2014-08-15 22:29:05 +00:00
#!/bin/bash
2017-04-02 09:19:21 +00:00
# Nextcloud
2014-08-11 14:24:29 +00:00
##########################
source setup/functions.sh # load our functions
source /etc/mailinabox.conf # load global vars
2017-04-02 09:19:21 +00:00
# ### Installing Nextcloud
2014-09-21 20:05:11 +00:00
2017-03-25 12:20:21 +00:00
echo "Installing Nextcloud (contacts/calendar)..."
2015-08-19 19:58:35 +00:00
2018-07-07 18:41:41 +00:00
apt-get purge -qq -y owncloud* # we used to use the package manager
2014-08-11 14:24:29 +00:00
2018-08-24 12:46:08 +00:00
apt_install php php-fpm \
php-cli php-sqlite3 php-gd php-imap php-curl php-pear curl \
php-dev php-gd php-xml php-mbstring php-zip php-apcu php-json php-intl
2015-06-12 12:53:02 +00:00
2017-07-10 20:56:59 +00:00
InstallNextcloud( ) {
2017-03-26 13:20:27 +00:00
version = $1
hash = $2
2016-10-18 10:04:13 +00:00
echo
2017-07-10 20:56:59 +00:00
echo " Upgrading to Nextcloud version $version "
2016-10-18 10:04:13 +00:00
echo
2014-09-01 08:02:46 +00:00
2017-04-02 09:19:21 +00:00
# Remove the current owncloud/Nextcloud
2016-10-18 10:04:13 +00:00
rm -rf /usr/local/lib/owncloud
# Download and verify
2017-07-10 20:56:59 +00:00
wget_verify https://download.nextcloud.com/server/releases/nextcloud-$version .zip $hash /tmp/nextcloud.zip
2015-02-12 19:53:17 +00:00
2017-04-02 09:19:21 +00:00
# Extract ownCloud/Nextcloud
2017-07-10 20:56:59 +00:00
unzip -q /tmp/nextcloud.zip -d /usr/local/lib
mv /usr/local/lib/nextcloud /usr/local/lib/owncloud
rm -f /tmp/nextcloud.zip
2015-02-12 19:53:17 +00:00
2017-04-02 09:19:21 +00:00
# The two apps we actually want are not in Nextcloud core. Download the releases from
2015-02-12 19:53:17 +00:00
# their github repositories.
mkdir -p /usr/local/lib/owncloud/apps
2017-03-25 12:20:21 +00:00
2018-08-24 15:11:52 +00:00
wget_verify https://github.com/nextcloud/contacts/releases/download/v2.1.5/contacts.tar.gz b7460d15f1b78d492ed502d778c0c458d503ba17 /tmp/contacts.tgz
2016-10-18 10:04:13 +00:00
tar xf /tmp/contacts.tgz -C /usr/local/lib/owncloud/apps/
rm /tmp/contacts.tgz
2018-08-24 15:11:52 +00:00
wget_verify https://github.com/nextcloud/calendar/releases/download/v1.6.1/calendar.tar.gz f93a247cbd18bc624f427ba2a967d93ebb941f21 /tmp/calendar.tgz
2016-10-18 10:04:13 +00:00
tar xf /tmp/calendar.tgz -C /usr/local/lib/owncloud/apps/
rm /tmp/calendar.tgz
2015-02-12 19:53:17 +00:00
# Fix weird permissions.
chmod 750 /usr/local/lib/owncloud/{ apps,config}
2015-06-14 15:42:32 +00:00
# Create a symlink to the config.php in STORAGE_ROOT (for upgrades we're restoring the symlink we previously
# put in, and in new installs we're creating a symlink and will create the actual config later).
2015-06-12 12:53:02 +00:00
ln -sf $STORAGE_ROOT /owncloud/config.php /usr/local/lib/owncloud/config/config.php
