Initial Commit

Initial Commit

conf/nginx-nextcloud.conf

@@ -0,0 +1,49 @@
+	# Nextcloud configuration.
+	rewrite ^/cloud$ /cloud/ redirect;
+	rewrite ^/cloud/$ /cloud/index.php;
+	rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
+	rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
+	rewrite ^(/cloud/oc[sm]-provider)/$ $1/index.php redirect;
+	location /cloud/ {
+		alias /usr/local/lib/owncloud/;
+		location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ {
+			deny all;
+		}
+		location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) {
+			deny all;
+		}
+		# Enable paths for service and cloud federation discovery
+		# Resolves warning in Nextcloud Settings panel
+		location ~ ^/cloud/(oc[sm]-provider)?/([^/]+\.php)$ {
+			index index.php;
+			include fastcgi_params;
+			fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$1/$2;
+			fastcgi_pass php-fpm;
+		}
+	}
+	location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ {
+		# note: ~ has precendence over a regular location block
+		# Accept URLs like:
+		# /cloud/index.php/apps/files/
+		# /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d)
+		# /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240)
+		# /cloud/remote.php/webdav/yourfilehere...
+		include fastcgi_params;
+		fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;
+		fastcgi_param SCRIPT_NAME $1$2;
+		fastcgi_param PATH_INFO $3;
+		fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
+		fastcgi_param MOD_X_ACCEL_REDIRECT_PREFIX /owncloud-xaccel;
+		fastcgi_read_timeout 630;
+		fastcgi_pass php-fpm;
+		client_max_body_size 1G;
+		fastcgi_buffers 64 4K;
+	}
+	location ^~ /owncloud-xaccel/ {
+		# This directory is for MOD_X_ACCEL_REDIRECT_ENABLED. Nextcloud sends the full file
+		# path on disk as a subdirectory under this virtual path.
+		# We must only allow 'internal' redirects within nginx so that the filesystem
+		# is not exposed to the world.
+		internal;
+		alias /;
+	}

conf/nginx-primaryonly.conf

@@ -14,55 +14,7 @@
 		add_header Content-Security-Policy "frame-ancestors 'none';";
 	}
 
-	# Nextcloud configuration.
-	rewrite ^/cloud$ /cloud/ redirect;
-	rewrite ^/cloud/$ /cloud/index.php;
-	rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
-	rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
-	rewrite ^(/cloud/oc[sm]-provider)/$ $1/index.php redirect;
-	location /cloud/ {
-		alias /usr/local/lib/owncloud/;
-		location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ {
-			deny all;
-		}
-		location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) {
-			deny all;
-		}
-		# Enable paths for service and cloud federation discovery
-		# Resolves warning in Nextcloud Settings panel
-		location ~ ^/cloud/(oc[sm]-provider)?/([^/]+\.php)$ {
-			index index.php;
-			include fastcgi_params;
-			fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$1/$2;
-			fastcgi_pass php-fpm;
-		}
-	}
-	location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ {
-		# note: ~ has precendence over a regular location block
-		# Accept URLs like:
-		# /cloud/index.php/apps/files/
-		# /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d)
-		# /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240)
-		# /cloud/remote.php/webdav/yourfilehere...
-		include fastcgi_params;
-		fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;
-		fastcgi_param SCRIPT_NAME $1$2;
-		fastcgi_param PATH_INFO $3;
-		fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
-		fastcgi_param MOD_X_ACCEL_REDIRECT_PREFIX /owncloud-xaccel;
-		fastcgi_read_timeout 630;
-		fastcgi_pass php-fpm;
-		client_max_body_size 1G;
-		fastcgi_buffers 64 4K;
-	}
-	location ^~ /owncloud-xaccel/ {
-		# This directory is for MOD_X_ACCEL_REDIRECT_ENABLED. Nextcloud sends the full file
-		# path on disk as a subdirectory under this virtual path.
-		# We must only allow 'internal' redirects within nginx so that the filesystem
-		# is not exposed to the world.
-		internal;
-		alias /;
-	}
+
 	location ~ ^/((caldav|carddav|webdav).*)$ {
 		# Z-Push doesn't like getting a redirect, and a plain rewrite didn't work either.
 		# Properly proxying like this seems to work fine.

