External-Mirrors/nextcloudpi
2
0
Fork 0
mirror of https://github.com/nextcloud/nextcloudpi.git synced 2026-01-09 06:32:00 -03:30
Code Issues Packages Projects Releases Wiki Activity

rework to use JSON based cfg and more

Browse Source
This commit is contained in:
nachoparker 2018-12-09 18:08:33 -07:00
parent 21fee19452
commit d5c1f0058b
138 changed files with 2108 additions and 1235 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Vagrantfile vendored
View File

@ -40,7 +40,7 @@ Vagrant.configure("2") do |config|
# cleanup
source etc/library.sh
install_script post-inst.sh
run_app post-inst.sh
cd -
rm -r /tmp/nextcloudpi
systemctl disable sshd

12
armbian.sh
View File

@ -29,12 +29,12 @@ cd /tmp/overlay
echo -e "\nInstalling NextCloudPi"
source etc/library.sh
install_script lamp.sh
install_script etc/ncp-config.d/nc-nextcloud.sh
activate_script etc/ncp-config.d/nc-nextcloud.sh
install_script ncp.sh
activate_script etc/ncp-config.d/nc-init.sh
install_script post-inst.sh
install_app lamp.sh
install_app etc/ncp-config.d/nc-nextcloud.sh
run_app etc/ncp-config.d/nc-nextcloud.sh
install_app ncp.sh
run_app etc/ncp-config.d/nc-init.sh
run_app post-inst.sh
cd -

119
bin/ncp-config
View File

@ -11,55 +11,96 @@
# More at https://ownyourbits.com/2017/03/13/nextcloudpi-gets-nextcloudpi-config/
#
BINDIR=/usr/local/bin/ncp
source /usr/local/etc/library.sh
{
# ask for update if outdated
ncp-test-updates 2>/dev/null && {
[[ -f "$chlogfile" ]] && local changelog=$( head -4 "$chlogfile" )
function nextcloud-config()
whiptail --backtitle "$backtitle $ncpversion" \
--title "NextCloudPi update available" \
--clear --yesno "Update to $latest_ver?\n\n$changelog" \
15 70
[[ $? -eq $dialog_ok ]] && ncp-update
}
function generate_list()
{
local DIALOG_OK=0
local VERFILE=/var/run/.ncp-latest-version
local BACKTITLE="NextCloudPi configuration ver. "
local CONFDIR=/usr/local/etc/ncp-config.d/
local DESC
local dir="$1"
unset list
for item in "$dir"/*; do
# ask for update if outdated
test -f /usr/local/etc/ncp-changelog && \
local CHANGELOG=$( head -4 /usr/local/etc/ncp-changelog )
ncp-test-updates 2>/dev/null && \
whiptail --backtitle "$BACKTITLE $( cat /usr/local/etc/ncp-version )" \
--title "NextCloudPi update available" \
--clear --yesno "Update to $( cat $VERFILE )?\n\n$CHANGELOG" \
15 70
[[ $? -eq $DIALOG_OK ]] && ncp-update
# directories
[[ -d "$item" ]] && {
local dir="$( basename "$item" )"
list+=(" $dir" "")
continue
}
while true; do
[[ "$item" =~ ".sh" ]] || continue
# fill options
local LIST=()
for item in $CONFDIR/*.sh; do
DESC=$( grep "DESCRIPTION=" "$item" | sed 's|^DESCRIPTION="||;s|"$||' )
is_active_script "$item" &>/dev/null && local ON="*" || local ON=" "
LIST+=( "$ON $( basename "$item" .sh )" "$DESC" )
done
# regular ncp_apps
local app="$( basename "$item" .sh )"
local cfg="$cfgdir/$app".cfg
# launch the selection menu
local script
script=$( whiptail --backtitle "$BACKTITLE $( cat /usr/local/etc/ncp-version )" \
--title "NextCloudPi Software Configuration Tool (ncp-config)" \
--cancel-button Finish --ok-button Select \
--menu "Select program to configure and activate:" 20 105 10 \
"${LIST[@]}" \
3>&1 1>&2 2>&3 )
[[ -f "$cfg" ]] && local desc=$( jq -r .description "$cfg" ) || local desc="No description."
is_active_app "$app" "$dir" && local on="*" || local on=" "
[[ $? -ne $DIALOG_OK ]] || [[ "$script" == "" ]] && return 0
list+=( "$on $app" "$desc" )
done
}
# remove ✓ and spaces
script=$( sed 's=*\| ==g' <<< "$script" )
function config_menu()
{
local dir="$1"
local backtitle="NextCloudPi configuration ver. "
local latest_ver="$(cat /var/run/.ncp-latest-version)"
local ncpversion="$(cat /usr/local/etc/ncp-version )"
local cfgdir=/usr/local/etc/ncp-config.d
local chlogfile=/usr/local/etc/ncp-changelog
local dialog_ok=0
local desc cfg ncp_app
# launch selected script
info_script "$script".sh || continue;
configure_script "$script".sh && { echo "Done. Press any key..."; read -r; }
done
while true; do
# menu items
generate_list "$dir"
# launch the selection menu
[[ "$dir" == "$BINDIR" ]] && local cancel_btn="Finish" || local cancel_btn="Back"
ncp_app=$( whiptail --backtitle "$backtitle $ncpversion" \
--title "NextCloudPi Configuration Tool (ncp-config)" \
--cancel-button $cancel_btn --ok-button Select \
--menu "Select ncp-app to configure or activate:" 20 105 10 \
"${list[@]}" \
3>&1 1>&2 2>&3 )
[[ $? -ne $dialog_ok ]] || [[ "$ncp_app" == "" ]] && {
[[ "$dir" == "$BINDIR" ]] && return 0
dir="$(dirname "$dir")"
continue
}
# remove * and spaces
ncp_app=$( sed 's=*\| ==g' <<< "$ncp_app" )
# directory selection
[[ -d "$dir/$ncp_app" ]] && {
dir="$dir/$ncp_app"
config_menu "$dir"
return
}
# launch selected ncp_app
info_app "$ncp_app" || continue
configure_app "$ncp_app" || continue
run_app "$ncp_app"
echo "Done. Press any key..."
read -r
done
}
if [[ ${EUID} -ne 0 ]]; then
@ -67,7 +108,7 @@ if [[ ${EUID} -ne 0 ]]; then
exit 1
fi
nextcloud-config
config_menu "$BINDIR"
exit $?
} # force to read the whole thing into memory, as its contents might change in update.sh

