free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove owncloud from the main install

This commit is contained in:
Bob Mottram 2016-04-10 10:44:35 +01:00
parent 61731ecf7a
commit 60220b6604
1 changed files with 1 additions and 493 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

494
src/freedombone
View File

@ -231,14 +231,7 @@ GO_PACKAGE_MANAGER_REPO="https://github.com/gpmgo/gopm"
GVM_REPO="https://github.com/moovweb/gvm"
GVM_COMMIT='25ea8ae158e2861c92e2b22c458e60840157832f'
# Domain name for Owncloud installation
OWNCLOUD_DOMAIN_NAME=
OWNCLOUD_CODE=
OWNCLOUD_ONION_PORT=8088
OWNCLOUD_ADMIN_PASSWORD=
OWNCLOUD_PATH=/var/www/owncloud
OWNCLOUD_UPGRADE_PATH=/root/owncloud_upgrade
# Syncthing
SYNCTHING_ID=
SYNCTHING_CONFIG_PATH=/root/.config/syncthing
SYNCTHING_CONFIG_FILE=$SYNCTHING_CONFIG_PATH/config.xml
@ -559,7 +552,6 @@ function show_help {
echo $' --microblogdomain Microblog domain name'
echo $' --wikidomain Wiki domain name'
echo $' --blogdomain Blog domain name'
echo $' --ownclouddomain Owncloud domain name'
echo $' --hubzilladomain Hubzilla domain name'
echo $' --gitdomain Git hosting domain name'
echo $' -t --time Domain used as a TLS time source'
@ -833,11 +825,6 @@ else
shift
FULLBLOG_DOMAIN_NAME="$1"
;;
# owncloud domain name
--ownclouddomain)
shift
OWNCLOUD_DOMAIN_NAME="$1"
;;
# hubzilla domain name
--hubzilladomain)
shift
@ -1445,12 +1432,6 @@ function read_configuration {
if grep -q "HUBZILLA_CODE" $CONFIGURATION_FILE; then
HUBZILLA_CODE=$(grep "HUBZILLA_CODE" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
fi
if grep -q "OWNCLOUD_DOMAIN_NAME" $CONFIGURATION_FILE; then
OWNCLOUD_DOMAIN_NAME=$(grep "OWNCLOUD_DOMAIN_NAME" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
fi
if grep -q "OWNCLOUD_CODE" $CONFIGURATION_FILE; then
OWNCLOUD_CODE=$(grep "OWNCLOUD_CODE" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
fi
if grep -q "WIKI_DOMAIN_NAME" $CONFIGURATION_FILE; then
WIKI_DOMAIN_NAME=$(grep "WIKI_DOMAIN_NAME" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
fi
@ -1504,9 +1485,6 @@ function set_default_onion_domains {
return
fi
if [ ${#OWNCLOUD_DOMAIN_NAME} -gt 1 ]; then
OWNCLOUD_DOMAIN_NAME='owncloud.local'
fi
if [ ${#MICROBLOG_DOMAIN_NAME} -gt 1 ]; then
MICROBLOG_DOMAIN_NAME='microblog.local'
fi
@ -1739,17 +1717,6 @@ function create_avahi_onion_domains {
if [ ! -d /etc/avahi/services ]; then
return
fi
if [ $OWNCLOUD_DOMAIN_NAME ]; then
echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->' > /etc/avahi/services/owncloud.service
echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' >> /etc/avahi/services/owncloud.service
echo '<service-group>' >> /etc/avahi/services/owncloud.service
echo ' <name replace-wildcards="yes">%h HTTP</name>' >> /etc/avahi/services/owncloud.service
echo ' <service>' >> /etc/avahi/services/owncloud.service
echo ' <type>_http._tcp</type>' >> /etc/avahi/services/owncloud.service
echo " <port>$OWNCLOUD_ONION_PORT</port>" >> /etc/avahi/services/owncloud.service
echo ' </service>' >> /etc/avahi/services/owncloud.service
echo '</service-group>' >> /etc/avahi/services/owncloud.service
fi
if [ $MICROBLOG_DOMAIN_NAME ]; then
echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->' > /etc/avahi/services/microblog.service
echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' >> /etc/avahi/services/microblog.service
@ -1813,10 +1780,6 @@ function check_domains {
if [ ${#WIKI_DOMAIN_NAME} -gt 1 ]; then
test_domain_name "$WIKI_DOMAIN_NAME"
if [[ "$test_domain_name" == "$OWNCLOUD_DOMAIN_NAME" ]]; then
echo $'Wiki domain name is the same as Owncloud domain name. They must be different'
exit 73863
fi
if [[ "$test_domain_name" == "$FULLBLOG_DOMAIN_NAME" ]]; then
echo $'Wiki domain name is the same as blog domain name. They must be different'
exit 97326
@ -1837,33 +1800,6 @@ function check_domains {
fi
fi
if [ ${#OWNCLOUD_DOMAIN_NAME} -gt 1 ]; then
test_domain_name "$OWNCLOUD_DOMAIN_NAME"
if [[ "$test_domain_name" == "$WIKI_DOMAIN_NAME" ]]; then
echo $'Owncloud domain name is the same as wiki domain name. They must be different'
exit 37994
fi
if [[ "$test_domain_name" == "$FULLBLOG_DOMAIN_NAME" ]]; then
echo $'Owncloud domain name is the same as blog domain name. They must be different'
