mirror of
https://github.com/nextcloud/nextcloudpi.git
synced 2026-01-10 15:12:01 -03:30
nc-datadir: support for nc-encrypted folders
Signed-off-by: nachoparker <nacho@ownyourbits.com>
This commit is contained in:
nachoparker
parent
99a701b18e
commit
19ede8a659
@ -23,84 +23,95 @@ install()
|
||||
configure()
|
||||
{
|
||||
source /usr/local/etc/library.sh # sets PHPVER
|
||||
set -eu -o pipefail
|
||||
|
||||
## CHECKS
|
||||
local SRCDIR
|
||||
local SRCDIR BASEDIR ENCDIR
|
||||
SRCDIR=$( cd /var/www/nextcloud; ncc config:system:get datadirectory ) || {
|
||||
echo -e "Error reading data directory. Is NextCloud running and configured?";
|
||||
return 1;
|
||||
}
|
||||
[ -d "$SRCDIR" ] || { echo -e "data directory $SRCDIR not found"; return 1; }
|
||||
|
||||
[[ "$SRCDIR" == "$DATADIR" ]] && { echo -e "INFO: data already there"; return 0; }
|
||||
|
||||
# checks
|
||||
local BASEDIR=$( dirname "$DATADIR" )
|
||||
|
||||
[ -d "$BASEDIR" ] || { echo "$BASEDIR does not exist"; return 1; }
|
||||
[[ "$SRCDIR" == "${DATADIR}" ]] && { echo -e "INFO: data already there"; return 0; }
|
||||
[[ "$SRCDIR" == "${DATADIR}"/data ]] && { echo -e "INFO: data already there"; return 0; }
|
||||
|
||||
BASEDIR="${DATADIR}"
|
||||
# If the user chooses the root of the mountpoint, force a folder
|
||||
mountpoint -q "$DATADIR" && {
|
||||
BASEDIR="$DATADIR"
|
||||
mountpoint -q "${BASEDIR}" && {
|
||||
BASEDIR="${BASEDIR}"/ncdata
|
||||
}
|
||||
|
||||
grep -q -e ext -e btrfs <( stat -fc%T "$BASEDIR" ) || {
|
||||
mkdir -p "${BASEDIR}"
|
||||
BASEDIR="$(cd "${BASEDIR}" && pwd -P)" # resolve symlinks and use the real path
|
||||
DATADIR="${BASEDIR}"/data
|
||||
ENCDIR="${BASEDIR}"/ncdata_enc
|
||||
|
||||
# checks
|
||||
grep -q -e ext -e btrfs <( stat -fc%T "${BASEDIR}" ) || {
|
||||
echo -e "Only ext/btrfs filesystems can hold the data directory"
|
||||
return 1
|
||||
}
|
||||
|
||||
sudo -u www-data test -x "$BASEDIR" || {
|
||||
echo -e "ERROR: the user www-data does not have access permissions over $BASEDIR"
|
||||
sudo -u www-data test -x "${BASEDIR}" || {
|
||||
echo -e "ERROR: the user www-data does not have access permissions over ${BASEDIR}"
|
||||
return 1
|
||||
}
|
||||
|
||||
# backup possibly existing datadir
|
||||
[ -d $DATADIR ] && {
|
||||
local BKP="${DATADIR}-$( date "+%m-%d-%y" )"
|
||||
echo "INFO: $DATADIR is not empty. Creating backup $BKP"
|
||||
mv "$DATADIR" "$BKP"
|
||||
[ -d "${BASEDIR}" ] && {
|
||||
rmdir "${BASEDIR}" &>/dev/null || {
|
||||
local BKP="${BASEDIR}-$(date "+%m-%d-%y.%s")"
|
||||
echo "INFO: ${BASEDIR} is not empty. Creating backup ${BKP}"
|
||||
mv "${BASEDIR}" "${BKP}"
|
||||
}
|
||||
mkdir -p "${BASEDIR}"
|
||||
}
|
||||
|
||||
|
||||
## COPY
|
||||
cd /var/www/nextcloud
|
||||
save_maintenance_mode
|
||||
|
||||
echo "moving data directory from $SRCDIR to $DATADIR..."
|
||||
|
||||
# resolve symlinks and use the real path
|
||||
mkdir "$DATADIR"
|
||||
DATADIR=$(cd "$DATADIR" && pwd -P)
|
||||
rmdir "$DATADIR"
|
||||
echo "moving data directory from ${SRCDIR} to ${BASEDIR}..."
|
||||
|
||||
# use subvolumes, if BTRFS
|
||||
[[ "$( stat -fc%T "$BASEDIR" )" == "btrfs" ]] && {
|
||||
[[ "$(stat -fc%T "${BASEDIR}")" == "btrfs" ]] && {
|
||||
echo "BTRFS filesystem detected"
|
||||
btrfs subvolume create "$DATADIR" || return 1
|
||||
rmdir "${BASEDIR}"
|
||||
btrfs subvolume create "${BASEDIR}"
|
||||
}
|
||||
|
||||
cp --reflink=auto -raT "$SRCDIR" "$DATADIR" || return 1
|
||||
chown www-data:www-data "$DATADIR"
|
||||
# use encryption, if selected
|
||||
if is_active_app nc-encrypt; then
|
||||
# if we have encryption AND BTRFS, then store ncdata_enc in the subvolume
|
||||
mv "$(dirname "${SRCDIR}")"/ncdata_enc "${ENCDIR}"
|
||||
mkdir "${DATADIR}" && mount --bind "${SRCDIR}" "${DATADIR}"
|
||||
mkdir "$(dirname "${SRCDIR}")"/ncdata_enc && mount --bind "${ENCDIR}" "$(dirname "${SRCDIR}")"/ncdata_enc
|
||||
else
|
||||
mv "${SRCDIR}" "${DATADIR}"
|
||||
fi
|
||||
chown www-data: "${DATADIR}"
|
||||
|
||||
# datadir
|
||||
sed -i "s|'datadirectory' =>.*|'datadirectory' => '${DATADIR}',|" "$NCDIR"/config/config.php
|
||||
ncc config:system:set logfile --value="${DATADIR}/nextcloud.log"
|
||||
set_ncpcfg datadir "${DATADIR}"
|
||||
|
||||
# tmp upload dir
|
||||
mkdir -p "$DATADIR/tmp"
|
||||
chown www-data:www-data "$DATADIR/tmp"
|
||||
mkdir -p "${DATADIR}/tmp"
|
||||
chown www-data:www-data "${DATADIR}/tmp"
|
||||
ncc config:system:set tempdirectory --value "$DATADIR/tmp"
|
||||
sed -i "s|^;\?upload_tmp_dir =.*$|uploadtmp_dir = $DATADIR/tmp|" /etc/php/${PHPVER}/cli/php.ini
|
||||
sed -i "s|^;\?upload_tmp_dir =.*$|upload_tmp_dir = $DATADIR/tmp|" /etc/php/${PHPVER}/fpm/php.ini
|
||||
sed -i "s|^;\?sys_temp_dir =.*$|sys_temp_dir = $DATADIR/tmp|" /etc/php/${PHPVER}/fpm/php.ini
|
||||
sed -i "s|^;\?upload_tmp_dir =.*$|uploadtmp_dir = ${DATADIR}/tmp|" /etc/php/"${PHPVER}"/cli/php.ini
|
||||
sed -i "s|^;\?upload_tmp_dir =.*$|upload_tmp_dir = ${DATADIR}/tmp|" /etc/php/"${PHPVER}"/fpm/php.ini
|
||||
sed -i "s|^;\?sys_temp_dir =.*$|sys_temp_dir = ${DATADIR}/tmp|" /etc/php/"${PHPVER}"/fpm/php.ini
|
||||
|
||||
# opcache dir
|
||||
sed -i "s|^opcache.file_cache=.*|opcache.file_cache=$DATADIR/.opcache|" /etc/php/${PHPVER}/mods-available/opcache.ini
|
||||
sed -i "s|^opcache.file_cache=.*|opcache.file_cache=${DATADIR}/.opcache|" /etc/php/"${PHPVER}"/mods-available/opcache.ini
|
||||
|
||||
# update fail2ban logpath
|
||||
[[ -f /etc/fail2ban/jail.local ]] && \
|
||||
sed -i "s|logpath =.*nextcloud.log|logpath = $DATADIR/nextcloud.log|" /etc/fail2ban/jail.local
|
||||
sed -i "s|logpath =.*nextcloud.log|logpath = ${DATADIR}/nextcloud.log|" /etc/fail2ban/jail.local
|
||||
|
||||
# datadir
|
||||
ncc config:system:set datadirectory --value="$DATADIR"
|
||||
ncc config:system:set logfile --value="$DATADIR/nextcloud.log"
|
||||
set_ncpcfg datadir "${datadir}"
|
||||
restore_maintenance_mode
|
||||
}
|
||||
|
||||
|
||||
10
changelog.md
10
changelog.md
@ -1,9 +1,13 @@
|
||||
|
||||
[v1.43.0](https://github.com/nextcloud/nextcloudpi/commit/9bad41c) (2021-10-22) add nc-encrypt
|
||||
[v1.43.2](https://github.com/nextcloud/nextcloudpi/commit/b555146) (2021-11-02) nc-datadir: support for nc-encrypted folders
|
||||
|
||||
[v1.42.5](https://github.com/nextcloud/nextcloudpi/commit/f0abbbc) (2021-10-27) letsencrypt: sync ncp and nc cert paths
|
||||
[v1.43.1 ](https://github.com/nextcloud/nextcloudpi/commit/50a003a) (2021-10-27) ncp-web: tweak password suggestions
|
||||
|
||||
[v1.42.4 ](https://github.com/nextcloud/nextcloudpi/commit/f7e28c2) (2021-10-27) small trusted domains refactor
|
||||
[v1.43.0](https://github.com/nextcloud/nextcloudpi/commit/7b73d1d) (2021-10-22) add nc-encrypt
|
||||
|
||||
[v1.42.5](https://github.com/nextcloud/nextcloudpi/commit/532a6a8) (2021-10-27) letsencrypt: sync ncp and nc cert paths
|
||||
|
||||
[v1.42.4 ](https://github.com/nextcloud/nextcloudpi/commit/41368fe) (2021-10-27) ncp-vm: add automatic testing and change default root password
|
||||
|
||||
[v1.42.3 ](https://github.com/nextcloud/nextcloudpi/commit/b1e7323) (2021-10-25) nextcloud-domain: fix variable collision
|
||||
|
||||
|
||||
@ -474,7 +474,7 @@ function save_maintenance_mode()
|
||||
|
||||
function restore_maintenance_mode()
|
||||
{
|
||||
if [[ "${NCP_MAINTENANCE_MODE}" != "" ]]; then
|
||||
if [[ "${NCP_MAINTENANCE_MODE:-}" != "" ]]; then
|
||||
"${ncc}" maintenance:mode --on
|
||||
else
|
||||
"${ncc}" maintenance:mode --off
|
||||
|
||||
@ -13,14 +13,14 @@ ob_start();
|
||||
// check for encrypted data to present unlock dialog
|
||||
exec("bash -c 'source /usr/local/etc/library.sh; needs_decrypt'", $output, $ret);
|
||||
if ($ret == 0) {
|
||||
header("Location: decrypt");
|
||||
header("Location: /decrypt");
|
||||
exit();
|
||||
}
|
||||
|
||||
// redirect to activation first time
|
||||
exec("a2query -s ncp-activation", $output, $ret);
|
||||
if ($ret == 0) {
|
||||
header("Location: activate");
|
||||
header("Location: /activate");
|
||||
exit();
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user