mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-11-24 02:37:05 +00:00
Rename ownCloud to Nextcloud in safe places
e.g. code comments and user-facing prompts/outputs which can be safely changed without risking to break anything
This commit is contained in:
parent
bb641cdfba
commit
48e0f39179
@ -28,7 +28,7 @@ It is a one-click email appliance. There are no user-configurable setup options.
|
|||||||
|
|
||||||
The components installed are:
|
The components installed are:
|
||||||
|
|
||||||
* SMTP ([postfix](http://www.postfix.org/)), IMAP ([dovecot](http://dovecot.org/)), CardDAV/CalDAV ([ownCloud](https://owncloud.org/)), Exchange ActiveSync ([z-push](https://github.com/fmbiete/Z-Push-contrib))
|
* SMTP ([postfix](http://www.postfix.org/)), IMAP ([dovecot](http://dovecot.org/)), CardDAV/CalDAV ([Nextcloud](https://nextcloud.com/)), Exchange ActiveSync ([z-push](https://github.com/fmbiete/Z-Push-contrib))
|
||||||
* Webmail ([Roundcube](http://roundcube.net/)), static website hosting ([nginx](http://nginx.org/))
|
* Webmail ([Roundcube](http://roundcube.net/)), static website hosting ([nginx](http://nginx.org/))
|
||||||
* Spam filtering ([spamassassin](https://spamassassin.apache.org/)), greylisting ([postgrey](http://postgrey.schweikert.ch/))
|
* Spam filtering ([spamassassin](https://spamassassin.apache.org/)), greylisting ([postgrey](http://postgrey.schweikert.ch/))
|
||||||
* DNS ([nsd4](https://www.nlnetlabs.nl/projects/nsd/)) with [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework), DKIM ([OpenDKIM](http://www.opendkim.org/)), [DMARC](https://en.wikipedia.org/wiki/DMARC), [DNSSEC](https://en.wikipedia.org/wiki/DNSSEC), [DANE TLSA](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities), and [SSHFP](https://tools.ietf.org/html/rfc4255) records automatically set
|
* DNS ([nsd4](https://www.nlnetlabs.nl/projects/nsd/)) with [SPF](https://en.wikipedia.org/wiki/Sender_Policy_Framework), DKIM ([OpenDKIM](http://www.opendkim.org/)), [DMARC](https://en.wikipedia.org/wiki/DMARC), [DNSSEC](https://en.wikipedia.org/wiki/DNSSEC), [DANE TLSA](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities), and [SSHFP](https://tools.ietf.org/html/rfc4255) records automatically set
|
||||||
|
@ -70,7 +70,7 @@
|
|||||||
# takes precedence over all non-regex matches and only regex matches that
|
# takes precedence over all non-regex matches and only regex matches that
|
||||||
# come after it (i.e. none of those, since this is the last one.) That means
|
# come after it (i.e. none of those, since this is the last one.) That means
|
||||||
# we're blocking dotfiles in the static hosted sites but not the FastCGI-
|
# we're blocking dotfiles in the static hosted sites but not the FastCGI-
|
||||||
# handled locations for ownCloud (which serves user-uploaded files that might
|
# handled locations for Nextcloud (which serves user-uploaded files that might
|
||||||
# have this pattern, see #414) or some of the other services.
|
# have this pattern, see #414) or some of the other services.
|
||||||
location ~ /\.(ht|svn|git|hg|bzr) {
|
location ~ /\.(ht|svn|git|hg|bzr) {
|
||||||
log_not_found off;
|
log_not_found off;
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
add_header Strict-Transport-Security max-age=31536000;
|
add_header Strict-Transport-Security max-age=31536000;
