Created
July 1, 2020 16:10
-
-
Save daif/2e4a9960b4299d9e82e264369d47d093 to your computer and use it in GitHub Desktop.
Nextcloud 19 installer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved. | |
| # | |
| # This program is free software; you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by | |
| # the Free Software Foundation; version 2 of the License. | |
| # | |
| # This program is distributed in the hope that it will be useful, | |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| # GNU General Public License for more details. | |
| # | |
| # You should have received a copy of the GNU General Public License | |
| # along with this program; if not, write to the Free Software | |
| # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
| ################################################################## | |
| # | |
| # Project: Nextcloud 19 installer | |
| # Version: 1.0.0 | |
| # Date: 2020-06-30 | |
| # Author: Daif Alazmi <daif@daif.net> | |
| # | |
| ################################################################## | |
| # OS configurations | |
| TIMEZONE='Asia/Riyadh' | |
| USER_USR='nextcloud' | |
| USER_PWD='' | |
| MYSQL_PASS='' | |
| # NextCloud configurations | |
| SITE_URL='nextcloud.daif.net' | |
| DB_NAME='nextcloud' | |
| DB_USER='nextcloud' | |
| DB_PASS='password' | |
| ADMIN_NAME='admin' | |
| ADMIN_PASS='password' | |
| # Prepare variables | |
| SRVR_ADDR=`curl -s -4 ifconfig.co` | |
| SITE_ADDR=`dig +short $SITE_URL` | |
| SERVER_OS=`/usr/bin/lsb_release -ds| awk '{print $1}'` | |
| SERVER_VER=`/usr/bin/lsb_release -ds| awk '{print $2}' | cut -d. -f1,2` | |
| SITE_URL=`sed -E -e 's_.*://([^/@]*@)?([^/:]+).*_\2_' <<< "$SITE_URL"` | |
| CHECK_USR=`id -u $SITE_USR 2>/dev/null || echo -1` | |
| CHECK_HOST=`cat /etc/hosts | grep ${SITE_URL}` | |
| # Exit if the current user is not root. | |
| [[ $EUID -ne 0 ]] && echo -e "\033[0;31m \n>\n> Error: This script must be run as root! ... \n>\n\033[0m" && exit 1 | |
| # Exit if server ip is not equal site ip. | |
| [[ $SITE_ADDR != $SRVR_ADDR ]] && echo -e "\033[0;31m \n>\n> Error: The server IP ($SRVR_ADDR) is not equal the site ($SITE_URL) IP ($SITE_ADDR)! ... \n>\n\033[0m" && exit 1 | |
| # Exit if server is not Ubuntu 20.04 | |
| [[ $SERVER_OS != 'Ubuntu' || $SERVER_VER != '20.04' ]] && echo -e "\033[0;31m \n>\n> Error: This script required Ubuntu 20.04 ... \n>\n\033[0m" && exit 1 | |
| # Exit if USER_PWD is not set | |
| [[ $USER_PWD == '' ]] && echo -e "\033[0;31m \n>\n> Error: please set USER_PWD ... \n>\n\033[0m" && exit 1 | |
| # Exit if mysql password is not set | |
| [[ $MYSQL_PASS == '' ]] && echo -e "\033[0;31m \n>\n> Error: please set MYSQL_PASS ... \n>\n\033[0m" && exit 1 | |
| # Exit if DB_NAME is not set | |
| [[ $DB_NAME == '' ]] && echo -e "\033[0;31m \n>\n> Error: please set DB_NAME ... \n>\n\033[0m" && exit 1 | |
| # Exit if DB_USER is not set | |
| [[ $DB_USER == '' ]] && echo -e "\033[0;31m \n>\n> Error: please set DB_USER ... \n>\n\033[0m" && exit 1 | |
| # Exit if DB_PASS is not set | |
| [[ $DB_PASS == '' || $DB_PASS = 'password' ]] && echo -e "\033[0;31m \n>\n> Error: please set DB_PASS ... \n>\n\033[0m" && exit 1 | |
| # Exit if ADMIN_NAME is not set | |
| [[ $ADMIN_NAME == '' ]] && echo -e "\033[0;31m \n>\n> Error: please set ADMIN_NAME ... \n>\n\033[0m" && exit 1 | |
| # Exit if ADMIN_PASS is not set | |
| [[ $ADMIN_PASS == '' || $ADMIN_PASS = 'password' ]] && echo -e "\033[0;31m \n>\n> Error: please set ADMIN_PASS ... \n>\n\033[0m" && exit 1 | |
| ################################################################## | |
| # 1 - Updating system | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Updating system packages... \n>\n\033[0m" | |
| apt -y update | |
| apt -y upgrade | |
| apt -y install unzip | |
| apt -y install redis-server | |
| ################################################################## | |
| # 2 - Set timezone | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Setting timezone to ${TIMEZONE}... \n>\n\033[0m" | |
| timedatectl set-timezone ${TIMEZONE} | |
| timedatectl | |
| ################################################################## | |
| # 3 - Creating user | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Creating ${USER_USR} user... \n>\n\033[0m" | |