3
bin/ncp-diag
View File

@ -23,7 +23,8 @@ test -d "$DATADIR" || DIRINFO=" (doesn't exist)"
USBDEVS="$( lsblk -S -o NAME,TRAN | awk '{ if ( $2 == "usb" ) print $1; }' | tr '\n' ' ' )"
[[ "$USBDEVS" == "" ]] && USBDEVS="none"
[[ -f /usr/local/etc/ncp-config.d/nc-automount.sh ]] && echo "automount|$( grep "^ACTIVE_" /usr/local/etc/ncp-config.d/nc-automount.sh | cut -d'=' -f2 )"
am_cfg="/usr/local/etc/nc-automount.cfg"
[[ -f "$am_cfg" ]] && [[ "$(jq -r ".params[0].value" "$am_cfg")" == "yes" ]] && echo "automount|yes" || echo "automount|no"
echo "USB devices|$USBDEVS"
echo "datadir|$DATADIR$DIRINFO"
[[ "$DIRINFO" == "" ]] && {

12
bin/ncp-provisioning.sh
View File

@ -5,7 +5,6 @@
## redis provisioning
CFG=/var/www/nextcloud/config/config.php
CONFDIR=/usr/local/etc/ncp-config.d/
REDISPASS="$( grep "^requirepass" /etc/redis/redis.conf | cut -f2 -d' ' )"
### IF redis password is the default one, generate a new one
@ -51,9 +50,7 @@ EOF
## nc.limits.sh (auto)adjustments: number of threads, memory limits...
source /usr/local/etc/library.sh
cd "$CONFDIR" &>/dev/null
activate_script nc-limits.sh
cd - &>/dev/null
run_app nc-limits
## Check for interrupted upgrades and rollback
BKP="$( ls -1t /var/www/nextcloud-bkp_*.tar.gz 2>/dev/null | head -1 )"
@ -62,11 +59,4 @@ BKP="$( ls -1t /var/www/nextcloud-bkp_*.tar.gz 2>/dev/null | head -1 )"
ncp-restore "$BKP" && rm "$BKP"
}
## Fix permissions on NCP folders. The main reason for this is to make devel docker container work
[[ -e $CONFDIR ]] && {
chown -R root:www-data "$CONFDIR"/*
chmod 660 "$CONFDIR"/*
chmod 750 "$CONFDIR"/l10n
}
exit 0

4
bin/ncp-suggestions
View File

@ -14,12 +14,12 @@
OUT="$@"
DNSMASQ_ON="$( grep "^ACTIVE_=" /usr/local/etc/ncp-config.d/dnsmasq.sh | cut -d'=' -f2 )"
source /usr/local/etc/library.sh
grep -q "distribution|.*bian GNU/Linux 9,*" <<<"$OUT" || \
echo -e "You are using an unsupported distro release. Please upgrade to latest Debian/Raspbian"
[[ $DNSMASQ_ON != "yes" ]] && \
is_active_app dnsmasq && \
grep -q "NAT loopback|no" <<<"$OUT" && \
echo -e "\nYou should enable dnsmasq to use your domain inside home"

15
etc/ncp-config.d/nc-backup-auto.sh → bin/ncp/BACKUPS/nc-backup-auto.sh
View File

@ -7,18 +7,9 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
ACTIVE_=no
DESTDIR_=/media/USBdrive/ncp-backups
INCLUDEDATA_=no
COMPRESS_=no
BACKUPDAYS_=7
BACKUPLIMIT_=4
DESCRIPTION="Periodic backups"
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
rm -f /etc/cron.d/ncp-backup-auto
service cron restart
echo "automatic backups disabled"
@ -28,12 +19,12 @@ configure()
cat > /usr/local/bin/ncp-backup-auto <<EOF
#!/bin/bash
sudo -u www-data php /var/www/nextcloud/occ maintenance:mode --on
/usr/local/bin/ncp-backup "$DESTDIR_" "$INCLUDEDATA_" "$COMPRESS_" "$BACKUPLIMIT_"
/usr/local/bin/ncp-backup "$DESTDIR" "$INCLUDEDATA" "$COMPRESS" "$BACKUPLIMIT"
sudo -u www-data php /var/www/nextcloud/occ maintenance:mode --off
EOF
chmod +x /usr/local/bin/ncp-backup-auto
echo "0 3 */${BACKUPDAYS_} * * root /usr/local/bin/ncp-backup-auto" > /etc/cron.d/ncp-backup-auto
echo "0 3 */${BACKUPDAYS} * * root /usr/local/bin/ncp-backup-auto" > /etc/cron.d/ncp-backup-auto
service cron restart
echo "automatic backups enabled"

9
etc/ncp-config.d/nc-backup.sh → bin/ncp/BACKUPS/nc-backup.sh
View File

@ -7,13 +7,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
DESTDIR_=/media/USBdrive/ncp-backups
INCLUDEDATA_=no
COMPRESS_=no
BACKUPLIMIT_=4
DESCRIPTION="Backup this NC instance to a file"
install()
{
cat > /usr/local/bin/ncp-backup <<'EOF'
@ -110,7 +103,7 @@ EOF
configure()
{
ncp-backup "$DESTDIR_" "$INCLUDEDATA_" "$COMPRESS_" "$BACKUPLIMIT_"
ncp-backup "$DESTDIR" "$INCLUDEDATA" "$COMPRESS" "$BACKUPLIMIT"
}
# License

25
etc/ncp-config.d/nc-export-ncp.sh → bin/ncp/BACKUPS/nc-export-ncp.sh
View File

@ -7,35 +7,20 @@
# GPL licensed (see end of file) * Use at your own risk!
#
DIR_=/media/USBdrive/
DESCRIPTION="Export NextCloudPi configuration"
configure()
{
[[ -d "$DIR_" ]] || { echo "directory $DIR_ does not exist"; return 1; }
[[ -d "$DIR" ]] || { echo "directory $DIR does not exist"; return 1; }
local DESTFILE="$DIR_"/ncp-config_$( date +"%Y%m%d" ).tar
rm -rf /tmp/ncp-export
mkdir -p /tmp/ncp-export
cd /tmp/ncp-export || return 1
local destfile="$DIR"/ncp-config_$( date +"%Y%m%d" ).tar
for file in /usr/local/etc/ncp-config.d/*; do
VARS=( $( grep "^[[:alpha:]]\+_=" "$file" | cut -d= -f1 | sed 's|_$||' ) )
VALS=( $( grep "^[[:alpha:]]\+_=" "$file" | cut -d= -f2 ) )
local CONFIG=""
for i in $( seq 0 1 $(( ${#VARS[@]} - 1 )) ); do
CONFIG+="${VARS[$i]}=${VALS[$i]}\n"
done
echo -e "$CONFIG" > "$( basename "$file" .sh ).cfg"
done
tar -cf "$DESTFILE" *
chmod 600 "$DESTFILE"
tar -cf "$destfile" -C /usr/local/etc/ncp-config.d .
chmod 600 "$destfile"
cd $OLDPWD
rm -rf /tmp/ncp-export
echo -e "configuration exported to $DESTFILE"
echo -e "configuration exported to $destfile"
}
install() { :; }

37
etc/ncp-config.d/nc-import-ncp.sh → bin/ncp/BACKUPS/nc-import-ncp.sh
View File