|
||||||
}
|
}
|
||||||
|
|
||||||
# ownCloud configuration.
|
# Nextcloud configuration.
|
||||||
rewrite ^/cloud$ /cloud/ redirect;
|
rewrite ^/cloud$ /cloud/ redirect;
|
||||||
rewrite ^/cloud/$ /cloud/index.php;
|
rewrite ^/cloud/$ /cloud/index.php;
|
||||||
rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
|
rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
|
||||||
@ -47,7 +47,7 @@
|
|||||||
fastcgi_buffers 64 4K;
|
fastcgi_buffers 64 4K;
|
||||||
}
|
}
|
||||||
location ^~ /owncloud-xaccel/ {
|
location ^~ /owncloud-xaccel/ {
|
||||||
# This directory is for MOD_X_ACCEL_REDIRECT_ENABLED. ownCloud sends the full file
|
# This directory is for MOD_X_ACCEL_REDIRECT_ENABLED. Nextcloud sends the full file
|
||||||
# path on disk as a subdirectory under this virtual path.
|
# path on disk as a subdirectory under this virtual path.
|
||||||
# We must only allow 'internal' redirects within nginx so that the filesystem
|
# We must only allow 'internal' redirects within nginx so that the filesystem
|
||||||
# is not exposed to the world.
|
# is not exposed to the world.
|
||||||
|
@ -17,7 +17,7 @@ define('CARDDAV_CONTACTS_FOLDER_NAME', '%u Addressbook');
|
|||||||
define('CARDDAV_SUPPORTS_SYNC', false);
|
define('CARDDAV_SUPPORTS_SYNC', false);
|
||||||
|
|
||||||
// If the CardDAV server supports the FN attribute for searches
|
// If the CardDAV server supports the FN attribute for searches
|
||||||
// DAViCal supports it, but SabreDav, Owncloud and SOGo don't
|
// DAViCal supports it, but SabreDav, Nextcloud and SOGo don't
|
||||||
// Setting this to true will search by FN. If false will search by sn, givenName and email
|
// Setting this to true will search by FN. If false will search by sn, givenName and email
|
||||||
// It's safe to leave it as false
|
// It's safe to leave it as false
|
||||||
define('CARDDAV_SUPPORTS_FN_SEARCH', false);
|
define('CARDDAV_SUPPORTS_FN_SEARCH', false);
|
||||||
|
@ -73,7 +73,7 @@ If DNSSEC is enabled at the box's domain name's registrar, the SSHFP record that
|
|||||||
|
|
||||||
`fail2ban` provides some protection from brute-force login attacks (repeated logins that guess account passwords) by blocking offending IP addresses at the network level.
|
`fail2ban` provides some protection from brute-force login attacks (repeated logins that guess account passwords) by blocking offending IP addresses at the network level.
|
||||||
|
|
||||||
The following services are protected: SSH, IMAP (dovecot), SMTP submission (postfix), webmail (roundcube), ownCloud/CalDAV/CardDAV (over HTTP), and the Mail-in-a-Box control panel & munin (over HTTP).
|
The following services are protected: SSH, IMAP (dovecot), SMTP submission (postfix), webmail (roundcube), Nextcloud/CalDAV/CardDAV (over HTTP), and the Mail-in-a-Box control panel & munin (over HTTP).
|
||||||
|
|
||||||
Some other services running on the box may be missing fail2ban filters.
|
Some other services running on the box may be missing fail2ban filters.
|
||||||
|
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Owncloud
|
# Nextcloud
|
||||||
##########################
|
##########################
|
||||||
|
|
||||||
source setup/functions.sh # load our functions
|
source setup/functions.sh # load our functions
|
||||||
source /etc/mailinabox.conf # load global vars
|
source /etc/mailinabox.conf # load global vars
|
||||||
|
|
||||||
# ### Installing ownCloud
|
# ### Installing Nextcloud
|
||||||
|
|
||||||
echo "Installing Nextcloud (contacts/calendar)..."
|
echo "Installing Nextcloud (contacts/calendar)..."