| useradd -m -s /bin/bash ${USER_USR} | |
| echo ${USER_USR}:${USER_PWD} | chpasswd | |
| echo -e "Done \n" | |
| ################################################################## | |
| # 4 - Installing Apache2 | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Installing Apache2... \n>\n\033[0m" | |
| apt -y install apache2 apache2-utils | |
| ################################################################## | |
| # 5 - Configure Apache2 | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Configure Apache2... \n>\n\033[0m" | |
| a2enmod actions alias rewrite proxy_fcgi fcgid setenvif headers env dir mime | |
| a2dismod -f status autoindex | |
| systemctl restart apache2 | |
| ################################################################## | |
| # 6 - Installing MariaDB | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Installing MariaDB... \n>\n\033[0m" | |
| apt -y install mariadb-server mariadb-client libmysqlclient-dev | |
| ################################################################## | |
| # 7 - Creating database | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Creating database... \n>\n\033[0m" | |
| # create database and user | |
| mysql -e "CREATE DATABASE ${DB_NAME};" | |
| mysql -e "CREATE USER ${DB_USER}@localhost IDENTIFIED BY '${DB_PASS}';" | |
| mysql -e "GRANT ALL ON ${DB_NAME}.* TO '${DB_USER}'@'localhost' with grant option;" | |
| mysql -e "FLUSH PRIVILEGES;" | |
| ################################################################## | |
| # 8 - Securing database | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Securing database... \n>\n\033[0m" | |
| mysql -e "DELETE FROM mysql.user WHERE User='';" | |
| mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" | |
| mysql -e "DROP DATABASE IF EXISTS test;" | |
| mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';" | |
| mysql -e "UPDATE mysql.user SET plugin = 'mysql_native_password' WHERE user = 'root';" | |
| mysql -e "UPDATE mysql.user SET Password=PASSWORD('${MYSQL_PASS}') WHERE User='root';" | |
| mysql -e "FLUSH PRIVILEGES;" | |
| echo -e "Database password = ${MYSQL_PASS} \n" | |
| ################################################################## | |
| # 9 - Installing PHP7.4 | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Installing PHP... \n>\n\033[0m" | |
| apt -y install php7.4-common php7.4-cli php7.4-fpm | |
| ################################################################## | |
| # 10 - Installing PHP7.4 modules | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Installing PHP modules... \n>\n\033[0m" | |
| apt -y install php7.4-mysql php7.4-xml php7.4-xmlrpc php7.4-curl php7.4-gd php7.4-gmp php7.4-dev php7.4-imap | |
| apt -y install php7.4-mbstring php7.4-soap php7.4-zip php7.4-bcmath php7.4-ldap php7.4-json php7.4-intl | |
| apt -y install php-apcu php-imagick php-memcached php-redis | |
| ################################################################## | |
| # 11 - Configure PHP | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Configuring PHP... \n>\n\033[0m" | |
| # enable PHP as fast CGI | |
| a2enconf php7.4-fpm | |
| # create new pool for the user | |
| cat <<EOT > /etc/php/7.4/fpm/pool.d/${USER_USR}.conf | |
| [${USER_USR}] | |
| user = ${USER_USR} | |
| group = ${USER_USR} | |
| listen = /run/php/php7.4-fpm-${USER_USR}.sock | |
| listen.owner = www-data | |
| listen.group = www-data | |
| pm = dynamic | |
| pm.max_children = 120 | |
| pm.start_servers = 12 | |
| pm.min_spare_servers = 6 | |
| pm.max_spare_servers = 18 | |
| php_admin_value[memory_limit] = 2048M | |
| php_admin_value[upload_max_filesize] = 64M | |
| php_admin_value[max_file_uploads] = 64 | |
| php_admin_value[post_max_size] = 64M | |
| php_admin_value[date.timezone] = ${TIMEZONE} | |
| php_admin_value[error_log] = /home/${USER_USR}/${SITE_URL}/logs/php7.4-fpm.log | |
| php_admin_flag[log_errors] = on | |
| pm.status_path = /status | |
| ping.path = /ping | |
| ping.response = pong | |
| request_slowlog_timeout = 10s | |
| slowlog = /home/${USER_USR}/${SITE_URL}/logs/php7.4-fpm.log.slow | |
| EOT | |
| # make logs dir | |
| mkdir -p /home/${USER_USR}/${SITE_URL}/public/ | |
| mkdir -p /home/${USER_USR}/${SITE_URL}/logs/ | |
| mkdir -p /home/${USER_USR}/${SITE_URL}/data/ | |