exit 37936
fi
if [[ "$test_domain_name" == "$MICROBLOG_DOMAIN_NAME" ]]; then
echo $'Owncloud domain name is the same as microblog domain name. They must be different'
exit 36896
fi
if [[ "$test_domain_name" == "$HUBZILLA_DOMAIN_NAME" ]]; then
echo $'Owncloud domain name is the same as hubzilla domain name. They must be different'
exit 68365
fi
if [ $GIT_DOMAIN_NAME ]; then
if [[ "$test_domain_name" == "$GIT_DOMAIN_NAME" ]]; then
echo $'Owncloud domain name is the same as Gogs domain name. They must be different'
exit 27692
fi
fi
fi
if [ ${#FULLBLOG_DOMAIN_NAME} -gt 1 ]; then
test_domain_name "$FULLBLOG_DOMAIN_NAME"
@ -1871,10 +1807,6 @@ function check_domains {
echo $'Blog domain name is the same as wiki domain name. They must be different'
exit 62348
fi
if [[ "$test_domain_name" == "$OWNCLOUD_DOMAIN_NAME" ]]; then
echo $'Blog domain name is the same as Owncloud domain name. They must be different'
exit 84682
fi
if [[ "$test_domain_name" == "$MICROBLOG_DOMAIN_NAME" ]]; then
echo $'Blog domain name is the same as microblog domain name. They must be different'
exit 38236
@ -1898,10 +1830,6 @@ function check_domains {
echo $'Microblog domain name is the same as wiki domain name. They must be different'
exit 73924
fi
if [[ "$test_domain_name" == "$OWNCLOUD_DOMAIN_NAME" ]]; then
echo $'Microblog domain name is the same as Owncloud domain name. They must be different'
exit 73683
fi
if [[ "$test_domain_name" == "$FULLBLOG_DOMAIN_NAME" ]]; then
echo $'Microblog domain name is the same as blog domain name. They must be different'
exit 26832
@ -1925,10 +1853,6 @@ function check_domains {
echo $'Hubzilla domain name is the same as wiki domain name. They must be different'
exit 83682
fi
if [[ "$test_domain_name" == "$OWNCLOUD_DOMAIN_NAME" ]]; then
echo $'Hubzilla domain name is the same as Owncloud domain name. They must be different'
exit 65192
fi
if [[ "$test_domain_name" == "$FULLBLOG_DOMAIN_NAME" ]]; then
echo $'Hubzilla domain name is the same as blog domain name. They must be different'
exit 74817
@ -1952,10 +1876,6 @@ function check_domains {
echo $'Hubzilla domain name is the same as wiki domain name. They must be different'
exit 83682
fi
if [[ "$test_domain_name" == "$OWNCLOUD_DOMAIN_NAME" ]]; then
echo $'Hubzilla domain name is the same as Owncloud domain name. They must be different'
exit 65192
fi
if [[ "$test_domain_name" == "$FULLBLOG_DOMAIN_NAME" ]]; then
echo $'Hubzilla domain name is the same as blog domain name. They must be different'
exit 74817
@ -3251,14 +3171,6 @@ function get_mariadb_hubzilla_admin_password {
fi
}
function get_mariadb_owncloud_admin_password {
if [ -f /home/$MY_USERNAME/README ]; then
if grep -q "Owncloud database password" /home/$MY_USERNAME/README; then
OWNCLOUD_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Owncloud database password" | awk -F ':' '{print $2}' | sed 's/^ *//')
fi
fi
}
function create_freedns_updater {
if [[ $ONION_ONLY != "no" ]]; then
return
@ -3301,12 +3213,6 @@ function create_freedns_updater {
echo "$FREEDNS_WGET$HUBZILLA_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $OWNCLOUD_CODE ]; then
if [[ $OWNCLOUD_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $OWNCLOUD_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$OWNCLOUD_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $MICROBLOG_CODE ]; then
if [[ $MICROBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $MICROBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns
@ -5961,7 +5867,6 @@ function install_web_server {
echo ' limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;' >> /etc/nginx/nginx.conf
echo '' >> /etc/nginx/nginx.conf
echo ' # limit the number of requests for a given session' >> /etc/nginx/nginx.conf
echo ' # Note that the Owncloud web interface seems to require a rate of around 140r/s' >> /etc/nginx/nginx.conf
echo ' limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=140r/s;' >> /etc/nginx/nginx.conf
echo '' >> /etc/nginx/nginx.conf
echo ' # if the request body size is more than the buffer size, then the entire (or partial) request body is written into a temporary file' >> /etc/nginx/nginx.conf
@ -6202,47 +6107,6 @@ function add_ddns_domain {
systemctl daemon-reload
}
function upgrade_owncloud_start {