|
||||||
|
|
||||||
@ -38,7 +38,7 @@ InstallOwncloud() {
|
|||||||
echo "Upgrading to $flavor version $version"
|
echo "Upgrading to $flavor version $version"
|
||||||
echo
|
echo
|
||||||
|
|
||||||
# Remove the current owncloud
|
# Remove the current owncloud/Nextcloud
|
||||||
rm -rf /usr/local/lib/owncloud
|
rm -rf /usr/local/lib/owncloud
|
||||||
|
|
||||||
# Download and verify
|
# Download and verify
|
||||||
@ -48,14 +48,14 @@ InstallOwncloud() {
|
|||||||
wget_verify https://download.owncloud.org/community/owncloud-$version.zip $hash /tmp/owncloud.zip
|
wget_verify https://download.owncloud.org/community/owncloud-$version.zip $hash /tmp/owncloud.zip
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Extract ownCloud
|
# Extract ownCloud/Nextcloud
|
||||||
unzip -q /tmp/owncloud.zip -d /usr/local/lib
|
unzip -q /tmp/owncloud.zip -d /usr/local/lib
|
||||||
if [ "$flavor" = "Nextcloud" ]; then
|
if [ "$flavor" = "Nextcloud" ]; then
|
||||||
mv /usr/local/lib/nextcloud /usr/local/lib/owncloud
|
mv /usr/local/lib/nextcloud /usr/local/lib/owncloud
|
||||||
fi
|
fi
|
||||||
rm -f /tmp/owncloud.zip
|
rm -f /tmp/owncloud.zip
|
||||||
|
|
||||||
# The two apps we actually want are not in ownCloud core. Download the releases from
|
# The two apps we actually want are not in Nextcloud core. Download the releases from
|
||||||
# their github repositories.
|
# their github repositories.
|
||||||
mkdir -p /usr/local/lib/owncloud/apps
|
mkdir -p /usr/local/lib/owncloud/apps
|
||||||
|
|
||||||
@ -109,14 +109,14 @@ owncloud_ver=10.0.4
|
|||||||
owncloud_hash=346590278a5cc7b0a3c8d1a68eafec68ac59c475
|
owncloud_hash=346590278a5cc7b0a3c8d1a68eafec68ac59c475
|
||||||
owncloud_flavor=Nextcloud
|
owncloud_flavor=Nextcloud
|
||||||
|
|
||||||
# Check if ownCloud dir exist, and check if version matches owncloud_ver (if either doesn't - install/upgrade)
|
# Check if Nextcloud dir exist, and check if version matches owncloud_ver (if either doesn't - install/upgrade)
|
||||||
if [ ! -d /usr/local/lib/owncloud/ ] \
|
if [ ! -d /usr/local/lib/owncloud/ ] \
|
||||||
|| ! grep -q $owncloud_ver /usr/local/lib/owncloud/version.php; then
|
|| ! grep -q $owncloud_ver /usr/local/lib/owncloud/version.php; then
|
||||||
|
|
||||||
# Stop php-fpm
|
# Stop php-fpm
|
||||||
hide_output service php5-fpm stop
|
hide_output service php5-fpm stop
|
||||||
|
|
||||||
# Backup the existing ownCloud.
|
# Backup the existing ownCloud/Nextcloud.
|
||||||
# Create a backup directory to store the current installation and database to
|
# Create a backup directory to store the current installation and database to
|
||||||
BACKUP_DIRECTORY=$STORAGE_ROOT/owncloud-backup/`date +"%Y-%m-%d-%T"`
|
BACKUP_DIRECTORY=$STORAGE_ROOT/owncloud-backup/`date +"%Y-%m-%d-%T"`
|
||||||
mkdir -p "$BACKUP_DIRECTORY"
|
mkdir -p "$BACKUP_DIRECTORY"
|
||||||
@ -131,7 +131,7 @@ if [ ! -d /usr/local/lib/owncloud/ ] \
|
|||||||
cp /home/user-data/owncloud/config.php $BACKUP_DIRECTORY
|
cp /home/user-data/owncloud/config.php $BACKUP_DIRECTORY
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# We only need to check if we do upgrades when owncloud was previously installed
|
# We only need to check if we do upgrades when owncloud/Nextcloud was previously installed
|
||||||
if [ -e /usr/local/lib/owncloud/version.php ]; then
|
if [ -e /usr/local/lib/owncloud/version.php ]; then
|
||||||
if grep -q "8\.1\.[0-9]" /usr/local/lib/owncloud/version.php; then
|
if grep -q "8\.1\.[0-9]" /usr/local/lib/owncloud/version.php; then
|
||||||
echo "We are running 8.1.x, upgrading to 8.2.3 first"
|
echo "We are running 8.1.x, upgrading to 8.2.3 first"