@ -7,49 +7,30 @@
# GPL licensed (see end of file) * Use at your own risk!
#
FILE_=/media/USBdrive/ncp-config_xxxxxx.cfg
DESCRIPTION="Import NextCloudPi configuration from file"
CFGDIR="/usr/local/etc/ncp-config.d"
configure()
{
[[ -f "$FILE_" ]] || { echo "export file $FILE_ does not exist"; return 1; }
[[ -f "$FILE" ]] || { echo "export file $FILE does not exist"; return 1; }
source /usr/local/etc/library.sh || return 1
cd /usr/local/etc/ncp-config.d || return 1
cd "$CFGDIR" || return 1
# extract export
local TMP="/tmp/ncp-export"
rm -rf "$TMP"
mkdir -p "$TMP"
tar -xf "$FILE_" -C "$TMP"
tar -xf "$FILE" -C "$CFGDIR"
# UGLY workaround to prevent apache from restarting upon activating some extras
# which leads to the operation appearing to fail in ncp-web
echo "invalid_op" >> /etc/apache2/sites-available/000-default.conf
#echo "invalid_op" >> /etc/apache2/sites-available/000-default.conf
# restore configuration and activate
for file in /"$TMP"/*; do
local SCRIPT="$( basename "$file" .cfg ).sh"
# restore
[ -f /usr/local/etc/ncp-config.d/"$SCRIPT" ] && {
local VARS=( $( grep "^[[:alpha:]]\+=" "$file" | cut -d= -f1 ) )
local VALS=( $( grep "^[[:alpha:]]\+=" "$file" | cut -d= -f2 ) )
for i in $( seq 0 1 ${#VARS[@]} ); do
sed -i "s|^${VARS[$i]}_=.*|${VARS[$i]}_=${VALS[$i]}|" "$SCRIPT"
done
}
# activate
grep -q "^ACTIVE_=yes" "$SCRIPT" && echo && activate_script "$SCRIPT"
done
# activate
# TODO
# Fix invalid configuration
sed -i "/^invalid_op/d" /etc/apache2/sites-available/000-default.conf
#sed -i "/^invalid_op/d" /etc/apache2/sites-available/000-default.conf
# cleanup
rm -rf "$TMP"
echo -e "\nconfiguration restored"
# delayed in bg so it does not kill the connection, and we get AJAX response

14
etc/ncp-config.d/nc-restore.sh → bin/ncp/BACKUPS/nc-restore.sh
View File

@ -9,18 +9,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
BACKUPFILE_=/media/USBdrive/nextcloud-bkp_xxxxxxxx.tar
DESCRIPTION="Restore a previously backuped NC instance"
INFOTITLE="Restore NextCloud backup"
INFO="This new installation will cleanup current
NextCloud instance, including files and database.
** perform backup before proceding **
You can use nc-backup"
install()
{
cat > /usr/local/bin/ncp-restore <<'EOF'
@ -170,7 +158,7 @@ EOF
configure()
{
ncp-restore "$BACKUPFILE_"
ncp-restore "$BACKUPFILE"
}
# License

16
etc/ncp-config.d/nc-rsync-auto.sh → bin/ncp/BACKUPS/nc-rsync-auto.sh
View File

@ -8,14 +8,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
ACTIVE_=no
DESTINATION_=user@ip:/path/to/sync
SYNCDAYS_=3
DESCRIPTION="Periodically sync Nextcloud data through rsync"
INFO="DESTINATION can be a regular path for local sync
'user' needs SSH autologin from the NCP 'root' user at 'ip'"
install()
{
apt-get update
@ -24,7 +16,7 @@ install()
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
rm -f /etc/cron.d/ncp-rsync-auto
echo "automatic rsync disabled"
return 0
@ -36,13 +28,13 @@ configure()
return 1;
}
[[ "$DESTINATION_" =~ : ]] && {
local NET="$( sed 's|:.*||' <<<"$DESTINATION_" )"
[[ "$DESTINATION" =~ : ]] && {
local NET="$( sed 's|:.*||' <<<"$DESTINATION" )"
local SSH=( ssh -o "BatchMode=yes" "$NET" )
${SSH[@]} : || { echo "SSH non-interactive not properly configured"; return 1; }
}
echo "0 5 */${SYNCDAYS_} * * root /usr/bin/rsync -ax --delete \"$DATADIR\" \"$DESTINATION_\"" > /etc/cron.d/ncp-rsync-auto
echo "0 5 */${SYNCDAYS} * * root /usr/bin/rsync -ax --delete \"$DATADIR\" \"$DESTINATION\"" > /etc/cron.d/ncp-rsync-auto
service cron restart
echo "automatic rsync enabled"

8
etc/ncp-config.d/nc-rsync.sh → bin/ncp/BACKUPS/nc-rsync.sh
View File

@ -8,12 +8,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
DESTINATION_=user@ip:/path/to/sync
DESCRIPTION="Sync Nextcloud data through rsync"
INFO="'user' needs SSH autologin from the NCP 'root' user at 'ip'
if we are launching from ncp-web"
BASEDIR=/var/www
install()
@ -32,7 +26,7 @@ configure()
return 1;
}
rsync -ax --delete "$DATADIR" "$DESTINATION_"
rsync -ax --delete "$DATADIR" "$DESTINATION"
sudo -u www-data php "$BASEDIR"/nextcloud/occ maintenance:mode --off
}

4
etc/ncp-config.d/nc-snapshot-auto.sh → bin/ncp/BACKUPS/nc-snapshot-auto.sh
View File

@ -9,8 +9,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
ACTIVE_=no
DESCRIPTION="Scheduled datadir BTRFS snapshots"
install()
{
@ -20,7 +18,7 @@ install()
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
rm -f /etc/cron.hourly/btrfs-snp
echo "automatic snapshots disabled"
return 0

29
etc/ncp-config.d/nc-snapshot-sync.sh → bin/ncp/BACKUPS/nc-snapshot-sync.sh
View File

