Ubuntu Server 16.04 - Deploy Nextcloud

## deploy.sh
# Server Config: Pentium D 945 2 cores, 1 Gb DDR2 RAM, WD 750 Gb SATA HDD
# Installs:
# Nextcloud (Apache + PHP 7, MariaDB)
# Collabora Online Development Edition (CODE) via Docker
# LetsEncrypt with Apache support

read -p 'Nextcloud domian: ' nextclouddomian
read -p 'Nextcloud domian escaped (i.e: nextcloud\\.domian\\.org): ' collaboradomianescaped
read -p 'Collabora domian: ' collaboradomian
read -p 'Server Admin Email: ' adminemail
read -p 'MySQL root password: ' sqlroot

sudo add-apt-repository -y ppa:dawidd0811/neofetch
sudo apt update
sudo apt install -y tree htop neofetch

sudo apt install -y linux-image-extra-$(uname -r) linux-image-extra-virtual aufs-tools
curl https://get.docker.com | bash
sudo apt install -y unzip
sudo apt install -y letsencrypt python-letsencrypt-apache
sudo apt install -y apache2 mariadb-server libapache2-mod-php7.0
sudo apt install -y php7.0-gd php7.0-json php7.0-mysql php7.0-curl php7.0-mbstring
sudo apt install -y php7.0-intl php7.0-mcrypt php-imagick php7.0-xml php7.0-zip
sudo apt upgrade -y

sudo a2enmod rewrite
sudo a2enmod headers
sudo a2enmod env
sudo a2enmod dir
sudo a2enmod mime
sudo a2enmod ssl
sudo a2ensite default-ssl
sudo a2enmod proxy
sudo a2enmod proxy_wstunnel
sudo a2enmod proxy_http

wget https://download.nextcloud.com/server/releases/nextcloud-12.0.2.zip -O ~/nextcloud.zip
unzip ~/nextcloud.zip -d ~/
sudo cp -r ~/nextcloud /var/www

# for nginx: https://icewind.nl/entry/collabora-online/
sudo su -c 'echo """<VirtualHost *:80>
  ServerName $nextclouddomian
  ServerAdmin $adminemail
  DocumentRoot /var/www/nextcloud/

  ErrorLog /error.log
  CustomLog /access.log combined

  <Directory /var/www/nextcloud/>
    Options +FollowSymlinks
    AllowOverride All

    <IfModule mod_headers.c>
      Header always set Strict-Transport-Security \"max-age=15552000; includeSubDomains\"
    </IfModule>

    <IfModule mod_dav.c>
      Dav off
    </IfModule>

    SetEnv HOME /var/www/nextcloud
    SetEnv HTTP_HOME /var/www/nextcloud
  </Directory>

</VirtualHost>""" > /etc/apache2/sites-available/nextcloud.conf'
sudo a2ensite /etc/apache2/sites-available/nextcloud.conf

sudo su -c 'echo """opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1""" >> /etc/php/7.0/apache2/php.ini'

sudo su -c 'echo """<VirtualHost *:80>
  ServerName $collaboradomian
  AllowEncodedSlashes NoDecode

  SSLProxyEngine On
  SSLProxyVerify None
  SSLProxyCheckPeerCN Off
  SSLProxyCheckPeerName Off

  ProxyPreserveHost On
  ProxyPass           /loleaflet https://127.0.0.1:9980/loleaflet retry=0
  ProxyPassReverse    /loleaflet https://127.0.0.1:9980/loleaflet
  ProxyPass           /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
  ProxyPassReverse    /hosting/discovery https://127.0.0.1:9980/hosting/discovery
  ProxyPassMatch \"/lool/(.*)/ws$\" wss://127.0.0.1:9980/lool/$1/ws nocanon
  ProxyPass   /lool/adminws wss://127.0.0.1:9980/lool/adminws
  ProxyPass           /lool https://127.0.0.1:9980/lool
  ProxyPassReverse    /lool https://127.0.0.1:9980/lool
</VirtualHost>""" > /etc/apache2/sites-available/codeserver.conf'
sudo a2ensite /etc/apache2/sites-available/codeserver.conf