management/web_update.py

@@ -83,9 +83,14 @@ def do_web_update(env):
 	template1 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-alldomains.conf")).read()
 	template2 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-primaryonly.conf")).read()
 	template3 = "\trewrite ^(.*) https://$REDIRECT_DOMAIN$1 permanent;\n"
+	template4 = open(os.path.join(os.path.dirname(__file__), "../conf/nginx-nextcloud.conf")).read()
 
 	# Add the PRIMARY_HOST configuration first so it becomes nginx's default server.
-	nginx_conf += make_domain_config(env['PRIMARY_HOSTNAME'], [template0, template1, template2], ssl_certificates, env)
+	# If DAV_HOSTNAME and PRIMARY_HOSTNAME differ, exclude the Nextcloud configuration from the nginx configuration
+	if env['PRIMARY_HOSTNAME' == env'DAV_HOSTNAME']:
+		nginx_conf += make_domain_config(env['PRIMARY_HOSTNAME'], [template0, template1, template2, template4], ssl_certificates, env)
+	else
+		nginx_conf += make_domain_config(env['PRIMARY_HOSTNAME'], [template0, template1, template2], ssl_certificates, env)
 
 	# Add configuration all other web domains.
 	has_root_proxy_or_redirect = get_web_domains_with_root_overrides(env)

setup/questions.sh

@@ -83,6 +83,15 @@ address, so we're suggesting $DEFAULT_PRIMARY_HOSTNAME.
 	fi
 fi
 
+
+# Are we running an external CalDAV and CardDAV server?  This will default the variable NC_HOSTNAME to
+# PRIMARY_HOSTNAME unless it is changed. If change, Nextcloud installation is omitted from this setup script
+    input_box "External Cal/CardDAV server" \
+"Are you using an external server for CalDAV and CardDAV (Nextcloud), if so, enter the FQDN of the server. \
+IMPORTANT: Changing this from the default will omit the installation of Nextcloud on this system."
+    $PRIMARY_HOSTNAME \
+    DAV_HOSTNAME
+
 # If the machine is behind a NAT, inside a VM, etc., it may not know
 # its IP address on the public network / the Internet. Ask the Internet
 # and possibly confirm with user.

setup/start.sh

@@ -90,6 +90,7 @@ cat > /etc/mailinabox.conf << EOF;
 STORAGE_USER=$STORAGE_USER
 STORAGE_ROOT=$STORAGE_ROOT
 PRIMARY_HOSTNAME=$PRIMARY_HOSTNAME
+DAV_HOSTNAME=$DAV_HOSTNAME
 PUBLIC_IP=$PUBLIC_IP
 PUBLIC_IPV6=$PUBLIC_IPV6
 PRIVATE_IP=$PRIVATE_IP
@@ -108,7 +109,10 @@ source setup/dkim.sh
 source setup/spamassassin.sh
 source setup/web.sh
 source setup/webmail.sh
-source setup/nextcloud.sh
+# If DAV server hostname is differs from this machine, omit Nextcloud installation
+if [ $DAV_HOSTNAME == $PRIMARY_HOSTNAME]; then
+    source setup/nextcloud.sh
+fi
 source setup/zpush.sh
 source setup/management.sh
 source setup/munin.sh

setup/zpush.sh

@@ -72,6 +72,12 @@ cp conf/zpush/backend_carddav.php /usr/local/lib/z-push/backend/carddav/config.p
 rm -f /usr/local/lib/z-push/backend/caldav/config.php
 cp conf/zpush/backend_caldav.php /usr/local/lib/z-push/backend/caldav/config.php
 
+# If user entered an external DAV server, update the Z-Push DAV service configurations with the server name
+if [ $DAV_HOSTNAME != $PRIMARY_HOSTNAME ]; then
+    sed -i "s/127.0.0.1/$DAV_HOSTNAME/" /usr/local/lib/z-push/backend/carddav/config.php
+    sed -i "s/127.0.0.1/$DAV_HOSTNAME/" /usr/local/lib/z-push/backend/caldav/config.php
+fi
+
 # Configure Autodiscover
 rm -f /usr/local/lib/z-push/autodiscover/config.php
 cp conf/zpush/autodiscover_config.php /usr/local/lib/z-push/autodiscover/config.php