@ -8,17 +8,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
ACTIVE_=no
SNAPDIR_=/media/USBdrive/ncp-snapshots
DESTINATION_=/media/myBackupDrive/ncp-snapshots
COMPRESSION_=no
SYNCDAYS_=1
DESCRIPTION="Sync BTRFS snapshots to USBdrive or remote machine"
INFO="Use format user@ip:/path/to/snapshots for remote sync
'user' needs permissions for the 'btrfs' command at 'ip'
'user' needs SSH autologin from the NCP 'root' user at 'ip'
Only use compression for internet transfer, because it uses many resources"
install()
{
@ -31,7 +20,7 @@ install()
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
rm -f /etc/cron.d/ncp-snapsync-auto
service cron restart
echo "snapshot sync disabled"
@ -39,22 +28,22 @@ configure()
}
# checks
[[ -d "$SNAPDIR_" ]] || { echo "$SNAPDIR_ does not exist"; return 1; }
[[ -d "$SNAPDIR" ]] || { echo "$SNAPDIR does not exist"; return 1; }
[[ "$DESTINATION_" =~ : ]] && {
local NET="$( sed 's|:.*||' <<<"$DESTINATION_" )"
local DST="$( sed 's|.*:||' <<<"$DESTINATION_" )"
[[ "$DESTINATION" =~ : ]] && {
local NET="$( sed 's|:.*||' <<<"$DESTINATION" )"
local DST="$( sed 's|.*:||' <<<"$DESTINATION" )"
local SSH=( ssh -o "BatchMode=yes" "$NET" )
${SSH[@]} : || { echo "SSH non-interactive not properly configured"; return 1; }
} || DST="$DESTINATION_"
} || DST="$DESTINATION"
[[ "$( ${SSH[@]} stat -fc%T "$DST" )" != "btrfs" ]] && {
echo "$DESTINATION_ is not in a BTRFS filesystem"
echo "$DESTINATION is not in a BTRFS filesystem"
return 1
}
[[ "$COMPRESSION_" == "yes" ]] && ZIP="-z"
[[ "$COMPRESSION" == "yes" ]] && ZIP="-z"
echo "30 4 */${SYNCDAYS_} * * root /usr/local/bin/btrfs-sync -qd $ZIP \"$SNAPDIR_\" \"$DESTINATION_\"" > /etc/cron.d/ncp-snapsync-auto
echo "30 4 */${SYNCDAYS} * * root /usr/local/bin/btrfs-sync -qd $ZIP \"$SNAPDIR\" \"$DESTINATION\"" > /etc/cron.d/ncp-snapsync-auto
service cron restart
echo "snapshot sync enabled"
}

7
etc/ncp-config.d/nc-snapshot.sh → bin/ncp/BACKUPS/nc-snapshot.sh
View File

@ -8,11 +8,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
LIMIT_=4
DESCRIPTION="Create BTRFS snapshot of the datadir"
INFO="Snapshots take up very little space because only the differences from one
to the next are saved. This requires the datadir to be in a BTRFS filesystem"
BASEDIR=/var/www
@ -39,7 +34,7 @@ configure()
return 1
}
btrfs-snp $MOUNTPOINT manual $LIMIT_ 0 ../ncp-snapshots
btrfs-snp $MOUNTPOINT manual $LIMIT 0 ../ncp-snapshots
sudo -u www-data php "$BASEDIR"/nextcloud/occ maintenance:mode --off
}

10
etc/ncp-config.d/nc-admin.sh → bin/ncp/CONFIG/nc-admin.sh
View File

@ -8,19 +8,15 @@
# More at: https://ownyourbits.com
#
USER_=ncp
PASSWORD_=ownyourbits
CONFIRM_=ownyourbits
DESCRIPTION="Change password for the Nextcloud admin user"
configure()
{
[[ "$PASSWORD_" == "$CONFIRM_" ]] || { echo "passwords do not match"; return 1; }
[[ "$PASSWORD" == "$CONFIRM" ]] || { echo "passwords do not match"; return 1; }
OC_PASS="$PASSWORD_" \
OC_PASS="$PASSWORD" \
sudo -E -u www-data php /var/www/nextcloud/occ \
user:resetpassword --password-from-env "$USER_"
user:resetpassword --password-from-env "$USER"
}
install() { :; }

7
etc/ncp-config.d/nc-autoupdate-nc.sh → bin/ncp/CONFIG/nc-autoupdate-nc.sh
View File

@ -8,16 +8,13 @@
# More at: https://ownyourbits.com
#
ACTIVE_=no
NOTIFYUSER_=ncp
DESCRIPTION="Automatically apply Nextcloud updates"
# just change this value and re-activate in update.sh to upgrade users
VERSION=14.0.4
configure()
{
[[ "$ACTIVE_" != "yes" ]] && {
[[ "$ACTIVE" != "yes" ]] && {
rm -f /etc/cron.daily/ncp-autoupdate-nc
echo "automatic Nextcloud updates disabled"
return 0
@ -34,7 +31,7 @@ if [[ \${PIPESTATUS[0]} -eq 0 ]]; then
VER="\$( sudo -u www-data php /var/www/nextcloud/occ status | grep "version:" | awk '{ print \$3 }' )"
sudo -u www-data php /var/www/nextcloud/occ notification:generate \
"$NOTIFYUSER_" "NextCloudPi" -l "Nextcloud was updated to \$VER"
"$NOTIFYUSER" "NextCloudPi" -l "Nextcloud was updated to \$VER"
fi
echo "" >> /var/log/ncp.log
EOF

7
etc/ncp-config.d/nc-autoupdate-ncp.sh → bin/ncp/CONFIG/nc-autoupdate-ncp.sh
View File

@ -8,13 +8,10 @@
# More at: https://ownyourbits.com
#
ACTIVE_=no
NOTIFYUSER_=ncp
DESCRIPTION="Automatically apply NextCloudPi updates"
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
rm -f /etc/cron.daily/ncp-autoupdate
echo "automatic NextCloudPi updates disabled"
return 0
@ -25,7 +22,7 @@ configure()
if /usr/local/bin/ncp-test-updates; then
/usr/local/bin/ncp-update || exit 1
sudo -u www-data php /var/www/nextcloud/occ notification:generate \
"$NOTIFYUSER_" "NextCloudPi" \
"$NOTIFYUSER" "NextCloudPi" \
-l "NextCloudPi was updated to \$( cat /usr/local/etc/ncp-version )"
fi
EOF

29
etc/ncp-config.d/nc-database.sh → bin/ncp/CONFIG/nc-database.sh
View File

@ -8,19 +8,6 @@
# More at https://ownyourbits.com/
#
DBDIR_=/media/USBdrive/ncdatabase
DESCRIPTION="Move your database to a new location, like a USB drive"
INFO="Note that non Unix filesystems such as NTFS are not supported
because they do not provide a compatible user/permissions system.
You need to use a USB drive that is permanently on and is responsive
or the database will fail.
Please note that the default location, when first installed is /var/lib/mysql/.
Move it to the desired location by editing the DBDIR= field, the one shown is an example.
** If it ever fails with a white page, move the database back to the SD **"
is_active()
{
@ -33,15 +20,15 @@ configure()
local SRCDIR=$( grep datadir /etc/mysql/mariadb.conf.d/90-ncp.cnf | awk -F "= " '{ print $2 }' )
[ -d "$SRCDIR" ] || { echo -e "database directory $SRCDIR not found"; return 1; }
[ -d "$DBDIR_" ] && {
[[ $( find "$DBDIR_" -maxdepth 0 -empty | wc -l ) == 0 ]] && {
echo "$DBDIR_ is not empty"
[ -d "$DBDIR" ] && {
[[ $( find "$DBDIR" -maxdepth 0 -empty | wc -l ) == 0 ]] && {
echo "$DBDIR is not empty"
return 1
}
rmdir "$DBDIR_"
rmdir "$DBDIR"
}
local BASEDIR=$( dirname "$DBDIR_" )
local BASEDIR=$( dirname "$DBDIR" )
mkdir -p "$BASEDIR"
grep -q -e ext -e btrfs <( stat -fc%T "$BASEDIR" ) || { echo -e "Only ext/btrfs filesystems can hold the data directory"; return 1; }
@ -54,10 +41,10 @@ configure()
cd /var/www/nextcloud
sudo -u www-data php occ maintenance:mode --on
echo "moving database to $DBDIR_..."
echo "moving database to $DBDIR..."
service mysql stop
mv "$SRCDIR" "$DBDIR_" && \
sed -i "s|^datadir.*|datadir = $DBDIR_|" /etc/mysql/mariadb.conf.d/90-ncp.cnf
mv "$SRCDIR" "$DBDIR" && \
sed -i "s|^datadir.*|datadir = $DBDIR|" /etc/mysql/mariadb.conf.d/90-ncp.cnf
service mysql start
sudo -u www-data php occ maintenance:mode --off

52
etc/ncp-config.d/nc-datadir.sh → bin/ncp/CONFIG/nc-datadir.sh
View File

@ -8,13 +8,6 @@
# More at https://ownyourbits.com/2017/03/13/nextcloudpi-gets-nextcloudpi-config/
#
DATADIR_=/media/USBdrive/ncdata
DESCRIPTION="Change your data dir to a new location, like a USB drive"
INFO="Note that non Unix filesystems such as NTFS are not supported
because they do not provide a compatible user/permissions system.
Also please note that the default location, when first installed is /var/www/nextcloud/data.
Move it to the desired location by editing the DATADIR= field, the PATH shown is an example."
PHPVER=7.2
@ -41,17 +34,16 @@ configure()
}
[ -d "$SRCDIR" ] || { echo -e "data directory $SRCDIR not found"; return 1; }
[[ "$SRCDIR" == "$DATADIR_" ]] && { echo -e "INFO: data already there"; return 0; }
[[ "$SRCDIR" == "$DATADIR" ]] && { echo -e "INFO: data already there"; return 0; }
# checks
local BASEDIR=$( dirname "$DATADIR_" )
local BASEDIR=$( dirname "$DATADIR" )
[ -d "$BASEDIR" ] || { echo "$BASEDIR does not exist"; return 1; }
# If the user chooses the root of the mountpoint, force a folder
mountpoint -q "$DATADIR_" && {
BASEDIR="$DATADIR_"
DATADIR_="$DATADIR_/ncdata"
mountpoint -q "$DATADIR" && {
BASEDIR="$DATADIR"
}
grep -q -e ext -e btrfs <( stat -fc%T "$BASEDIR" ) || {
@ -70,10 +62,10 @@ configure()
}
# backup possibly existing datadir
[ -d $DATADIR_ ] && {
local BKP="${DATADIR_}-$( date "+%m-%d-%y" )"
echo "INFO: $DATADIR_ is not empty. Creating backup $BKP"
mv "$DATADIR_" "$BKP"
[ -d $DATADIR ] && {
local BKP="${DATADIR}-$( date "+%m-%d-%y" )"
echo "INFO: $DATADIR is not empty. Creating backup $BKP"
mv "$DATADIR" "$BKP"
}
@ -81,34 +73,34 @@ configure()
cd /var/www/nextcloud
sudo -u www-data php occ maintenance:mode --on
echo "moving data dir from $SRCDIR to $DATADIR_..."
echo "moving data dir from $SRCDIR to $DATADIR..."
# use subvolumes, if BTRFS
[[ "$( stat -fc%T "$BASEDIR" )" == "btrfs" ]] && {
echo "BTRFS filesystem detected"
btrfs subvolume create "$DATADIR_" || return 1
btrfs subvolume create "$DATADIR" || return 1
}
cp --reflink=auto -raT "$SRCDIR" "$DATADIR_" || return 1
chown www-data:www-data "$DATADIR_"
cp --reflink=auto -raT "$SRCDIR" "$DATADIR" || return 1
chown www-data:www-data "$DATADIR"
# tmp upload dir
mkdir -p "$DATADIR_/tmp"
chown www-data:www-data "$DATADIR_/tmp"
sudo -u www-data php occ config:system:set tempdirectory --value "$DATADIR_/tmp"
sed -i "s|^;\?upload_tmp_dir =.*$|upload_tmp_dir = $DATADIR_/tmp|" /etc/php/${PHPVER}/cli/php.ini
sed -i "s|^;\?upload_tmp_dir =.*$|upload_tmp_dir = $DATADIR_/tmp|" /etc/php/${PHPVER}/fpm/php.ini
sed -i "s|^;\?sys_temp_dir =.*$|sys_temp_dir = $DATADIR_/tmp|" /etc/php/${PHPVER}/fpm/php.ini
mkdir -p "$DATADIR/tmp"
chown www-data:www-data "$DATADIR/tmp"
sudo -u www-data php occ config:system:set tempdirectory --value "$DATADIR/tmp"
sed -i "s|^;\?upload_tmp_dir =.*$|uploadtmp_dir = $DATADIR/tmp|" /etc/php/${PHPVER}/cli/php.ini
sed -i "s|^;\?upload_tmp_dir =.*$|upload_tmp_dir = $DATADIR/tmp|" /etc/php/${PHPVER}/fpm/php.ini
sed -i "s|^;\?sys_temp_dir =.*$|sys_temp_dir = $DATADIR/tmp|" /etc/php/${PHPVER}/fpm/php.ini
# opcache dir
sed -i "s|^opcache.file_cache=.*|opcache.file_cache=$DATADIR_/.opcache|" /etc/php/${PHPVER}/mods-available/opcache.ini
sed -i "s|^opcache.file_cache=.*|opcache.file_cache=$DATADIR/.opcache|" /etc/php/${PHPVER}/mods-available/opcache.ini
# update fail2ban logpath
sed -i "s|logpath =.*nextcloud.log|logpath = $DATADIR_/nextcloud.log|" /etc/fail2ban/jail.conf
sed -i "s|logpath =.*nextcloud.log|logpath = $DATADIR/nextcloud.log|" /etc/fail2ban/jail.conf
# datadir
sudo -u www-data php occ config:system:set datadirectory --value="$DATADIR_"
sudo -u www-data php occ config:system:set logfile --value="$DATADIR_/nextcloud.log"
sudo -u www-data php occ config:system:set datadirectory --value="$DATADIR"
sudo -u www-data php occ config:system:set logfile --value="$DATADIR/nextcloud.log"
sudo -u www-data php occ maintenance:mode --off
}

4
etc/ncp-config.d/nc-httpsonly.sh → bin/ncp/CONFIG/nc-httpsonly.sh
View File

@ -8,12 +8,10 @@
# More at https://ownyourbits.com/2017/03/13/nextcloudpi-gets-nextcloudpi-config/
#
ACTIVE_=yes
DESCRIPTION="Force HTTPS"
configure()
{
[[ $ACTIVE_ == "no" ]] && local OPT=Off || local OPT=On
[[ $ACTIVE == "no" ]] && local OPT=Off || local OPT=On
sed -i "s|RewriteEngine .*|RewriteEngine $OPT|" /etc/apache2/sites-available/000-default.conf
echo "Forcing HTTPS $OPT"

13
etc/ncp-config.d/nc-init.sh → bin/ncp/CONFIG/nc-init.sh
View File

@ -8,18 +8,7 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
ADMINUSER_=ncp
ADMINPASS_=ownyourbits
DBADMIN=ncadmin
DESCRIPTION="(Re)initiate Nextcloud to a clean configuration"
INFOTITLE="Clean NextCloud configuration"
INFO="This action will configure NextCloud to NextCloudPi defaults.
** YOUR CONFIGURATION WILL BE LOST **
"
PHPVER=7.2
configure()
@ -83,7 +72,7 @@ EOF
rm -f config/config.php
sudo -u www-data php occ maintenance:install --database \
"mysql" --database-name "nextcloud" --database-user "$DBADMIN" --database-pass \
"$DBPASSWD" --admin-user "$ADMINUSER_" --admin-pass "$ADMINPASS_"
"$DBPASSWD" --admin-user "$ADMINUSER" --admin-pass "$ADMINPASS"
# cron jobs
sudo -u www-data php occ background:cron

35
etc/ncp-config.d/nc-limits.sh → bin/ncp/CONFIG/nc-limits.sh
View File

@ -8,14 +8,8 @@
# More at https://ownyourbits.com/2017/03/13/nextcloudpi-gets-nextcloudpi-config/
#
MAXFILESIZE_=10G
MEMORYLIMIT_=0
PHPTHREADS_=0
REDISMEM_=0
PHPVER=7.2
DESCRIPTION="Configure system limits for NextCloudPi"
INFO="Examples: 200M or 2G. Write 0 for autoconfig"
configure()
{
@ -26,36 +20,35 @@ configure()
# MAX FILESIZE
local CONF=/var/www/nextcloud/.user.ini
local CURRENT_FILE_SIZE="$( grep "^upload_max_filesize" "$CONF" | sed 's|.*=||' )"
[[ "$MAXFILESIZE_" == "0" ]] && MAXFILESIZE_=10G
[[ "$MAXFILESIZE" == "0" ]] && MAXFILESIZE=10G
# MAX PHP MEMORY
local CONF=/var/www/nextcloud/.user.ini
local CURRENT_PHP_MEM="$( grep "^memory_limit" "$CONF" | sed 's|.*=||' )"
[[ "$MEMORYLIMIT_" == "0" ]] && MEMORYLIMIT_=$AUTOMEM && echo "Using ${AUTOMEM}B for PHP"
sed -i "s/^post_max_size=.*/post_max_size=$MAXFILESIZE_/" "$CONF"
sed -i "s/^upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE_/" "$CONF"
sed -i "s/^memory_limit=.*/memory_limit=$MEMORYLIMIT_/" "$CONF"
[[ "$MEMORYLIMIT" == "0" ]] && MEMORYLIMIT=$AUTOMEM && echo "Using ${AUTOMEM}B for PHP"
sed -i "s/^post_max_size=.*/post_max_size=$MAXFILESIZE/" "$CONF"
sed -i "s/^upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE/" "$CONF"
sed -i "s/^memory_limit=.*/memory_limit=$MEMORYLIMIT/" "$CONF"
# MAX PHP THREADS
local CONF=/etc/php/${PHPVER}/fpm/pool.d/www.conf
local CURRENT_THREADS=$( grep "^pm.max_children" "$CONF" | awk '{ print $3 }' )
[[ "$PHPTHREADS_" == "0" ]] && PHPTHREADS_=$( nproc ) && echo "Using $PHPTHREADS_ PHP threads"
sed -i "s|^pm.max_children =.*|pm.max_children = $PHPTHREADS_|" "$CONF"
sed -i "s|^pm.max_spare_servers =.*|pm.max_spare_servers = $PHPTHREADS_|" "$CONF"
sed -i "s|^pm.start_servers =.*|pm.start_servers = $PHPTHREADS_|" "$CONF"
[[ "$PHPTHREADS" == "0" ]] && PHPTHREADS=$( nproc ) && echo "Using $PHPTHREADS PHP threads"
sed -i "s|^pm.max_children =.*|pm.max_children = $PHPTHREADS|" "$CONF"
sed -i "s|^pm.max_spare_servers =.*|pm.max_spare_servers = $PHPTHREADS|" "$CONF"
sed -i "s|^pm.start_servers =.*|pm.start_servers = $PHPTHREADS|" "$CONF"
# RESTART PHP
[[ "$PHPTHREADS_" != "$CURRENT_THREADS" ]] || \
[[ "$MEMORYLIMIT" != "$CURRENT_PHP_MEM" ]] || \
[[ "$MAXFILESIZE_" != "$CURRENT_FILE_SIZE" ]] && \
[[ "$PHPTHREADS" != "$CURRENT_THREADS" ]] || \
[[ "$MEMORYLIMIT" != "$CURRENT_PHP_MEM" ]] || \
[[ "$MAXFILESIZE" != "$CURRENT_FILE_SIZE" ]] && \
bash -c "sleep 3; service php${PHPVER}-fpm restart" &>/dev/null &
# redis max memory
local CONF=/etc/redis/redis.conf
local CURRENT_REDIS_MEM=$( grep "^maxmemory" "$CONF" | awk '{ print $2 }' )
[[ "$REDISMEM_" == "0" ]] && REDISMEM_=$AUTOMEM && echo "Using ${AUTOMEM}B for Redis"
[[ "$REDISMEM_" != "$CURRENT_REDIS_MEM" ]] && {
sed -i "s|^maxmemory .*|maxmemory $REDISMEM_|" "$CONF"
[[ "$REDISMEM" != "$CURRENT_REDIS_MEM" ]] && {
sed -i "s|^maxmemory .*|maxmemory $REDISMEM|" "$CONF"
service redis-server restart
}
}

36
etc/ncp-config.d/nc-nextcloud.sh → bin/ncp/CONFIG/nc-nextcloud.sh
View File

@ -8,31 +8,13 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
VER_=14.0.4
BETA_=no
MAXFILESIZE_=2G
MEMORYLIMIT_=768M
MAXTRANSFERTIME_=3600
DBADMIN=ncadmin
REDIS_MEM=3gb
PHPVER=7.2
DESCRIPTION="Install any NextCloud version"
APTINSTALL="apt-get install -y --no-install-recommends"
export DEBIAN_FRONTEND=noninteractive
[ -d /var/www/nextcloud ] && { # don't show this during image build
INFOTITLE="NextCloud installation"
INFO="This new installation will cleanup current
NextCloud instance, including files and database.
You can later use nc-init to configure to NextCloudPi defaults
** perform backup before proceding **
You can use nc-backup "
}
install()
{
# During build, this step is run before ncp.sh. Avoid executing twice
@ -99,20 +81,20 @@ EOF
configure()
{
## IF BETA SELECTED ADD "pre" to DOWNLOAD PATH
[[ "$BETA_" == yes ]] && local PREFIX="pre"
[[ "$BETA" == yes ]] && local PREFIX="pre"
## DOWNLOAD AND (OVER)WRITE NEXTCLOUD
cd /var/www/
local URL="https://download.nextcloud.com/server/${PREFIX}releases/nextcloud-$VER_.tar.bz2"
echo "Downloading Nextcloud $VER_..."
local URL="https://download.nextcloud.com/server/${PREFIX}releases/nextcloud-$VER.tar.bz2"
echo "Downloading Nextcloud $VER..."
wget -q "$URL" -O nextcloud.tar.bz2 || {
echo "couldn't download $URL"
return 1
}
rm -rf nextcloud
echo "Installing Nextcloud $VER_..."
echo "Installing Nextcloud $VER..."
tar -xf nextcloud.tar.bz2
rm nextcloud.tar.bz2
@ -231,13 +213,13 @@ EOF
echo "Setting up system..."
## SET LIMITS
sed -i "s/post_max_size=.*/post_max_size=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini
sed -i "s/upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE_/" /var/www/nextcloud/.user.ini
sed -i "s/memory_limit=.*/memory_limit=$MEMORYLIMIT_/" /var/www/nextcloud/.user.ini
sed -i "s/post_max_size=.*/post_max_size=$MAXFILESIZE/" /var/www/nextcloud/.user.ini
sed -i "s/upload_max_filesize=.*/upload_max_filesize=$MAXFILESIZE/" /var/www/nextcloud/.user.ini
sed -i "s/memory_limit=.*/memory_limit=$MEMORYLIMIT/" /var/www/nextcloud/.user.ini
# slow transfers will be killed after this time
cat >> /var/www/nextcloud/.user.ini <<< "max_execution_time=$MAXTRANSFERTIME_"
cat >> /var/www/nextcloud/.user.ini <<< "max_input_time=$MAXTRANSFERTIME_"
cat >> /var/www/nextcloud/.user.ini <<< "max_execution_time=$MAXTRANSFERTIME"
cat >> /var/www/nextcloud/.user.ini <<< "max_input_time=$MAXTRANSFERTIME"
## SET CRON
echo "*/15 * * * * php -f /var/www/nextcloud/cron.php" > /tmp/crontab_http

9
etc/ncp-config.d/nc-notify-updates.sh → bin/ncp/CONFIG/nc-notify-updates.sh
View File

@ -8,10 +8,7 @@
# More at: https://ownyourbits.com
#
ACTIVE_=yes
USER_=ncp
DESCRIPTION="Notify in NC when a NextCloudPi update is available"
# check every hour
CHECKINTERVAL=1
@ -19,7 +16,7 @@ NCDIR=/var/www/nextcloud
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
rm -f /etc/cron.d/ncp-notify-updates
service cron restart
echo "update web notifications disabled"
@ -47,7 +44,7 @@ IFACE=\$( ip r | grep "default via" | awk '{ print \$5 }' | head -1 )
IP=\$( ip a show dev "\$IFACE" | grep global | grep -oP '\d{1,3}(\.\d{1,3}){3}' | head -1 )
sudo -u www-data php /var/www/nextcloud/occ notification:generate \
$USER_ "NextCloudPi update" \
$USER "NextCloudPi update" \
-l "Update from \$( cat \$VERFILE ) to \$( cat \$LATEST ) is available. Update from https://\$IP:4443"
cat \$LATEST > \$NOTIFIED
@ -78,7 +75,7 @@ echo -e "Packages automatically upgraded: \$PKGS\\n"
# notify
sudo -u www-data php /var/www/nextcloud/occ notification:generate \
$USER_ "NextCloudPi Unattended Upgrades" \
$USER "NextCloudPi Unattended Upgrades" \
-l "Packages automatically upgraded \$PKGS"
EOF
chmod +x /usr/local/bin/ncp-notify-unattended-upgrade

5
etc/ncp-config.d/nc-passwd.sh → bin/ncp/CONFIG/nc-passwd.sh
View File

@ -8,15 +8,12 @@
# More at: https://ownyourbits.com
#
PASSWORD_=ownyourbits
CONFIRM_=ownyourbits
DESCRIPTION="Change password for the NextCloudPi Panel"
configure()
{
# update password
echo -e "$PASSWORD_\n$CONFIRM_" | passwd ncp &>/dev/null && \
echo -e "$PASSWORD\n$CONFIRM" | passwd ncp &>/dev/null && \
echo "password updated successfully" || \
{ echo "passwords do not match"; return 1; }

5
etc/ncp-config.d/nc-prettyURL.sh → bin/ncp/CONFIG/nc-prettyURL.sh
View File

@ -7,9 +7,6 @@
# GPL licensed (see end of file) * Use at your own risk!
ACTIVE_=no
DESCRIPTION="Set pretty URLs (no index.php in URL)"
INFOTITLE="PrettyURL notes"
NCDIR=/var/www/nextcloud
OCC="$NCDIR/occ"
@ -29,7 +26,7 @@ configure()
local URL="$(ncc config:system:get overwrite.cli.url)"
[[ "${URL: -1}" != "/" ]] && ncc config:system:set overwrite.cli.url --value="${URL}/"
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
sudo -u www-data php "$OCC" config:system:set htaccess.RewriteBase --value=""
sudo -u www-data php "$OCC" maintenance:update:htaccess
[[ $? -ne 0 ]] && {

15
etc/ncp-config.d/nc-scan-auto.sh → bin/ncp/CONFIG/nc-scan-auto.sh
View File

@ -8,18 +8,11 @@
# More at: https://ownyourbits.com
#
ACTIVE_=no
SCANINTERVAL_=60
DESCRIPTION="Periodically scan NC for externally modified files"
INFOTITLE="Instructions for auto synchronization"
INFO="Set the time in minutes in SCANINTERVAL.
>>> If there are too many files this can greatly affect performance. <<<"
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
rm -f /etc/cron.d/ncp-scan-auto
service cron restart
echo "automatic scans disabled"
@ -28,13 +21,13 @@ configure()
# set crontab
local DAYS HOURS MINS
DAYS=$(( SCANINTERVAL_ / 1440 ))
DAYS=$(( SCANINTERVAL / 1440 ))
if [[ "$DAYS" != "0" ]]; then
DAYS="*/$DAYS" HOUR="1" MINS="15"
else
DAYS="*"
HOUR=$(( SCANINTERVAL_ / 60 ))
MINS=$(( SCANINTERVAL_ % 60 ))
HOUR=$(( SCANINTERVAL / 60 ))
MINS=$(( SCANINTERVAL % 60 ))
MINS="*/$MINS"
[[ $HOUR == 0 ]] && HOUR="*" || { HOUR="*/$HOUR" MINS="15"; }
fi

