, un mot de passe aléatoire sécurisé sera choisi
|
|
data_dir="/home/$YOU/.zen/nextcloud" # Le répertoir data de nextcloud, toutes les données utilisateurs s'y trouvent
|
|
isSSL=false # true si nextcloud et nginx doivent être configuré en https
|
|
configMaria=auto # Mettez manual ou auto, attention auto est expérimental et vraiment pas recommendé
|
|
p2env=false # true si vous êtes dans un environnement p2p.legal
|
|
|
|
#################
|
|
|
|
if [ "$EUID" -ne 0 ]
|
|
then echo "Veuillez executez ce script en root"
|
|
exit 1
|
|
fi
|
|
|
|
## Atroport config
|
|
echo "Getting local hostname..."
|
|
nc_domain=$(/home/$YOU/.zen/astroport/zen/tools/nodename)
|
|
templates="/home/$YOU/.zen/astroport/.install/nextcloud/templates"
|
|
|
|
## Set var
|
|
[[ -z $nc_domain ]] && nc_domain=$1
|
|
[[ -z $nc_domain ]] && nc_domain=$(echo $HOSTNAME.p2p.legal)
|
|
[[ -z $db_pass ]] && db_pass="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)" && echo "Votre mot de passe mysql nextcloud est : $db_pass" >> /root/nextcloud_mysql_pwd.txt
|
|
db_pass_root="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9~!@#$%^&*_-' | fold -w 32 | head -n 1)"
|
|
|
|
if [[ p2env == "true" ]]; then
|
|
cd /nextcloud/templates/
|
|
else
|
|
[[ ! -e $templates ]] && echo "Erreur: Le dossier templates n'existe pas, installation impossible." && exit 1
|
|
cd $templates
|
|
fi
|
|
|
|
## Update system packages
|
|
|
|
apt install -y lsb-release apt-transport-https ca-certificates
|
|
PHPVERSION=$(ps auxf | grep php-fpm | grep -v -E 'color=auto|grep' | head -n 1 | grep -oP '(?<=\().*(?=\))' | awk -F '/' '{print $4}')
|
|
apt update -y
|
|
|
|
apt install nginx mariadb-server apt-transport-https curl gnupg2 git lsb-release ssl-cert ca-certificates apt-transport-https tree locate software-properties-common dirmngr screen htop net-tools zip unzip curl ffmpeg ghostscript libfile-fcntllock-perl -y
|
|
|
|
systemctl start nginx || (echo "Erreur quelque part ..." && exit 1)
|
|
systemctl start mariadb || (echo "Erreur quelque part ..." && exit 1)
|
|
systemctl enable mariadb || (echo "Erreur quelque part ..." && exit 1)
|
|
systemctl enable nginx || (echo "Erreur quelque part ..." && exit 1)
|
|
|
|
echo " === Installing php ... ==="
|
|
apt install php php-fpm php-xml php-curl php-gd php php-cgi php-cli php-zip php-mysql php-mbstring php-intl php-json php-bz2 php-ldap php-apcu imagemagick php-imagick php-smbclient -y
|
|
|
|
echo " === Configuring php ... ==="
|
|
[[ ! -e /etc/php/$PHPVERSION/cli/php.ini.bak ]] && (bash configure_php.sh || (echo "Erreur quelque part ..." && exit 1)) || echo "PHP déjà configuré, skip"
|
|
|
|
echo " === Configure MariaDB ==="
|
|
configMariaManual() {
|
|