sudo chown -R www-data:www-data /var/www/nextcloud/
sudo letsencrypt --apache -d $nextclouddomian -m $adminemail --agree-tos --hsts
sudo letsencrypt --apache -d $collaboradomian -m $adminemail --agree-tos --hsts

sudo mkdir /etc/systemd/system/docker.service.d
sudo su -c 'echo """[Service]
ExecStart=
ExecStart=/usr/bin/dockerd --storage-driver=devicemapper -H fd://""" > /etc/systemd/system/docker.service.d/DeviceMapper.conf'

sudo systemctl stop mysql
sudo mysqld_safe --skip-grant-tables --skip-networking &
sudo mysql -uroot
# use mysql;
# update user set password=PASSWORD("$sqlroot") where User='root';
# flush privileges;
# quit

sudo systemctl start mysql
sudo mysql
# use mysql;
# update user set plugin='' where User='root';
# flush privileges;
# exit

sudo systemctl daemon-reload
sudo systemctl restart docker
sudo systemctl enable docker
sudo systemctl restart mysql
sudo systemctl restart apache2

sudo docker pull collabora/code
sudo docker run -t -d -p 127.0.0.1:9980:9980 -e \
"$collaboradomianescaped" --restart always --cap-add MKNOD collabora/code

sudo apt autoremove -y

# sudo scp -r user@domain:/path/to/nextcloud /var/www
# sudo -u www-data php occ files:scan
sudo chown -R www-data:www-data /var/www/nextcloud/

sudo nano /var/www/nextcloud/config/config.php
#  'htaccess.RewriteBase' => '/',
sudo -u www-data php occ maintenance:update:htaccess

crontab -e
# 15 5 * * 5 letsencrypt renew >> /var/log/le-renew.log
	# Server Config: Pentium D 945 2 cores, 1 Gb DDR2 RAM, WD 750 Gb SATA HDD
	# Installs:
	# Nextcloud (Apache + PHP 7, MariaDB)
	# Collabora Online Development Edition (CODE) via Docker
	# LetsEncrypt with Apache support

	read -p 'Nextcloud domian: ' nextclouddomian
	read -p 'Nextcloud domian escaped (i.e: nextcloud\\.domian\\.org): ' collaboradomianescaped
	read -p 'Collabora domian: ' collaboradomian
	read -p 'Server Admin Email: ' adminemail
	read -p 'MySQL root password: ' sqlroot

	sudo add-apt-repository -y ppa:dawidd0811/neofetch
	sudo apt update
	sudo apt install -y tree htop neofetch

	sudo apt install -y linux-image-extra-$(uname -r) linux-image-extra-virtual aufs-tools
	curl https://get.docker.com \| bash
	sudo apt install -y unzip
	sudo apt install -y letsencrypt python-letsencrypt-apache
	sudo apt install -y apache2 mariadb-server libapache2-mod-php7.0
	sudo apt install -y php7.0-gd php7.0-json php7.0-mysql php7.0-curl php7.0-mbstring
	sudo apt install -y php7.0-intl php7.0-mcrypt php-imagick php7.0-xml php7.0-zip
	sudo apt upgrade -y

	sudo a2enmod rewrite
	sudo a2enmod headers
	sudo a2enmod env
	sudo a2enmod dir
	sudo a2enmod mime
	sudo a2enmod ssl
	sudo a2ensite default-ssl
	sudo a2enmod proxy
	sudo a2enmod proxy_wstunnel
	sudo a2enmod proxy_http

	wget https://download.nextcloud.com/server/releases/nextcloud-12.0.2.zip -O ~/nextcloud.zip
	unzip ~/nextcloud.zip -d ~/
	sudo cp -r ~/nextcloud /var/www

