117 lines
4.8 KiB
Bash
117 lines
4.8 KiB
Bash
#!/bin/bash
|
|
|
|
# https://docs.nextcloud.com/server/latest/admin_manual/installation/source_installation.html
|
|
|
|
IPV4=$(ip addr | grep 'inet ' | grep -v '127.0' | head -n1 | awk '{print $2}' | cut -f1 -d /)
|
|
DBNAME=$(whiptail --title "DB" --inputbox "DB Name :" 0 30 "nextcloud" 3>&1 1>&2 2>&3)
|
|
DBUSER=$(whiptail --title "DB" --inputbox "DB User :" 0 30 "nextcloud" 3>&1 1>&2 2>&3)
|
|
DBPASS=$(whiptail --title "DB" --inputbox "DB Pass :" 0 30 "nextcloud" 3>&1 1>&2 2>&3)
|
|
DATAPATH=$(whiptail --title "DATA" --inputbox "DATA Path :" 0 30 "/srv/nextcloud/data" 3>&1 1>&2 2>&3)
|
|
NCUSER=$(whiptail --title "NextCloud" --inputbox "Admin Name :" 0 30 "admin" 3>&1 1>&2 2>&3)
|
|
NCPASS=$(whiptail --title "NextCloud" --inputbox "Admin Pass :" 0 30 "admin" 3>&1 1>&2 2>&3)
|
|
PHPVER=8.2
|
|
|
|
curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg
|
|
echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ bookworm main" > /etc/apt/sources.list.d/php-${PHPVER}.list
|
|
apt update -y
|
|
|
|
apt install -y sudo bzip2 apache2 coturn
|
|
apt install -y php${PHPVER} php${PHPVER}-curl php${PHPVER}-gd php${PHPVER}-mbstring php${PHPVER}-zip php${PHPVER}-xml php${PHPVER}-bz2 php${PHPVER}-intl php${PHPVER}-fpm php${PHPVER}-apcu php${PHPVER}-memcached php${PHPVER}-redis php${PHPVER}-imagick php${PHPVER}-bcmath php${PHPVER}-gmp libapache2-mod-php${PHPVER}
|
|
apt install -y php${PHPVER}-mysql mariadb-server
|
|
apt install -y smbclient ffmpeg libmagickcore-6.q16-6-extra
|
|
|
|
a2dissite 000-default
|
|
a2dissite default-ssl.conf
|
|
a2enmod rewrite
|
|
a2enmod headers
|
|
a2enmod env
|
|
a2enmod dir
|
|
a2enmod mime
|
|
a2enmod ssl
|
|
|
|
sed -i "s/memory_limit =.*/memory_limit = 512M/g" /etc/php/${PHPVER}/apache2/php.ini
|
|
sed -i "s/memory_limit =.*/memory_limit = 512M/g" /etc/php/${PHPVER}/fpm/php.ini
|
|
sed -i "s/memory_limit =.*/memory_limit = 512M/g" /etc/php/${PHPVER}/cli/php.ini
|
|
echo "apc.enable_cli=1" >> /etc/php/${PHPVER}/cli/php.ini
|
|
|
|
mysql -e "CREATE DATABASE ${DBNAME};CREATE USER '${DBUSER}'@'localhost' IDENTIFIED BY '${DBPASS}';GRANT ALL ON ${DBNAME}.* TO '${DBUSER}'@'localhost' WITH GRANT OPTION;FLUSH PRIVILEGES;"
|
|
|
|
wget https://download.nextcloud.com/server/releases/latest-26.tar.bz2
|
|
tar -xvf latest-26.tar.bz2
|
|
mv nextcloud /var/www
|
|
chown -R www-data:www-data /var/www/nextcloud
|
|
mkdir -p ${DATAPATH}
|
|
chown -R www-data:www-data ${DATAPATH}
|
|
|
|
cat > /etc/apache2/sites-available/nextcloud.conf << "EOF"
|
|
<VirtualHost *:443>
|
|
Protocols h2 http:/1.1
|
|
DocumentRoot "/var/www/nextcloud"
|
|
#ServerName nextcloud.your-domain.com
|
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
|
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
|
|
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
|
|
SSLCertificateChainFile /etc/ssl/certs/ssl-cert-snakeoil.pem
|
|
SSLProtocol TLSv1.2
|
|
|
|
<Directory /var/www/nextcloud/>
|
|
Options +FollowSymlinks
|
|
AllowOverride All
|
|
<IfModule mod_dav.c>
|
|
Dav off
|
|
</IfModule>
|
|
SetEnv HOME /var/www/nextcloud
|
|
SetEnv HTTP_HOME /var/www/nextcloud
|
|
Satisfy Any
|
|
</Directory>
|
|
|
|
</VirtualHost>
|
|
EOF
|
|
|
|
a2ensite nextcloud
|
|
systemctl restart apache2
|
|
|
|
cd /var/www/nextcloud/
|
|
sudo -u www-data php occ maintenance:install \
|
|
--database "mysql" \
|
|
--database-name "${DBNAME}" \
|
|
--database-user "${DBUSER}" \
|
|
--database-pass "${DBPASS}" \
|
|
--admin-user "${NCUSER}" \
|
|
--admin-pass "${NCPASS}" \
|
|
--data-dir "${DATAPATH}"
|
|
sed -i "s/0 => 'localhost/0 => '${IPV4}/" /var/www/nextcloud/config/config.php
|
|
sed -i "s/\/\/localhost/\/\/${IPV4}/" /var/www/nextcloud/config/config.php
|
|
sed -i "s/http:/https:/" /var/www/nextcloud/config/config.php
|
|
sed -i "/^);*/i\ \ 'memcache.local' => '\\\\OC\\\\Memcache\\\\APCu'," /var/www/nextcloud/config/config.php
|
|
sed -i "/^);*/i\ \ 'default_phone_region' => 'CH'," /var/www/nextcloud/config/config.php
|
|
echo "*/5 * * * * php -f /var/www/nextcloud/cron.php" | crontab -u www-data -
|
|
sudo -u www-data php occ background:cron
|
|
|
|
cat >> /etc/turnserver.conf << "EOF"
|
|
listening-port=8080
|
|
listening-ip=0.0.0.0
|
|
fingerprint
|
|
use-auth-secret
|
|
static-auth-secret=AUTHSECRET
|
|
# realm=nextcloud.dom.lan
|
|
total-quota=0
|
|
bps-capacity=0
|
|
stale-nonce
|
|
no-multicast-peers
|
|
EOF
|
|
AUTHSECRET=$(openssl rand -hex 32)
|
|
sed "s/AUTHSECRET/${AUTHSECRET}/" turnserver.conf
|
|
|
|
if [ -f "/etc/iptables/rules.v4" ]; then
|
|
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
|
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # NextCloud' /etc/iptables/rules.v4
|
|
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 8080 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
|
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p udp -m udp --dport 8080 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
|
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # TurnServer' /etc/iptables/rules.v4
|
|
iptables-restore /etc/iptables/rules.v4
|
|
fi
|