mysql_secure_installation || (echo "Erreur quelque part ..." && exit 1)
|
|
}
|
|
configMariaAuto() {
|
|
mysql -e "UPDATE mysql.user SET Password = PASSWORD('$db_pass_root') WHERE User = 'root'"
|
|
isLocalhostUsers=$(mysql -e "select user from mysql.user;" | grep "localhost")
|
|
isTestDB=$(mysql -e "show databases" | grep "test")
|
|
[[ -n $isLocalhostUsers ]] && mysql -e "DROP USER ''@'localhost'; DROP USER ''@'$(hostname)'"
|
|
[[ -n $isTestDB ]] && mysql -e "DROP DATABASE test"
|
|
mysql -e "FLUSH PRIVILEGES"
|
|
}
|
|
|
|
[[ $configMaria == "auto" ]] && configMariaAuto || configMariaManual
|
|
[[ ! -e /etc/mysql/my.cnf.bak ]] && (mv /etc/mysql/my.cnf /etc/mysql/my.cnf.bak && cp my.cnf /etc/mysql/ && service mysql restart) || echo "MariaDB déjà configuré, skip"
|
|
|
|
echo " === Create and configure database... ==="
|
|
isDBCreate=$(mysql -e "show databases" | grep "nextcloud")
|
|
[[ -z $isDBCreate ]] && mysql -e "CREATE DATABASE nextcloud;CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY \"$db_pass\";GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost';FLUSH PRIVILEGES;ALTER DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" || echo "La base de donnée de nextcloud est déjà créé, skip"
|
|
|
|
echo " === Installing and configure Redis... ==="
|
|
apt install redis-server php-redis -y
|
|
|
|
[[ ! -e /etc/redis/redis.conf.bak ]] && cp /etc/redis/redis.conf /etc/redis/redis.conf.bak || echo "Redis est déjà configuré, skip"
|
|
sed -i "s/port 6379/port 0/" /etc/redis/redis.conf
|
|
sed -i "s/redis.sock/redis-server.sock/" /etc/redis/redis.conf
|
|
sed -i s/\#\ unixsocket/\unixsocket/g /etc/redis/redis.conf
|
|
sed -i "s/unixsocketperm 700/unixsocketperm 770/" /etc/redis/redis.conf
|
|
sed -i "s/# maxclients 10000/maxclients 512/" /etc/redis/redis.conf
|
|
usermod -a -G redis www-data || (echo "Erreur quelque part ..." && exit 1)
|
|
[[ ! -e /etc/sysctl.conf.bak ]] && cp /etc/sysctl.conf /etc/sysctl.conf.bak || echo "sysctl est déjà configuré, skip"
|
|
sed -i '$avm.overcommit_memory = 1' /etc/sysctl.conf
|
|
|
|
service redis-server restart || (echo "Erreur quelque part ..." && exit 1)
|
|
|
|
echo " === Installing NextCloud... ==="
|
|
|
|
if [[ ! -e /var/www/nextcloud ]]; then
|
|
mkdir /var/www/nextcloud
|
|
chown www-data:www-data /var/www/nextcloud
|
|
chmod 750 /var/www/nextcloud || (echo "Erreur quelque part ..." && exit 1)
|
|
|
|
wget https://download.nextcloud.com/server/releases/latest.tar.bz2
|
|
tar -xjf latest.tar.bz2 -C /var/www && chown -R www-data:www-data /var/www/ && rm -f latest.tar.bz2
|
|
fi
|
|
|
|
if [[ ! -e $data_dir ]]; then
|
|
mkdir -p $data_dir
|
|
chown www-data:www-data $data_dir
|
|
chmod 750 $data_dir || (echo "Erreur quelque part ..." && exit 1)
|
|
fi
|
|
|
|
## Add local IP as secondary trust domain
|
|
# Prefere occ methode ...
|
|
# sed -i "/0 => '$nc_domain'.*/a \ 1 => '$ip_local:$nc_port'," /var/www/nextcloud/config/config.php
|
|
ip_local=$(/sbin/ifconfig | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p')
|
|
[[ $nc_port == 80 ]] && nc_port_loc="" || nc_port_loc=":$nc_port"
|
|
|
|
[[ -e /var/www/nextcloud/config/config.php ]] && isNCConfig=$(cat /var/www/nextcloud/config/config.php | grep "'installed' => true")
|
|
[[ -z "$isNCConfig" ]] && sudo -u www-data php /var/www/nextcloud/occ maintenance:install --database "mysql" --database-name "nextcloud" --database-user "nextcloud" --database-pass "$db_pass" --admin-user "$admin_user" --admin-pass "$admin_pass" --data-dir "$data_dir"
|
|
sleep 0.2
|
|
sudo -u www-data php /var/www/nextcloud/occ config:system:set mysql.utf8mb4 --type boolean --value="true"
|
|
sudo -u www-data php /var/www/nextcloud/occ config:system:set trusted_domains 0 --value=$nc_domain
|
|
sudo -u www-data php /var/www/nextcloud/occ config:system:set trusted_domains 1 --value=$ip_local$nc_port_loc
|
|
sudo -u www-data php /var/www/nextcloud/occ config:system:set overwrite.cli.url --value=$nc_domain
|
|
|
|
isNCConfigAdd=$(cat /var/www/nextcloud/config/config.php | grep "activity_expire_days")
|
|
if [[ -z "$isNCConfigAdd" ]]; then
|
|
sudo -u www-data sed -i 's/^[ ]*//' /var/www/nextcloud/config/config.php
|
|
sudo -u www-data sed -i '/);/d' /var/www/nextcloud/config/config.php
|
|
cat config_complete.php >> /var/www/nextcloud/config/config.php
|
|
fi
|
|
|
|
sudo -u www-data sed -i "s/output_buffering=.*/output_buffering=0/" /var/www/nextcloud/.user.ini
|
|
|
|
sudo -u www-data php /var/www/nextcloud/occ app:disable survey_client
|
|
sudo -u www-data php /var/www/nextcloud/occ app:disable firstrunwizard
|
|
sudo -u www-data php /var/www/nextcloud/occ app:enable admin_audit
|
|
sudo -u www-data php /var/www/nextcloud/occ app:enable files_pdfviewer
|
|
|
|
echo " === Configure nginx ... ==="
|
|
cp nextcloud.conf /etc/nginx/conf.d/
|
|
cp *optimization.conf /etc/nginx/
|
|
sed -i "s/NC_DOMAIN/$nc_domain/" /etc/nginx/conf.d/nextcloud.conf
|
|
sed -i "s/NC_PORT/$nc_port/" /etc/nginx/conf.d/nextcloud.conf
|
|
sed -i "s/80 default_server;/81 default_server;/" /etc/nginx/sites-enabled/default
|
|
sed -i "s/_PHPVERSION/$PHPVERSION/" /etc/nginx/conf.d/nextcloud.conf
|
|
|
|
chmod u+x ../ssl.sh
|
|
if [[ $isSSL == "false" ]]; then
|
|
../ssl.sh nonssl
|
|
else
|
|
../ssl.sh certif
|
|
../ssl.sh ssl
|
|
fi
|
|
|
|
echo " === Mise en place des scripts et crons ... ==="
|
|
[[ ! -e /opt/scripts ]] && mkdir /opt/scripts
|
|
cp nc_optimize.sh /opt/scripts/
|
|
cp upgrade.sh /opt/scripts/
|
|
cp occ /opt/scripts/
|
|
echo "alias occ='/opt/scripts/occ'" >> ~/.bashrc
|
|
alias occ='/opt/scripts/occ'
|
|
|
|
[[ -z $(crontab -l | grep "/var/www/nextcloud/cron.php") ]] && (crontab -l ; echo "*/5 * * * * sudo -u www-data /usr/bin/php -f /var/www/nextcloud/cron.php > /dev/null 2>&1") | crontab -u root - || echo "cron nextcloud ever set, skip"
|
|
[[ -z $(crontab -l | grep "/opt/scripts/optimize.sh") ]] && (crontab -l ; echo "5 1 * * * /opt/scripts/optimize.sh > /dev/null 2>&1") | crontab -u root - || echo "cron optimize ever set, skip"
|
|
sudo -u www-data php /var/www/nextcloud/occ background:cron
|
|
|
|
echo " === Restarting services ... ==="
|
|
service php-fpm restart && service nginx restart && service mysql restart && service redis-server restart
|
|
|
|
bash /opt/scripts/nc_optimize.sh
|
|
|
|
exit 0
|
|
|
|
## Ressource complète: https://www.c-rieger.de/nextcloud-installation-guide-ubuntu
|