2015-02-12 19:53:17 +00:00
# Make sure permissions are correct or the upgrade step won't run.
# $STORAGE_ROOT/owncloud may not yet exist, so use -f to suppress
# that error.
chown -f -R www-data.www-data $STORAGE_ROOT /owncloud /usr/local/lib/owncloud
2015-08-19 19:43:34 +00:00
# If this isn't a new installation, immediately run the upgrade script.
# Then check for success (0=ok and 3=no upgrade needed, both are success).
2016-10-18 10:04:13 +00:00
if [ -e $STORAGE_ROOT /owncloud/owncloud.db ] ; then
2015-08-23 16:37:25 +00:00
# ownCloud 8.1.1 broke upgrades. It may fail on the first attempt, but
# that can be OK.
2015-08-19 19:43:34 +00:00
sudo -u www-data php /usr/local/lib/owncloud/occ upgrade
2015-08-23 16:37:25 +00:00
if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ] ; then
echo "Trying ownCloud upgrade again to work around ownCloud upgrade bug..."
sudo -u www-data php /usr/local/lib/owncloud/occ upgrade
if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ] ; then exit 1; fi
sudo -u www-data php /usr/local/lib/owncloud/occ maintenance:mode --off
echo "...which seemed to work."
fi
2015-08-19 19:43:34 +00:00
fi
2016-10-18 10:04:13 +00:00
}
2018-07-07 18:41:41 +00:00
nextcloud_ver = 13.0.5
nextcloud_hash = e2b4a4bebd4fac14feae1e6e8997682f73fa8b50
2017-07-10 20:56:59 +00:00
2018-07-07 18:41:41 +00:00
# Check if Nextcloud dir exist, and check if version matches nextcloud_ver (if either doesn't - install/upgrade)
2016-10-18 10:04:13 +00:00
if [ ! -d /usr/local/lib/owncloud/ ] \
2018-07-07 18:41:41 +00:00
|| ! grep -q $nextcloud_ver /usr/local/lib/owncloud/version.php; then
2016-10-18 10:04:13 +00:00
2017-09-22 15:10:48 +00:00
# Stop php-fpm if running. If theyre not running (which happens on a previously failed install), dont bail.
2018-08-24 12:46:08 +00:00
service php7.2-fpm stop & > /dev/null || /bin/true
2016-10-18 10:04:13 +00:00
2017-04-02 09:19:21 +00:00
# Backup the existing ownCloud/Nextcloud.
2016-10-18 10:04:13 +00:00
# Create a backup directory to store the current installation and database to
BACKUP_DIRECTORY = $STORAGE_ROOT /owncloud-backup/` date +"%Y-%m-%d-%T" `
mkdir -p " $BACKUP_DIRECTORY "
if [ -d /usr/local/lib/owncloud/ ] ; then
2018-07-07 18:41:41 +00:00
echo " Upgrading Nextcloud --- backing up existing installation, configuration, and database to directory to $BACKUP_DIRECTORY ... "
2016-10-18 10:04:13 +00:00
cp -r /usr/local/lib/owncloud " $BACKUP_DIRECTORY /owncloud-install "
fi
if [ -e /home/user-data/owncloud/owncloud.db ] ; then
cp /home/user-data/owncloud/owncloud.db $BACKUP_DIRECTORY
2018-07-07 18:41:41 +00:00
fi
if [ -e /home/user-data/owncloud/config.php ] ; then
cp /home/user-data/owncloud/config.php $BACKUP_DIRECTORY
fi
2016-10-18 10:04:13 +00:00
2018-07-07 18:41:41 +00:00
# If ownCloud or Nextcloud was previously installed....
2016-10-18 10:04:13 +00:00
if [ -e /usr/local/lib/owncloud/version.php ] ; then
2018-07-07 18:41:41 +00:00
# Database migrations from ownCloud are no longer possible because ownCloud cannot be run under
# PHP 7.
if grep -q "OC_VersionString = '[89]\." /usr/local/lib/owncloud/version.php; then
echo "Upgrades from Mail-in-a-Box prior to v0.26c (dated February 13, 2018) with Nextcloud < 12.0.5 (you have ownCloud 8 or 9) are not supported. Upgrade to Mail-in-a-Box version v0.28 first. Setup aborting."