| chown -R ${USER_USR}:${USER_USR} /home/${USER_USR}/${SITE_URL} | |
| # restart PHP service | |
| systemctl restart php7.4-fpm | |
| ################################################################## | |
| # 12 - Configure VirtualHost | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Configuring VirtualHost site... \n>\n\033[0m" | |
| # create new site | |
| cat <<EOT > /etc/apache2/sites-available/${SITE_URL}.conf | |
| <VirtualHost ${SITE_URL}:80> | |
| ServerName ${SITE_URL} | |
| DocumentRoot /home/${USER_USR}/${SITE_URL}/public/ | |
| <IfModule mod_headers.c> | |
| Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" | |
| </IfModule> | |
| <Directory /home/${USER_USR}/${SITE_URL}/public> | |
| Options -Indexes +FollowSymLinks +MultiViews | |
| AllowOverride All | |
| Require all granted | |
| </Directory> | |
| <FilesMatch ".php$"> | |
| SetHandler "proxy:unix:/run/php/php7.4-fpm-${USER_USR}.sock|fcgi://localhost/" | |
| </FilesMatch> | |
| ErrorLog /home/${USER_USR}/${SITE_URL}/logs/error.log | |
| CustomLog /home/${USER_USR}/${SITE_URL}/logs/access.log combined | |
| # Enable 'status' and 'ping' page | |
| <LocationMatch "/(ping|status)"> | |
| SetHandler "proxy:unix:/run/php/php7.4-fpm-${USER_USR}.sock|fcgi://localhost" | |
| </LocationMatch> | |
| <IfModule alias_module> | |
| Alias /realtime-status "/usr/share/php/7.4/fpm/status.html" | |
| </IfModule> | |
| </VirtualHost> | |
| EOT | |
| # check if domain in hosts file | |
| if [ $CHECK_HOST == '' ]; then | |
| echo -e "127.0.0.1 ${SITE_URL}" >> /etc/hosts | |
| fi | |
| # enable the site | |
| a2ensite ${SITE_URL}.conf | |
| # restart Apache to apply changes | |
| systemctl restart apache2 | |
| ################################################################## | |
| # 13 - Installing Nextcloud | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Installing Nextcloud... \n>\n\033[0m" | |
| wget https://download.nextcloud.com/server/releases/nextcloud-19.0.0.zip | |
| unzip nextcloud-19.0.0.zip -d /home/${USER_USR}/${SITE_URL}/ | |
| mv /home/${USER_USR}/${SITE_URL}/nextcloud/* /home/${USER_USR}/${SITE_URL}/public/ | |
| mv /home/${USER_USR}/${SITE_URL}/nextcloud/.htaccess /home/${USER_USR}/${SITE_URL}/public/ | |
| mv /home/${USER_USR}/${SITE_URL}/nextcloud/.user.ini /home/${USER_USR}/${SITE_URL}/public/ | |
| chown -R ${USER_USR}:${USER_USR} /home/${USER_USR}/${SITE_URL} | |
| rm -rf mv /home/${USER_USR}/${SITE_URL}/nextcloud/ | |
| # do installation | |
| sudo -u ${USER_USR} php /home/${USER_USR}/${SITE_URL}/public/occ maintenance:install \ | |
| --data-dir="/home/${USER_USR}/${SITE_URL}/data" \ | |
| --database=mysql \ | |
| --database-name="$DB_NAME" \ | |
| --database-user="$DB_USER" \ | |
| --database-pass="$DB_PASS" \ | |
| --admin-user="$ADMIN_NAME" \ | |
| --admin-pass="$ADMIN_PASS" | |
| # add SITE_URL to trusted_domains | |
| sudo -u ${USER_USR} php /home/${USER_USR}/${SITE_URL}/public/occ config:system:set trusted_domains 1 --value=${SITE_URL} | |
| # activate memory caching | |
| sudo -u ${USER_USR} php /home/${USER_USR}/${SITE_URL}/public/occ config:system:set memcache.local --value="\OC\Memcache\APCu" | |
| sudo -u ${USER_USR} php /home/${USER_USR}/${SITE_URL}/public/occ config:system:set memcache.locking --value="\OC\Memcache\Redis" | |
| sudo -u ${USER_USR} php /home/${USER_USR}/${SITE_URL}/public/occ config:system:set memcache.distributed --value="\OC\Memcache\Redis" | |
| sudo -u ${USER_USR} php /home/${USER_USR}/${SITE_URL}/public/occ config:system:set redis host --value="127.0.0.1" | |
| sudo -u ${USER_USR} php /home/${USER_USR}/${SITE_URL}/public/occ config:system:set redis port --value="6379" | |
| # add cron_line to USER_USR crontab | |
| cron_line="*/5 * * * * php -f /home/${USER_USR}/${SITE_URL}/public/cron.php" | |
| (crontab -u ${USER_USR} -l; echo "$cron_line" ) | crontab -u ${USER_USR} - | |
| ################################################################## | |
| # 14 - Installing Certbot | |
| ################################################################## | |
| echo -e "\033[0;33m \n>\n> Installing Certbot... \n>\n\033[0m" | |
| apt -y install certbot python3-certbot-apache | |
| certbot --apache --agree-tos --redirect --no-eff-email --email admin@${SITE_URL} -d ${SITE_URL} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment