mirror of
https://github.com/nextcloud/nextcloudpi.git
synced 2026-01-10 15:12:01 -03:30
unattended upgrades
This commit is contained in:
nachoparker
parent
8b9cf4f00d
commit
3761183980
@ -11,7 +11,7 @@ Use QEMU to automatically generate Raspbian Images with Nextcloud
|
||||
* Apache 2.4.25, with HTTP2 enabled
|
||||
* PHP 7.0 (double the speed of PHP5!)
|
||||
* MariaDB 10
|
||||
* 4.9.13 Linux Kernel ( NEW 03-13-2017 ) [[ LINK ]]
|
||||
* 4.9.13 Linux Kernel ( NEW 03-13-2017 )
|
||||
* nextcloudpi-config for easy setup
|
||||
* Automatic redirection to HTTPS
|
||||
* ACPU PHP cache
|
||||
@ -19,6 +19,7 @@ Use QEMU to automatically generate Raspbian Images with Nextcloud
|
||||
* HSTS
|
||||
* Cron jobs for Nextcloud
|
||||
* Sane configuration defaults
|
||||
* Let’s Ecrypt for trusted HTTPS certificates.( NEW 03-16-2017 )
|
||||
* Fail2Ban protection against brute force attacks. ( NEW 02-24-2017 )
|
||||
* Dynamic DNS support for no-ip.org ( NEW 03-05-2017 )
|
||||
* dnsmasq DNS server with DNS cache ( NEW 03-09-2017 )
|
||||
|
||||
11
batch.sh
11
batch.sh
@ -15,11 +15,12 @@ IP=$1 # First argument is the QEMU Raspbian IP address
|
||||
|
||||
IMGFILE="NextCloudPi_$( date "+%m-%d-%y" ).img"
|
||||
|
||||
NO_CONFIG=1 NO_HALT_STEP=1 ./install-nextcloud.sh $IP $IMGFILE
|
||||
NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh fail2ban.sh $IP $( ls -1t *.img | head -1 )
|
||||
NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh no-ip.sh $IP $( ls -1t *.img | head -1 )
|
||||
NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh dnsmasq.sh $IP $( ls -1t *.img | head -1 )
|
||||
NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh letsencrypt.sh $IP $( ls -1t *.img | head -1 )
|
||||
NO_CONFIG=1 NO_HALT_STEP=1 ./install-nextcloud.sh $IP $IMGFILE
|
||||
NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh fail2ban.sh $IP $( ls -1t *.img | head -1 )
|
||||
NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh no-ip.sh $IP $( ls -1t *.img | head -1 )
|
||||
NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh dnsmasq.sh $IP $( ls -1t *.img | head -1 )
|
||||
NO_CONFIG=1 NO_CFG_STEP=1 ./installer.sh letsencrypt.sh $IP $( ls -1t *.img | head -1 )
|
||||
NO_CONFIG=1 ./installer.sh unattended-upgrades.sh $IP $( ls -1t *.img | head -1 )
|
||||
|
||||
IMGOUT=$( ls -1t *.img | head -1 )
|
||||
IMGFULL=$( basename "$IMGFILE" .img )_FULL.img
|
||||
|
||||
@ -36,6 +36,7 @@ configure()
|
||||
|
||||
/etc/letsencrypt/letsencrypt-auto -n --no-self-upgrade --apache --agree-tos -m $EMAIL_ -d $DOMAIN_
|
||||
echo "* 1 * * 1 root /etc/letsencrypt/certbot-auto renew --quiet" > /etc/cron.d/letsencrypt-ncp
|
||||
service apache2 reload
|
||||
}
|
||||
|
||||
cleanup()
|
||||
|
||||
65
unattended-upgrades.sh
Executable file
65
unattended-upgrades.sh
Executable file
@ -0,0 +1,65 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Unattended upgrades installation on Raspbian
|
||||
# Tested with 2017-03-02-raspbian-jessie-lite.img
|
||||
#
|
||||
# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
|
||||
# GPL licensed (see end of file) * Use at your own risk!
|
||||
#
|
||||
# Usage:
|
||||
#
|
||||
# ./installer.sh unattended-upgrades.sh <IP> (<img>)
|
||||
#
|
||||
# See installer.sh instructions for details
|
||||
#
|
||||
|
||||
ACTIVE_=yes
|
||||
AUTOREBOOT_=yes
|
||||
DESCRIPTION="unattended upgrades: automatically install security updates. Keep your cloud safe"
|
||||
|
||||
install()
|
||||
{
|
||||
apt-get update
|
||||
apt install -y --no-install-recommends unattended-upgrades
|
||||
}
|
||||
|
||||
configure()
|
||||
{
|
||||
[[ $ACTIVE_ == "yes" ]] && local AUTOUPGRADE=1 || local AUTOUPGRADE=0
|
||||
[[ $AUTOREBOOT_ == "yes" ]] && local AUTOREBOOT=true || local AUTOREBOOT=false
|
||||
cat > /etc/apt/apt.conf.d/20nextcloudpi-upgrades <<EOF
|
||||
APT::Periodic::Update-Package-Lists "1";
|
||||
APT::Periodic::Unattended-Upgrade "$AUTOUPGRADE";
|
||||
APT::Periodic::MaxAge "14";
|
||||
APT::Periodic::AutocleanInterval "7";
|
||||
Unattended-Upgrade::Automatic-Reboot "$AUTOREBOOT";
|
||||
Unattended-Upgrade::Automatic-Reboot-Time "04:00";
|
||||
EOF
|
||||
}
|
||||
|
||||
cleanup()
|
||||
{
|
||||
apt-get autoremove -y
|
||||
apt-get clean
|
||||
rm /var/lib/apt/lists/* -r
|
||||
rm -f /home/pi/.bash_history
|
||||
systemctl disable ssh
|
||||
}
|
||||
|
||||
# License
|
||||
#
|
||||
# This script is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This script is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this script; if not, write to the
|
||||
# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
|
||||
# Boston, MA 02111-1307 USA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user