	# for nginx: https://icewind.nl/entry/collabora-online/
	sudo su -c 'echo """<VirtualHost *:80>
	ServerName $nextclouddomian
	ServerAdmin $adminemail
	DocumentRoot /var/www/nextcloud/

	ErrorLog /error.log
	CustomLog /access.log combined

	<Directory /var/www/nextcloud/>
	Options +FollowSymlinks
	AllowOverride All

	<IfModule mod_headers.c>
	Header always set Strict-Transport-Security \"max-age=15552000; includeSubDomains\"
	</IfModule>

	<IfModule mod_dav.c>
	Dav off
	</IfModule>

	SetEnv HOME /var/www/nextcloud
	SetEnv HTTP_HOME /var/www/nextcloud
	</Directory>

	</VirtualHost>""" > /etc/apache2/sites-available/nextcloud.conf'
	sudo a2ensite /etc/apache2/sites-available/nextcloud.conf

	sudo su -c 'echo """opcache.enable=1
	opcache.enable_cli=1
	opcache.interned_strings_buffer=8
	opcache.max_accelerated_files=10000
	opcache.memory_consumption=128
	opcache.save_comments=1
	opcache.revalidate_freq=1""" >> /etc/php/7.0/apache2/php.ini'

	sudo su -c 'echo """<VirtualHost *:80>
	ServerName $collaboradomian
	AllowEncodedSlashes NoDecode

	SSLProxyEngine On
	SSLProxyVerify None
	SSLProxyCheckPeerCN Off
	SSLProxyCheckPeerName Off

	ProxyPreserveHost On
	ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
	ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet
	ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
	ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery
	ProxyPassMatch \"/lool/(.*)/ws$\" wss://127.0.0.1:9980/lool/$1/ws nocanon
	ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws
	ProxyPass /lool https://127.0.0.1:9980/lool
	ProxyPassReverse /lool https://127.0.0.1:9980/lool
	</VirtualHost>""" > /etc/apache2/sites-available/codeserver.conf'
	sudo a2ensite /etc/apache2/sites-available/codeserver.conf

	sudo chown -R www-data:www-data /var/www/nextcloud/
	sudo letsencrypt --apache -d $nextclouddomian -m $adminemail --agree-tos --hsts
	sudo letsencrypt --apache -d $collaboradomian -m $adminemail --agree-tos --hsts

	sudo mkdir /etc/systemd/system/docker.service.d
	sudo su -c 'echo """[Service]
	ExecStart=
	ExecStart=/usr/bin/dockerd --storage-driver=devicemapper -H fd://""" > /etc/systemd/system/docker.service.d/DeviceMapper.conf'

	sudo systemctl stop mysql
	sudo mysqld_safe --skip-grant-tables --skip-networking &
	sudo mysql -uroot
	# use mysql;
	# update user set password=PASSWORD("$sqlroot") where User='root';
	# flush privileges;
	# quit

	sudo systemctl start mysql
	sudo mysql
	# use mysql;
	# update user set plugin='' where User='root';
	# flush privileges;
	# exit

	sudo systemctl daemon-reload
	sudo systemctl restart docker
	sudo systemctl enable docker
	sudo systemctl restart mysql
	sudo systemctl restart apache2

	sudo docker pull collabora/code
	sudo docker run -t -d -p 127.0.0.1:9980:9980 -e \
	"$collaboradomianescaped" --restart always --cap-add MKNOD collabora/code

	sudo apt autoremove -y

	# sudo scp -r user@domain:/path/to/nextcloud /var/www
	# sudo -u www-data php occ files:scan
	sudo chown -R www-data:www-data /var/www/nextcloud/

	sudo nano /var/www/nextcloud/config/config.php
	# 'htaccess.RewriteBase' => '/',
	sudo -u www-data php occ maintenance:update:htaccess

	crontab -e
	# 15 5 * * 5 letsencrypt renew >> /var/log/le-renew.log