# copies data and config directories to a temporary upgrade directory
if [ ! -d /etc/owncloud ]; then
return
fi
echo $'Starting upgrade of Owncloud'
# remove any owncloud entries from completion
sed -i '/install_owncloud/d' $COMPLETION_FILE
sed -i '/owncloud/d' $COMPLETION_FILE
sed -i '/Owncloud/d' $COMPLETION_FILE
# create directories
if [ ! -d $OWNCLOUD_UPGRADE_PATH/data ]; then
mkdir -p $OWNCLOUD_UPGRADE_PATH/data
fi
if [ ! -d $OWNCLOUD_UPGRADE_PATH/config ]; then
mkdir -p $OWNCLOUD_UPGRADE_PATH/config
fi
# copy data to the temporary directory
if [ -d /var/lib/owncloud/data ]; then
cp -rf /var/lib/owncloud/data/* $OWNCLOUD_UPGRADE_PATH/data/
fi
# copy the config files to the temporary directory
if [ -d /etc/owncloud ]; then
cp -rf /etc/owncloud/* $OWNCLOUD_UPGRADE_PATH/config/
fi
# remove the previous owncloud install
apt-get -y remove --purge owncloud
# ensure directories do not exist
rm -rf /etc/owncloud
if [ -d /var/lib/owncloud ]; then
rm -rf /var/lib/owncloud
fi
}
function install_syncthing {
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
@ -6287,361 +6151,6 @@ function install_syncthing {
echo 'install_syncthing' >> $COMPLETION_FILE
}
function upgrade_owncloud_finish {
# copies data from a temporary upgrade directory to the new
# owncloud install
if [ ! -d $OWNCLOUD_PATH ]; then
return
fi
if [ ! -d $OWNCLOUD_UPGRADE_PATH ]; then
return
fi
echo $'Finishing upgrade of Owncloud'
if [ ! -d $OWNCLOUD_PATH/data ]; then
mkdir $OWNCLOUD_PATH/data
fi
cp -r $OWNCLOUD_UPGRADE_PATH/data/* $OWNCLOUD_PATH/data/
chown -R www-data:www-data $OWNCLOUD_PATH/data
# remove the temporary upgrade
rm -rf $OWNCLOUD_UPGRADE_PATH
}
function install_owncloud_official_deb {
# new version not based on debian package
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
# if this is exclusively a cloud setup
if [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" ]]; then
if [ ! $DEFAULT_DOMAIN_NAME ]; then
echo $'No default domain name when installing cloud variant'
exit 5380
fi
fi
if [ ! $OWNCLOUD_DOMAIN_NAME ]; then
echo $'No Owncloud domain name was specified'
exit 3095
fi
if [[ $SYSTEM_TYPE != "$VARIANT_CLOUD" ]]; then
if [[ $SYSTEM_TYPE != "$VARIANT_FULL" ]]; then
echo $"Owncloud install did not recognise the system type $SYSTEM_TYPE"
exit 6746
fi
fi
UPGRADING_OWNCLOUD=
if [ -d /etc/owncloud ]; then
UPGRADING_OWNCLOUD='yes'
fi
# begin doing an upgrade if needed
upgrade_owncloud_start
OWNCLOUD_COMPLETION_MSG1=$" *** ${PROJECT_NAME} $SYSTEM_TYPE is now installed ***"
OWNCLOUD_COMPLETION_MSG2=$"Open $OWNCLOUD_DOMAIN_NAME in a web browser to complete the setup"
if grep -Fxq "install_owncloud_official_deb" $COMPLETION_FILE; then
if [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" ]]; then
backup_to_friends_servers
intrusion_detection
split_gpg_key_into_fragments
# unmount any attached usb drive
if [ -d $USB_MOUNT ]; then
umount $USB_MOUNT
rm -rf $USB_MOUNT
fi
echo ''
echo "$OWNCLOUD_COMPLETION_MSG1"
echo "$OWNCLOUD_COMPLETION_MSG2"
exit 0
fi
return
fi
apt-get -y install fonts-linuxlibertine fonts-sil-gentium-basic fonts-way-microhei
apt-get -y install libjs-twitter-bootstrap
# ensure that apache hasn't been inadvertantly installed
apt-get -y remove --purge apache*
if [ -d /etc/apache2 ]; then
rm -rf /etc/apache2
echo $'Removed Apache installation after Owncloud install'
fi
# get the official owncloud deb package. Note that this is not the same as the one
# from the debian repos, and doesn't follow the debian packaging guidelines
if [ ! -d $INSTALL_DIR ]; then
mkdir $INSTALL_DIR
fi
cd $INSTALL_DIR
wget -nv https://download.owncloud.org/download/repositories/stable/Debian_8.0/Release.key -O owncloud.key
apt-key add - < owncloud.key
if [ ! -f /etc/apt/sources.list.d/owncloud.list ]; then
echo 'deb http://download.owncloud.org/download/repositories/stable/Debian_8.0/ /' >> /etc/apt/sources.list.d/owncloud.list
fi
apt-get update
apt-get -y install owncloud
install_mariadb
get_mariadb_password
if [ ! -d $OWNCLOUD_PATH ]; then
echo $'Owncloud was not installed'
exit 82584
fi
get_mariadb_owncloud_admin_password
if [ ! $OWNCLOUD_ADMIN_PASSWORD ]; then
if [ -f $IMAGE_PASSWORD_FILE ]; then
OWNCLOUD_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
else