|
||||||
@ -184,9 +184,9 @@ EOF
|
|||||||
InstallOwncloud $owncloud_ver $owncloud_hash Nextcloud
|
InstallOwncloud $owncloud_ver $owncloud_hash Nextcloud
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# ### Configuring ownCloud
|
# ### Configuring Nextcloud
|
||||||
|
|
||||||
# Setup ownCloud if the ownCloud database does not yet exist. Running setup when
|
# Setup Nextcloud if the Nextcloud database does not yet exist. Running setup when
|
||||||
# the database does exist wipes the database and user data.
|
# the database does exist wipes the database and user data.
|
||||||
if [ ! -f $STORAGE_ROOT/owncloud/owncloud.db ]; then
|
if [ ! -f $STORAGE_ROOT/owncloud/owncloud.db ]; then
|
||||||
# Create user data directory
|
# Create user data directory
|
||||||
@ -201,7 +201,7 @@ if [ ! -f $STORAGE_ROOT/owncloud/owncloud.db ]; then
|
|||||||
|
|
||||||
'instanceid' => '$instanceid',
|
'instanceid' => '$instanceid',
|
||||||
|
|
||||||
'forcessl' => true, # if unset/false, ownCloud sends a HSTS=0 header, which conflicts with nginx config
|
'forcessl' => true, # if unset/false, Nextcloud sends a HSTS=0 header, which conflicts with nginx config
|
||||||
|
|
||||||
'overwritewebroot' => '/cloud',
|
'overwritewebroot' => '/cloud',
|
||||||
'overwrite.cli.url' => '/cloud',
|
'overwrite.cli.url' => '/cloud',
|
||||||
@ -238,7 +238,7 @@ EOF
|
|||||||
'dbtype' => 'sqlite3',
|
'dbtype' => 'sqlite3',
|
||||||
|
|
||||||
# create an administrator account with a random password so that
|
# create an administrator account with a random password so that
|
||||||
# the user does not have to enter anything on first load of ownCloud
|
# the user does not have to enter anything on first load of Nextcloud
|
||||||
'adminlogin' => 'root',
|
'adminlogin' => 'root',
|
||||||
'adminpass' => '$adminpassword',
|
'adminpass' => '$adminpassword',
|
||||||
);
|
);
|
||||||
@ -248,7 +248,7 @@ EOF
|
|||||||
# Set permissions
|
# Set permissions
|
||||||
chown -R www-data.www-data $STORAGE_ROOT/owncloud /usr/local/lib/owncloud
|
chown -R www-data.www-data $STORAGE_ROOT/owncloud /usr/local/lib/owncloud
|
||||||
|
|
||||||
# Execute ownCloud's setup step, which creates the ownCloud sqlite database.
|
# Execute Nextcloud's setup step, which creates the Nextcloud sqlite database.
|
||||||
# It also wipes it if it exists. And it updates config.php with database
|
# It also wipes it if it exists. And it updates config.php with database
|
||||||
# settings and deletes the autoconfig.php file.
|
# settings and deletes the autoconfig.php file.
|
||||||
(cd /usr/local/lib/owncloud; sudo -u www-data php /usr/local/lib/owncloud/index.php;)
|
(cd /usr/local/lib/owncloud; sudo -u www-data php /usr/local/lib/owncloud/index.php;)
|
||||||
@ -285,9 +285,9 @@ echo ";";