exit 1
2017-03-25 12:20:21 +00:00
fi
2018-07-07 18:41:41 +00:00
if grep -q "OC_VersionString = '10\." /usr/local/lib/owncloud/version.php; then
echo "Upgrades from Mail-in-a-Box prior to v0.26c (dated February 13, 2018) with Nextcloud < 12.0.5 (you have ownCloud 10) are not supported. Upgrade to Mail-in-a-Box version v0.28 first. Setup aborting."
exit 1
2017-07-10 20:56:59 +00:00
fi
2018-08-24 15:11:52 +00:00
# If we are upgrading from Nextcloud 11 we should go to Nextcloud 12 first.
if grep -q "OC_VersionString = '11\." /usr/local/lib/owncloud/version.php; then
echo "We are running Nextcloud 11, upgrading to Nextcloud 12.0.5 first"
InstallNextcloud 12.0.5 d25afbac977a4e331f5e38df50aed0844498ca86
fi
2016-10-18 10:04:13 +00:00
fi
2018-07-07 18:41:41 +00:00
InstallNextcloud $nextcloud_ver $nextcloud_hash
2014-08-11 14:24:29 +00:00
fi
2017-04-02 09:19:21 +00:00
# ### Configuring Nextcloud
2014-09-21 20:05:11 +00:00
2017-04-02 09:19:21 +00:00
# Setup Nextcloud if the Nextcloud database does not yet exist. Running setup when
2014-08-16 12:38:03 +00:00
# the database does exist wipes the database and user data.
if [ ! -f $STORAGE_ROOT /owncloud/owncloud.db ] ; then
2015-06-12 12:53:02 +00:00
# Create user data directory
mkdir -p $STORAGE_ROOT /owncloud
2015-08-30 21:14:00 +00:00
# Create an initial configuration file.
2014-08-16 12:38:03 +00:00
instanceid = oc$( echo $PRIMARY_HOSTNAME | sha1sum | fold -w 10 | head -n 1)
2015-06-12 12:53:02 +00:00
cat > $STORAGE_ROOT /owncloud/config.php <<EOF;
2014-08-11 15:53:01 +00:00
<?php
2014-08-12 10:01:18 +00:00
\$ CONFIG = array (
2014-08-11 23:15:17 +00:00
'datadirectory' = > '$STORAGE_ROOT/owncloud' ,
2014-08-12 13:25:38 +00:00
'instanceid' = > '$instanceid' ,
2014-08-15 23:07:20 +00:00
2017-04-02 09:19:21 +00:00
'forcessl' = > true, # if unset/false, Nextcloud sends a HSTS=0 header, which conflicts with nginx config
2014-08-12 13:25:38 +00:00
'overwritewebroot' = > '/cloud' ,
2015-08-16 23:47:51 +00:00
'overwrite.cli.url' = > '/cloud' ,
2014-08-12 10:33:42 +00:00
'user_backends' = > array(
2018-07-07 18:41:41 +00:00
array(
'class' = >'OC_User_IMAP' ,
'arguments' = >array( '{127.0.0.1:993/imap/ssl/novalidate-cert}' )
)
2014-08-11 23:15:17 +00:00
) ,
2017-07-10 20:56:59 +00:00
'memcache.local' = > '\OC\Memcache\APCu' ,
2014-08-12 11:18:45 +00:00
'mail_smtpmode' = > 'sendmail' ,
'mail_smtpsecure' = > '' ,
2014-08-12 08:09:44 +00:00
'mail_smtpauthtype' = > 'LOGIN' ,
2014-08-12 11:18:45 +00:00
'mail_smtpauth' = > false,
'mail_smtphost' = > '' ,
'mail_smtpport' = > '' ,
'mail_smtpname' = > '' ,
'mail_smtppassword' = > '' ,
'mail_from_address' = > 'owncloud' ,
2014-08-11 23:15:17 +00:00
) ;
