@ -21,7 +21,6 @@ $STD apk add openssh
$STD apk add nano
$STD apk add mc
$STD apk add nginx
echo -e "export VISUAL=nano\nexport EDITOR=nano" >>/etc/profile
msg_ok "Installed Dependencies"
msg_info "Installing PHP/Redis"
@ -30,57 +29,35 @@ $STD apk add php82-redis
$STD apk add php82-apcu
$STD apk add php82-fpm
$STD apk add php82-sysvsem
$STD apk add php82-pecl-imagick
$STD apk add php82-pecl-smbclient
$STD apk add php82-pecl-imagick
$STD apk add php82-exif
$STD apk add redis
sed -i -e 's|;opcache.enable=1|opcache.enable=1|' /etc/php82/php.ini
sed -i -e 's|;opcache.enable_cli=1|opcache.enable_cli=1|' /etc/php82/php.ini
sed -i -e 's|;opcache.interned_strings_buffer=8|opcache.interned_strings_buffer=16|' /etc/php82/php.ini
sed -i -e 's|;opcache.max_accelerated_files=10000|opcache.max_accelerated_files=10000|' /etc/php82/php.ini
sed -i -e 's|;opcache.memory_consumption=128|opcache.memory_consumption=256|' /etc/php82/php.ini
sed -i -e 's|;opcache.save_comments=1|opcache.save_comments=1|' /etc/php82/php.ini
sed -i -e 's|;opcache.revalidate_freq=1|opcache.revalidate_freq=1|' /etc/php82/php.ini
$STD rc-update add redis
$STD rc-service redis start
msg_ok "Installed PHP/Redis"
msg_info " Creating Credentials "
msg_info "Installing MySQL Database"
DB_NAME = nextcloud
DB_USER = nextcloud
DB_PASS = " $( openssl rand -base64 18 | cut -c1-13) "
ROOT_PASS = " $( openssl rand -base64 18 | cut -c1-13) "
ADMIN_USER = ncAdmin
ADMIN_PASS = " $( openssl rand -base64 18 | cut -c1-13) "
echo "" >>~/nextcloud.creds
echo -e " MySQL Admin Password: \e[32m $ ROOT _PASS\e[0m " >>~/nextcloud.creds
echo -e " MySQL Admin Password: \e[32m $ADMIN_PASS \e[0m " >>~/nextcloud.creds
echo -e " Nextcloud Database Username: \e[32m $DB_USER \e[0m " >>~/nextcloud.creds
echo -e " Nextcloud Database Password: \e[32m $DB_PASS \e[0m " >>~/nextcloud.creds
echo -e " Nextcloud Database Name: \e[32m $DB_NAME \e[0m " >>~/nextcloud.creds
echo "" >>~/nextcloud.creds
echo -e " Nextcloud Admin Username: \e[32m $ADMIN_USER \e[0m " >>~/nextcloud.creds
echo -e " Nextcloud Admin Password: \e[32m $ADMIN_PASS \e[0m (Initially enter twice) " >>~/nextcloud.creds
msg_ok "Created Credentials"
msg_info "Installing MySQL Database"
$STD apk add nextcloud-mysql mariadb mariadb-client
$STD mysql_install_db --user= mysql --datadir= /var/lib/mysql
$STD service mariadb start
$STD rc-update add mariadb
mysql -uroot -e " GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY ' $ROOT_PASS ' WITH GRANT OPTION;FLUSH PRIVILEGES; "
mysql -uroot -p$ROOT_PASS -e "DELETE FROM mysql.user WHERE User='';"
mysql -uroot -p$ROOT_PASS -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
mysql -uroot -p$ROOT_PASS -e "DROP DATABASE test;"
mysql -uroot -p$ROOT_PASS -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
mysql -uroot -p$ROOT_PASS -e " CREATE DATABASE $DB_NAME ; "
mysql -uroot -p$ROOT_PASS -e " GRANT ALL ON $DB_NAME .* TO ' $DB_USER '@'localhost' IDENTIFIED BY ' $DB_PASS '; "
mysql -uroot -p$ROOT_PASS -e " GRANT ALL ON $DB_NAME .* TO ' $DB_USER '@'localhost.localdomain' IDENTIFIED BY ' $DB_PASS '; "
mysql -uroot -p$ROOT_PASS -e "FLUSH PRIVILEGES;"
mysql -uroot -p" $ADMIN_PASS " -e " GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY ' $ADMIN_PASS ' WITH GRANT OPTION; DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); DROP DATABASE test; DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'; CREATE DATABASE $DB_NAME ; GRANT ALL ON $DB_NAME .* TO ' $DB_USER '@'localhost' IDENTIFIED BY ' $DB_PASS '; GRANT ALL ON $DB_NAME .* TO ' $DB_USER '@'localhost.localdomain' IDENTIFIED BY ' $DB_PASS '; FLUSH PRIVILEGES; "
$STD apk del mariadb-client
msg_ok "Installed MySQL Database"
msg_info "Installing Nextcloud"
ADMIN_USER = ncAdmin
echo "" >>~/nextcloud.creds
echo -e " Nextcloud Admin Username: \e[32m $ADMIN_USER \e[0m " >>~/nextcloud.creds
echo -e " Nextcloud Admin Password: \e[32m $ADMIN_PASS \e[0m (Initially enter twice) " >>~/nextcloud.creds
$STD apk add nextcloud-initscript
$STD openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nextcloud-selfsigned.key -out /etc/ssl/certs/nextcloud-selfsigned.crt -subj "/C=US/O=Nextcloud/OU=Domain Control Validated/CN=nextcloud.local"
cat <<'EOF' >/usr/share/webapps/nextcloud/config/config.php
@ -91,13 +68,11 @@ $CONFIG = array (
'logdateformat' = > 'F d, Y H:i:s' ,
'log_rotate_size' = > 104857600,
'apps_paths' = > array (
// Read-only location for apps shipped with Nextcloud and installed by apk.
