From d9629caab7964ea2e3dd6b47b0ce2aff49b0fa61 Mon Sep 17 00:00:00 2001
From: Jan van de Wijdeven <jan@paranoidandroid>
Date: Sun, 11 Apr 2021 23:09:41 +0200
Subject: [PATCH] Fixes for 20.04 version

---
 setup/geoiptoolssetup.sh | 30 ++++++++++++++++++++++++------
 setup/nextcloud.sh       |  2 +-
 setup/start.sh           |  2 +-
 setup/system.sh          | 14 +++++++++-----
 setup/web.sh             |  2 +-
 5 files changed, 36 insertions(+), 14 deletions(-)

diff --git a/setup/geoiptoolssetup.sh b/setup/geoiptoolssetup.sh
index 6e01a880..5bc6514a 100644
--- a/setup/geoiptoolssetup.sh
+++ b/setup/geoiptoolssetup.sh
@@ -2,9 +2,6 @@ source setup/functions.sh
 
 echo Installing geoip packages...
 
-# Install some packages
-apt_install geoip-database-extra libgeoip1 libnginx-mod-http-geoip
-
 # geo ip filtering of ssh entries, based on https://www.axllent.org/docs/ssh-geoip/#disqus_thread
 
 # Install geo ip lookup tool
@@ -21,6 +18,7 @@ fi
 
 # Install geo ip filter script
 cp -f setup/geoipfilter.sh /usr/local/bin/
+chmod +x /usr/local/bin/geoipfilter.sh
 
 # Install only if not yet exists, to keep user config
 if [ ! -f /etc/geoiplookup.conf ]; then
@@ -60,7 +58,7 @@ hide_output wget -P /usr/share/GeoIP/ https://dl.miyuru.lk/geoip/maxmind/country
 if [ -f "/usr/share/GeoIP/maxmind.dat.gz" ]; then
     gunzip -c /usr/share/GeoIP/maxmind.dat.gz > /usr/share/GeoIP/GeoIP.dat
 else
-    echo Did not correctly download maxmind geoip database
+    echo Did not correctly download maxmind geoip country database
 fi
 
 # If new file is not created, move the old file back
@@ -72,5 +70,25 @@ if [ ! -f "/usr/share/GeoIP/GeoIP.dat" ]; then
     fi
 fi
 
-# Restart nginx
-restart_service nginx
+# Move old file away if it exists
+if [ -f "/usr/share/GeoIP/GeoIPCity.dat" ]; then
+    mv -f /usr/share/GeoIP/GeoIPCity.dat /usr/share/GeoIP/GeoIPCity.dat.bak
+fi
+
+hide_output wget -P /usr/share/GeoIP/ https://dl.miyuru.lk/geoip/maxmind/city/maxmind.dat.gz
+
+if [ -f "/usr/share/GeoIP/maxmind.dat.gz" ]; then
+    gunzip -c /usr/share/GeoIP/maxmind.dat.gz > /usr/share/GeoIP/GeoIPCity.dat
+else
+    echo Did not correctly download maxmind geoip city database
+fi
+
+# If new file is not created, move the old file back
+if [ ! -f "/usr/share/GeoIP/GeoIPCity.dat" ]; then
+    echo GeoIPCity.dat was not created
+    
+    if [ -f "/usr/share/GeoIP/GeoIPCity.dat.bak" ]; then
+        mv /usr/share/GeoIP/GeoIPCity.dat.bak /usr/share/GeoIP/GeoIPCity.dat
+    fi
+fi
+
diff --git a/setup/nextcloud.sh b/setup/nextcloud.sh
index 1617d33c..103cf7df 100755
--- a/setup/nextcloud.sh
+++ b/setup/nextcloud.sh
@@ -43,7 +43,7 @@ InstallNextcloud() {
 	rm -f /tmp/nextcloud.zip
 
 	# Empty the skeleton dir to save some space for each new user
-	rm -f /usr/local/lib/owncloud/core/skeleton/*
+	rm -rf /usr/local/lib/owncloud/core/skeleton/*
 
 	# The two apps we actually want are not in Nextcloud core. Download the releases from
 	# their github repositories.
diff --git a/setup/start.sh b/setup/start.sh
index 6f6cf309..a45be156 100755
--- a/setup/start.sh
+++ b/setup/start.sh
@@ -105,6 +105,7 @@ EOF
 
 # Start service configuration.
 source setup/system.sh
+source setup/geoiptoolssetup.sh
 source setup/ssl.sh
 source setup/dns.sh
 source setup/mail-postfix.sh
@@ -118,7 +119,6 @@ source setup/nextcloud.sh
 #source setup/zpush.sh
 source setup/management.sh
 source setup/munin.sh
-source setup/geoiptoolssetup.sh
 source setup/additionals.sh
 
 # Wait for the management daemon to start...
diff --git a/setup/system.sh b/setup/system.sh
index 137919e4..80b954b5 100755
--- a/setup/system.sh
+++ b/setup/system.sh
@@ -244,14 +244,13 @@ if [ -z "${DISABLE_FIREWALL:-}" ]; then
 	# too. #NODOC
 	SSH_PORT=$(sshd -T 2>/dev/null | grep "^port " | sed "s/port //") #NODOC
 	if [ ! -z "$SSH_PORT" ]; then
-	if [ "$SSH_PORT" != "22" ]; then
-
-	echo Opening alternate SSH port $SSH_PORT. #NODOC
-	ufw_limit $SSH_PORT #NODOC
+		if [ "$SSH_PORT" != "22" ]; then
+			echo Opening alternate SSH port $SSH_PORT. #NODOC
+			ufw_limit $SSH_PORT #NODOC
 		else
 			# Allow incoming connections to SSH.
 			ufw_limit ssh;
-	fi
+		fi
 	else
 		# Allow incoming connections to SSH.
 		ufw_limit ssh;
@@ -314,6 +313,11 @@ if ! grep -q "listen-on " /etc/bind/named.conf.options; then
 	# Add a listen-on directive if it doesn't exist inside the options block.
 	sed -i "s/^}/\n\tlisten-on { 127.0.0.1; };\n}/" /etc/bind/named.conf.options
 fi
+if ! grep -q "listen-on-v6 " /etc/bind/named.conf.options; then
+	# Add a listen-on-v6 directive if it doesn't exist inside the options block.
+	sed -i "s/^}/\n\tlisten-on-v6 { ::1; };\n}/" /etc/bind/named.conf.options
+fi
+
 if ! grep -q "max-recursion-queries " /etc/bind/named.conf.options; then
 	# Add a max-recursion-queries directive if it doesn't exist inside the options block.
 	sed -i "s/^}/\n\tmax-recursion-queries 100;\n}/" /etc/bind/named.conf.options
diff --git a/setup/web.sh b/setup/web.sh
index d3bda6f7..87958c26 100755
--- a/setup/web.sh
+++ b/setup/web.sh
@@ -19,7 +19,7 @@ fi
 
 echo "Installing Nginx (web server)..."
 
-apt_install nginx php-cli php-fpm idn2
+apt_install nginx php-cli php-fpm idn2 libnginx-mod-http-geoip
 
 rm -f /etc/nginx/sites-enabled/default