2014-08-11 21:01:18 +00:00
?>
2014-08-11 15:53:01 +00:00
EOF
2014-08-12 08:10:53 +00:00
2014-08-16 12:38:03 +00:00
# Create an auto-configuration file to fill in database settings
# when the install script is run. Make an administrator account
# here or else the install can't finish.
2015-11-17 22:13:49 +00:00
adminpassword = $( dd if = /dev/urandom bs = 1 count = 40 2>/dev/null | sha1sum | fold -w 30 | head -n 1)
2014-09-21 20:05:11 +00:00
cat > /usr/local/lib/owncloud/config/autoconfig.php <<EOF;
2014-08-15 23:07:20 +00:00
<?php
\$ AUTOCONFIG = array (
# storage/database
'directory' = > '$STORAGE_ROOT/owncloud' ,
'dbtype' = > 'sqlite3' ,
# create an administrator account with a random password so that
2017-04-02 09:19:21 +00:00
# the user does not have to enter anything on first load of Nextcloud
2014-08-15 23:07:20 +00:00
'adminlogin' = > 'root' ,
'adminpass' = > '$adminpassword' ,
) ;
?>
EOF
2015-06-12 12:53:02 +00:00
# Set permissions
2014-08-16 12:38:03 +00:00
chown -R www-data.www-data $STORAGE_ROOT /owncloud /usr/local/lib/owncloud
2014-08-11 14:24:29 +00:00
2017-04-02 09:19:21 +00:00
# Execute Nextcloud's setup step, which creates the Nextcloud sqlite database.
2015-06-14 15:42:32 +00:00
# It also wipes it if it exists. And it updates config.php with database
# settings and deletes the autoconfig.php file.
2014-08-16 12:38:03 +00:00
( cd /usr/local/lib/owncloud; sudo -u www-data php /usr/local/lib/owncloud/index.php; )
fi
2014-08-15 23:07:20 +00:00
2015-08-30 21:14:00 +00:00
# Update config.php.
# * trusted_domains is reset to localhost by autoconfig starting with ownCloud 8.1.1,
# so set it here. It also can change if the box's PRIMARY_HOSTNAME changes, so
# this will make sure it has the right value.
# * Some settings weren't included in previous versions of Mail-in-a-Box.
2016-04-13 21:52:13 +00:00
# * We need to set the timezone to the system timezone to allow fail2ban to ban
# users within the proper timeframe
2016-06-27 03:19:12 +00:00
# * We need to set the logdateformat to something that will work correctly with fail2ban
2017-05-06 12:18:50 +00:00
# * mail_domain' needs to be set every time we run the setup. Making sure we are setting
# the correct domain name if the domain is being change from the previous setup.
2015-08-30 21:14:00 +00:00
# Use PHP to read the settings file, modify it, and write out the new settings array.
2016-04-13 21:52:13 +00:00
TIMEZONE = $( cat /etc/timezone)
2015-08-16 23:46:23 +00:00
CONFIG_TEMP = $( /bin/mktemp)
php <<EOF > $CONFIG_TE MP && mv $CONFIG_TEMP $STORAGE_ROOT /owncloud/config.php;
<?php
include( " $STORAGE_ROOT /owncloud/config.php " ) ;
2015-08-30 21:14:00 +00:00
\$ CONFIG[ 'trusted_domains' ] = array( '$PRIMARY_HOSTNAME' ) ;
2017-07-10 20:56:59 +00:00
\$ CONFIG[ 'memcache.local' ] = '\OC\Memcache\APCu' ;
2015-08-16 23:47:51 +00:00
\$ CONFIG[ 'overwrite.cli.url' ] = '/cloud' ;
2015-11-05 11:20:16 +00:00
\$ CONFIG[ 'mail_from_address' ] = 'administrator' ; # just the local part, matches our master administrator address
2015-08-30 21:14:00 +00:00
2016-04-13 21:52:13 +00:00
\$ CONFIG[ 'logtimezone' ] = '$TIMEZONE' ;
2016-06-26 12:17:12 +00:00
\$ CONFIG[ 'logdateformat' ] = 'Y-m-d H:i:s' ;
2016-04-13 21:52:13 +00:00
2017-05-08 11:23:59 +00:00
\$ CONFIG[ 'mail_domain' ] = '$PRIMARY_HOSTNAME' ;
2017-05-06 12:18:50 +00:00
2015-08-16 23:46:23 +00:00
echo "<?php\n\\\$CONFIG = " ;
var_export( \$ CONFIG) ;
echo ";" ;