OWNCLOUD_ADMIN_PASSWORD="$(openssl rand -base64 32 | cut -c1-30)"
fi
fi
if ! grep -q "Owncloud database user" /home/$MY_USERNAME/README; then
echo '' >> /home/$MY_USERNAME/README
echo '' >> /home/$MY_USERNAME/README
echo 'Owncloud' >> /home/$MY_USERNAME/README
echo '========' >> /home/$MY_USERNAME/README
echo $'Owncloud database user: owncloudadmin' >> /home/$MY_USERNAME/README
echo $"Owncloud database password: $OWNCLOUD_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
echo $'Owncloud database name: owncloud' >> /home/$MY_USERNAME/README
echo '' >> /home/$MY_USERNAME/README
echo $'After creating an administrator account then create a user account via' >> /home/$MY_USERNAME/README
echo $"the Users dropdown menu entry. The username should be '$MY_USERNAME'." >> /home/$MY_USERNAME/README
echo '' >> /home/$MY_USERNAME/README
echo $'On mobile devices you can download the Owncloud client via F-Droid.' >> /home/$MY_USERNAME/README
echo '' >> /home/$MY_USERNAME/README
echo $'To synchronise calendar entries with Android "install CalDAV Sync Adapter"' >> /home/$MY_USERNAME/README
echo $'using F-Droid then go to settings/accounts and add a CalDav account with' >> /home/$MY_USERNAME/README
echo $"the URL https://$OWNCLOUD_DOMAIN_NAME/remote.php/caldav/principals/$MY_USERNAME" >> /home/$MY_USERNAME/README
echo $'and the username and password shown above.' >> /home/$MY_USERNAME/README
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
chmod 600 /home/$MY_USERNAME/README
fi
if [ $UPGRADING_OWNCLOUD ]; then
remove_database owncloud
fi
create_database owncloud "$OWNCLOUD_ADMIN_PASSWORD"
if [[ $ONION_ONLY == "no" ]]; then
nginx_http_redirect $OWNCLOUD_DOMAIN_NAME
echo 'server {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " root $OWNCLOUD_PATH;" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " server_name $OWNCLOUD_DOMAIN_NAME;" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " error_log /var/log/nginx/${OWNCLOUD_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
nginx_limits $OWNCLOUD_DOMAIN_NAME '10G'
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
nginx_ssl $OWNCLOUD_DOMAIN_NAME
nginx_disable_sniffing $OWNCLOUD_DOMAIN_NAME
echo ' add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # if you want to be able to access the site via HTTP' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # then replace the above with the following:' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' allow all;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' index index.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location = /robots.txt {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' allow all;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' log_not_found off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location ~ ^/(data|config|\.ht|db_structure\.xml|README) {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' deny all;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # The following 2 rules are only needed with webfinger' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/.well-known/host-meta /public.php?service=host-meta last;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' try_files $uri $uri/ index.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location ~ ^(.+?\.php)(/.*)?$ {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' try_files $1 =404;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_param SCRIPT_FILENAME $document_root$1;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_param PATH_INFO $2;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_param HTTPS on;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # Optional: set long EXPIRES header on static assets' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' expires 30d;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " # Optional: Don't log access to assets" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '}' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
else
echo -n '' > /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
fi