|
|||||||
EOF
|
EOF
|
||||||
chown www-data.www-data $STORAGE_ROOT/owncloud/config.php
|
chown www-data.www-data $STORAGE_ROOT/owncloud/config.php
|
||||||
|
|
||||||
# Enable/disable apps. Note that this must be done after the ownCloud setup.
|
# Enable/disable apps. Note that this must be done after the Nextcloud setup.
|
||||||
# The firstrunwizard gave Josh all sorts of problems, so disabling that.
|
# The firstrunwizard gave Josh all sorts of problems, so disabling that.
|
||||||
# user_external is what allows ownCloud to use IMAP for login. The contacts
|
# user_external is what allows Nextcloud to use IMAP for login. The contacts
|
||||||
# and calendar apps are the extensions we really care about here.
|
# and calendar apps are the extensions we really care about here.
|
||||||
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:disable firstrunwizard
|
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:disable firstrunwizard
|
||||||
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:enable user_external
|
hide_output sudo -u www-data php /usr/local/lib/owncloud/console.php app:enable user_external
|
||||||
@ -316,7 +316,7 @@ if grep -q apc.enabled=0 /etc/php5/mods-available/apcu.ini; then
|
|||||||
apc.enabled=1
|
apc.enabled=1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Set up a cron job for owncloud.
|
# Set up a cron job for Nextcloud.
|
||||||
cat > /etc/cron.hourly/mailinabox-owncloud << EOF;
|
cat > /etc/cron.hourly/mailinabox-owncloud << EOF;
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Mail-in-a-Box
|
# Mail-in-a-Box
|
||||||
@ -324,8 +324,8 @@ sudo -u www-data php -f /usr/local/lib/owncloud/cron.php
|
|||||||
EOF
|
EOF
|
||||||
chmod +x /etc/cron.hourly/mailinabox-owncloud
|
chmod +x /etc/cron.hourly/mailinabox-owncloud
|
||||||
|
|
||||||
# There's nothing much of interest that a user could do as an admin for ownCloud,
|
# There's nothing much of interest that a user could do as an admin for Nextcloud,
|
||||||
# and there's a lot they could mess up, so we don't make any users admins of ownCloud.
|
# and there's a lot they could mess up, so we don't make any users admins of Nextcloud.
|
||||||
# But if we wanted to, we would do this:
|
# But if we wanted to, we would do this:
|
||||||
# ```
|
# ```
|
||||||
# for user in $(tools/mail.py user admins); do
|
# for user in $(tools/mail.py user admins); do
|
||||||
|
@ -28,9 +28,9 @@ fi
|
|||||||
echo "Restoring backup from $1"
|
echo "Restoring backup from $1"
|
||||||
service php5-fpm stop
|
service php5-fpm stop
|
||||||
|
|
||||||
# remove the current owncloud installation
|
# remove the current ownCloud/Nextcloud installation
|
||||||
rm -rf /usr/local/lib/owncloud/
|
rm -rf /usr/local/lib/owncloud/
|
||||||
# restore the current owncloud application
|
# restore the current ownCloud/Nextcloud application
|
||||||
cp -r "$1/owncloud-install" /usr/local/lib/owncloud
|
cp -r "$1/owncloud-install" /usr/local/lib/owncloud
|
||||||
|
|
||||||
# restore access rights
|
# restore access rights
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
#
|
#
|
||||||
# This script will give you administrative access to the ownCloud
|
# This script will give you administrative access to the Nextcloud
|
||||||
# instance running here.
|
# instance running here.
|
||||||
#
|
#
|
||||||
# Run this at your own risk. This is for testing & experimentation
|
# Run this at your own risk. This is for testing & experimentation
|
||||||
@ -14,7 +14,7 @@ test -z "$1" || ADMIN=$1
|
|||||||
echo I am going to unlock admin features for $ADMIN.
|
echo I am going to unlock admin features for $ADMIN.
|
||||||
echo You can provide another user to unlock as the first argument of this script.
|
echo You can provide another user to unlock as the first argument of this script.
|
||||||
echo
|
echo
|
||||||
echo WARNING: you could break mail-in-a-box when fiddling around with owncloud\'s admin interface
|
echo WARNING: you could break mail-in-a-box when fiddling around with Nextcloud\'s admin interface
|
||||||
echo If in doubt, press CTRL-C to cancel.
|
echo If in doubt, press CTRL-C to cancel.
|
||||||
echo
|
echo
|
||||||
echo Press enter to continue.
|
echo Press enter to continue.
|
||||||
|
Loading…
Reference in New Issue
Block a user