?>
EOF
chown www-data.www-data $STORAGE_ROOT /owncloud/config.php
2017-04-02 09:19:21 +00:00
# Enable/disable apps. Note that this must be done after the Nextcloud setup.
2014-08-15 23:07:20 +00:00
# The firstrunwizard gave Josh all sorts of problems, so disabling that.
2017-04-02 09:19:21 +00:00
# user_external is what allows Nextcloud to use IMAP for login. The contacts
2015-02-12 19:53:17 +00:00
# and calendar apps are the extensions we really care about here.
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:disable firstrunwizard
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:enable user_external
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:enable contacts
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:enable calendar
2014-08-15 23:07:20 +00:00
2015-07-19 13:05:04 +00:00
# When upgrading, run the upgrade script again now that apps are enabled. It seems like
# the first upgrade at the top won't work because apps may be disabled during upgrade?
# Check for success (0=ok, 3=no upgrade needed).
sudo -u www-data php /usr/local/lib/owncloud/occ upgrade
if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ] ; then exit 1; fi
2015-07-17 11:29:28 +00:00
2014-08-12 12:00:28 +00:00
# Set PHP FPM values to support large file uploads
2014-08-15 22:29:05 +00:00
# (semicolon is the comment character in this file, hashes produce deprecation warnings)
2018-08-24 12:46:08 +00:00
tools/editconf.py /etc/php/7.2/fpm/php.ini -c ';' \
2014-08-12 12:00:28 +00:00
upload_max_filesize = 16G \
post_max_size = 16G \
output_buffering = 16384 \
2014-08-13 05:30:32 +00:00
memory_limit = 512M \
max_execution_time = 600 \
short_open_tag = On
2014-08-12 12:00:28 +00:00
2017-07-10 20:56:59 +00:00
# Set Nextcloud recommended opcache settings
2018-08-24 12:46:08 +00:00
tools/editconf.py /etc/php/7.2/cli/conf.d/10-opcache.ini -c ';' \
2017-07-10 20:56:59 +00:00
opcache.enable= 1 \
opcache.enable_cli= 1 \
opcache.interned_strings_buffer= 8 \
opcache.max_accelerated_files= 10000 \
opcache.memory_consumption= 128 \
opcache.save_comments= 1 \
opcache.revalidate_freq= 1
# Configure the path environment for php-fpm
2018-08-24 12:46:08 +00:00
tools/editconf.py /etc/php/7.2/fpm/pool.d/www.conf -c ';' \
2018-07-07 18:41:41 +00:00
env[ PATH] = /usr/local/bin:/usr/bin:/bin
2017-07-10 20:56:59 +00:00
2016-10-24 11:59:34 +00:00
# If apc is explicitly disabled we need to enable it
2018-08-24 12:46:08 +00:00
if grep -q apc.enabled= 0 /etc/php/7.2/mods-available/apcu.ini; then
tools/editconf.py /etc/php/7.2/mods-available/apcu.ini -c ';' \
2016-10-24 11:59:34 +00:00
apc.enabled= 1
fi
2017-04-02 09:19:21 +00:00
# Set up a cron job for Nextcloud.
2014-08-16 13:00:36 +00:00
cat > /etc/cron.hourly/mailinabox-owncloud << EOF;
#!/bin/bash
# Mail-in-a-Box
sudo -u www-data php -f /usr/local/lib/owncloud/cron.php
EOF
chmod +x /etc/cron.hourly/mailinabox-owncloud
2014-08-12 07:24:49 +00:00
2017-04-02 09:19:21 +00:00
# There's nothing much of interest that a user could do as an admin for Nextcloud,
# and there's a lot they could mess up, so we don't make any users admins of Nextcloud.
2014-09-21 20:05:11 +00:00
# But if we wanted to, we would do this:
# ```
# for user in $(tools/mail.py user admins); do
# sqlite3 $STORAGE_ROOT/owncloud/owncloud.db "INSERT OR IGNORE INTO oc_group_user VALUES ('admin', '$user')"
# done
# ```
2014-08-16 12:59:29 +00:00
2014-09-21 20:05:11 +00:00
# Enable PHP modules and restart PHP.
2018-08-24 12:46:08 +00:00
restart_service php7.2-fpm