echo 'server {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " listen 127.0.0.1:${OWNCLOUD_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " root $OWNCLOUD_PATH;" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " server_name $OWNCLOUD_DOMAIN_NAME;" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " error_log /var/log/nginx/${OWNCLOUD_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
nginx_limits $OWNCLOUD_DOMAIN_NAME '10G'
nginx_disable_sniffing $OWNCLOUD_DOMAIN_NAME
echo ' add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # if you want to be able to access the site via HTTP' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # then replace the above with the following:' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' allow all;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' index index.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location = /robots.txt {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' allow all;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' log_not_found off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location ~ ^/(data|config|\.ht|db_structure\.xml|README) {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' deny all;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # The following 2 rules are only needed with webfinger' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/.well-known/host-meta /public.php?service=host-meta last;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' try_files $uri $uri/ index.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location ~ ^(.+?\.php)(/.*)?$ {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' try_files $1 =404;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_param SCRIPT_FILENAME $document_root$1;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_param PATH_INFO $2;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' fastcgi_param HTTPS off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' # Optional: set long EXPIRES header on static assets' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' expires 30d;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo " # Optional: Don't log access to assets" >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
echo '}' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
configure_php
create_site_certificate $OWNCLOUD_DOMAIN_NAME
# Ensure that the database gets backed up locally, if remote
# backups are not being used
backup_databases_script_header
backup_database_local owncloud
nginx_ensite $OWNCLOUD_DOMAIN_NAME
OWNCLOUD_ONION_HOSTNAME=$(add_onion_service owncloud 80 ${OWNCLOUD_ONION_PORT})
systemctl restart php5-fpm
systemctl restart nginx
if ! grep -q "Owncloud onion domain" /home/$MY_USERNAME/README; then
echo "Owncloud onion domain: ${OWNCLOUD_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
echo '' >> /home/$MY_USERNAME/README
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
chmod 600 /home/$MY_USERNAME/README
fi
if ! grep -q "Owncloud onion domain" $COMPLETION_FILE; then
echo "Owncloud onion domain:${OWNCLOUD_ONION_HOSTNAME}" >> $COMPLETION_FILE
fi
add_ddns_domain $OWNCLOUD_DOMAIN_NAME
if ! grep -q "Owncloud domain" $COMPLETION_FILE; then
echo "Owncloud domain:$OWNCLOUD_DOMAIN_NAME" >> $COMPLETION_FILE
fi
upgrade_owncloud_finish
echo "<?php
\$AUTOCONFIG = array(
\"dbtype\" => \"mysql\",
\"dbname\" => \"owncloud\",
\"dbuser\" => \"root\",
\"dbpass\" => \"$MARIADB_PASSWORD\",
\"dbhost\" => \"localhost\",
\"dbtableprefix\" => \"\",
\"adminlogin\" => \"${MY_USERNAME}\",
\"adminpass\" => \"${OWNCLOUD_ADMIN_PASSWORD}\",
\"trusted_domains\" =>
array (
'${OWNCLOUD_DOMAIN_NAME}',
'${OWNCLOUD_ONION_HOSTNAME}',
),
);" > $OWNCLOUD_PATH/config/autoconfig.php
echo 'install_owncloud_official_deb' >> $COMPLETION_FILE
if [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" ]]; then
backup_to_friends_servers
intrusion_detection
split_gpg_key_into_fragments
# unmount any attached usb drive
if [ -d $USB_MOUNT ]; then
umount $USB_MOUNT
rm -rf $USB_MOUNT
fi
echo ''
echo "$OWNCLOUD_COMPLETION_MSG1"
echo "$OWNCLOUD_COMPLETION_MSG2"
exit 0
fi
}
function upgrade_golang {
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
@ -10910,7 +10419,6 @@ install_web_server
install_web_server_access_control
configure_firewall_for_web_server
install_syncthing
#install_owncloud_official_deb
upgrade_golang
install_gogs
install_xmpp