0 = > array (
'path' = > '/usr/share/webapps/nextcloud/apps' ,
'url' = > '/apps' ,
'writable' = > false,
) ,
// Writable location for apps installed from AppStore.
1 = > array (
'path' = > '/var/lib/nextcloud/apps' ,
'url' = > '/apps-appstore' ,
@ -106,14 +81,7 @@ $CONFIG = array (
) ,
'updatechecker' = > false,
'check_for_working_htaccess' = > false,
// Uncomment to enable Zend OPcache.
'memcache.local' = > '\\OC\\Memcache\\APCu' ,
'memcache.distributed' = > '\\OC\\Memcache\\Redis' ,
// Uncomment this and add user nextcloud to the redis group to enable Redis
// cache for file locking. This is highly recommended, see
// https://github.com/nextcloud/server/issues/9305.
'memcache.local' = > '\\OC\\Memcache\\Redis' ,
'memcache.locking' = > '\\OC\\Memcache\\Redis' ,
'redis' = > array(
'host' = > 'localhost' ,
@ -124,7 +92,7 @@ $CONFIG = array (
'installed' = > false,
) ;
EOF
rm /etc/nginx/http.d/default.conf
rm -rf /etc/nginx/http.d/default.conf
cat <<'EOF' >/etc/nginx/http.d/nextcloud.conf
server {
listen [ ::] :80;
@ -132,59 +100,38 @@ server {
return 301 https://$host $request_uri ;
server_name localhost;
}
server {
listen 443 ssl http2;
listen [ ::] :443 ssl http2;
server_name localhost;
root /usr/share/webapps/nextcloud;
index index.php index.html index.htm;
disable_symlinks off;
ssl_certificate /etc/ssl/certs/nextcloud-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nextcloud-selfsigned.key;
ssl_session_timeout 5m;
#Enable Perfect Forward Secrecy and ciphers without known vulnerabilities
#Beware! It breaks compatibility with older OS and browsers (e.g. Windows XP, Android 2.x, etc.)
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA;
ssl_prefer_server_ciphers on;
location / {
try_files $uri $uri / /index.html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ [ ^/] \. php( /| $) {
fastcgi_split_path_info ^( .+?\. php) ( /.*) $;
if ( !-f $document_root $fastcgi_script_name ) {
return 404;
}
#fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/run/php-fpm/socket;
fastcgi_pass unix:/run/nextcloud/fastcgi.sock; # From the nextcloud-initscript package
fastcgi_index index.php;
include fastcgi.conf;
}
# Help pass nextcloud's configuration checks after install:
# Per https://docs.nextcloud.com/server/22/admin_manual/issues/general_troubleshooting.html#service-discovery
location ^~ /.well-known/carddav { return 301 /remote.php/dav/; }
location ^~ /.well-known/caldav { return 301 /remote.php/dav/; }
location ^~ /.well-known/webfinger { return 301 /index.php/.well-known/webfinger; }
location ^~ /.well-known/nodeinfo { return 301 /index.php/.well-known/nodeinfo; }
}
EOF
sed -i -e 's|memory_limit = 128M|memory_limit = 512M|; $aapc.enable_cli=1' /etc/php82/php.ini
sed -i -E '/^php_admin_(flag|value)\[opcache/s/^/;/' /etc/php82/php-fpm.d/nextcloud.conf
sed -i -e 's|client_max_body_size 1m;|client_max_body_size 5120m;|' /etc/nginx/nginx.conf
sed -i -e 's|php_admin_value\[memory_limit\] = 512M|php_admin_value\[memory_limit\] = 5120M|' /etc/php82/php-fpm.d/nextcloud.conf
sed -i -e 's|php_admin_value\[post_max_size\] = 513M|php_admin_value\[post_max_size\] = 5121M|' /etc/php82/php-fpm.d/nextcloud.conf
sed -i -e 's|php_admin_value\[upload_max_filesize\] = 513M|php_admin_value\[upload_max_filesize\] = 5121M|' /etc/php82/php-fpm.d/nextcloud.conf
sed -i -e 's|upload_max_filesize = 513M|upload_max_filesize = 5121M|' /etc/php82/php.ini
sed -i -e 's|memory_limit = 128M|memory_limit = 512M|' /etc/php82/php.ini
sed -i -e '$aapc.enable_cli=1' /etc/php82/php.ini
msg_ok "Installed Nextcloud"
msg_info "Adding Additional Nextcloud Packages"
@ -210,6 +157,8 @@ $STD apk add nextcloud-weather_status
msg_ok "Added Additional Nextcloud Packages"
msg_info "Starting Services"
$STD rc-service redis start
$STD rc-update add redis default
$STD rc-service php-fpm82 start
chown -R nextcloud:www-data /var/log/nextcloud/
$STD rc-service php-fpm82 restart
@ -220,6 +169,7 @@ $STD rc-update add nextcloud default
msg_ok "Started Services"
msg_info "Start Nextcloud Setup-Wizard"
echo -e "export VISUAL=nano\nexport EDITOR=nano" >>/etc/profile
cd /usr/share/webapps/nextcloud
$STD su nextcloud -s /bin/sh -c " php82 occ maintenance:install \
--database= 'mysql' --database-name $DB_NAME \
tteckster
1 year ago
committed by
GitHub