4
etc/ncp-config.d/nc-webui.sh → bin/ncp/CONFIG/nc-webui.sh
View File

@ -8,8 +8,6 @@
# More at: https://ownyourbits.com
#
ACTIVE_=no
DESCRIPTION="Enable or disable the NCP web interface"
is_active()
{
@ -18,7 +16,7 @@ is_active()
configure()
{
if [[ $ACTIVE_ != "yes" ]]; then
if [[ $ACTIVE != "yes" ]]; then
a2dissite ncp
echo "ncp-web disabled"
else

12
etc/ncp-config.d/DDNS_duckDNS.sh → bin/ncp/NETWORKING/DDNS_duckDNS.sh
View File

@ -7,25 +7,21 @@
# GPL licensed (see end of file) * Use at your own risk!
#
ACTIVE_=no
DOMAIN_=mycloud.duckdns.org
TOKEN_=your-duckdns-token
INSTALLDIR=duckdns
INSTALLPATH=/usr/local/etc/$INSTALLDIR
CRONFILE=/etc/cron.d/duckdns
DESCRIPTION="Free Dynamic DNS provider (need account from https://duckdns.org)"
configure()
{
local DOMAIN="$( sed 's|.duckdns.org||' <<<"$DOMAIN_" )"
if [[ $ACTIVE_ == "yes" ]]; then
local DOMAIN="$( sed 's|.duckdns.org||' <<<"$DOMAIN" )"
if [[ $ACTIVE == "yes" ]]; then
mkdir -p "$INSTALLPATH"
# Creates duck.sh script that checks for updates to DNS records
touch "$INSTALLPATH"/duck.sh
touch "$INSTALLPATH"/duck.log
echo -e "echo url=\"https://www.duckdns.org/update?domains=$DOMAIN&token=$TOKEN_&ip=\" | curl -k -o "$INSTALLPATH"/duck.log -K -" > "$INSTALLPATH"/duck.sh
echo -e "echo url=\"https://www.duckdns.org/update?domains=$DOMAIN&token=$TOKEN&ip=\" | curl -k -o "$INSTALLPATH"/duck.log -K -" > "$INSTALLPATH"/duck.sh
# Adds file to cron to run script for DNS record updates and change permissions
touch $CRONFILE
@ -46,7 +42,7 @@ configure()
fi
# Removes config files and cron job if ACTIVE_ is set to no
elif [[ $ACTIVE_ == "no" ]]; then
elif [[ $ACTIVE == "no" ]]; then
rm -f "$CRONFILE"
rm -f "$INSTALLPATH"/duck.sh
rm -f "$INSTALLPATH"/duck.log

17
etc/ncp-config.d/DDNS_freeDNS.sh → bin/ncp/NETWORKING/DDNS_freeDNS.sh
View File

@ -6,14 +6,9 @@
# GPL licensed (see end of file) * Use at your own risk!
#
ACTIVE_=no
UPDATEHASH_=abcdefghijklmnopqrstuvwxyzABCDEFGHIJK1234567
DOMAIN_=mynextcloud.example.com
UPDATEINTERVAL_=30
DESCRIPTION="DDNS FreeDNS client (need account)"
UPDATEURL=https://freedns.afraid.org/dynamic/update.php
URL="${UPDATEURL}?${UPDATEHASH_}"
URL="${UPDATEURL}?${UPDATEHASH}"
install()
{
@ -23,7 +18,7 @@ install()
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
rm -f /etc/cron.d/freeDNS
service cron restart
echo "FreeDNS client is disabled"
@ -34,7 +29,7 @@ configure()
#!/bin/bash
echo "FreeDNS client started"
echo "${URL}"
registeredIP=$(dig +short "$DOMAIN_"|tail -n1)
registeredIP=$(dig +short "$DOMAIN"|tail -n1)
currentIP=\$(wget -q -O - http://checkip.dyndns.org|sed s/[^0-9.]//g)
[ "\$currentIP" != "\$registeredIP" ] && {
wget -q -O /dev/null ${URL}
@ -43,12 +38,12 @@ echo "Registered IP: \$registeredIP | Current IP: \$currentIP"
EOF
chmod +744 /usr/local/bin/freedns.sh
echo "*/${UPDATEINTERVAL_} * * * * root /bin/bash /usr/local/bin/freedns.sh" > /etc/cron.d/freeDNS
echo "*/${UPDATEINTERVAL} * * * * root /bin/bash /usr/local/bin/freedns.sh" > /etc/cron.d/freeDNS
service cron restart
cd /var/www/nextcloud
sudo -u www-data php occ config:system:set trusted_domains 3 --value="$DOMAIN_"
sudo -u www-data php occ config:system:set overwrite.cli.url --value=https://"$DOMAIN_"/
sudo -u www-data php occ config:system:set trusted_domains 3 --value="$DOMAIN"
sudo -u www-data php occ config:system:set overwrite.cli.url --value=https://"$DOMAIN"/
echo "FreeDNS client is enabled"
}

17
etc/ncp-config.d/DDNS_no-ip.sh → bin/ncp/NETWORKING/DDNS_no-ip.sh
View File

@ -8,15 +8,6 @@
# More at https://ownyourbits.com/2017/03/05/dynamic-dns-for-raspbian-with-no-ip-org-installer/
#
ACTIVE_=no
USER_=my-noip-user@email.com
PASS_=noip-pass
DOMAIN_=mycloud.ownyourbits.com
TIME_=30
DESCRIPTION="DDNS no-ip free provider (need account)"
INFO="For this step to succeed, you need to register a noip account first.
Internet access is required for this configuration to complete."
install()
{
@ -83,19 +74,19 @@ EOF
configure()
{
service noip2 stop
[[ $ACTIVE_ != "yes" ]] && { update-rc.d noip2 disable; return 0; }
[[ $ACTIVE != "yes" ]] && { update-rc.d noip2 disable; return 0; }
local IF=$( ip -br l | awk '{ if ( $2 == "UP" ) print $1 }' | head -1 )
[[ "$IF" != "" ]] && IF="-I $IF"
/usr/local/bin/noip2 -C -c /usr/local/etc/no-ip2.conf $IF -U "$TIME_" -u "$USER_" -p "$PASS_" 2>&1 | tee >(cat - >&2) \
/usr/local/bin/noip2 -C -c /usr/local/etc/no-ip2.conf $IF -U "$TIME" -u "$USER" -p "$PASS" 2>&1 | tee >(cat - >&2) \
| grep -q "New configuration file .* created" || return 1
update-rc.d noip2 enable
service noip2 restart
cd /var/www/nextcloud
sudo -u www-data php occ config:system:set trusted_domains 3 --value="$DOMAIN_"
sudo -u www-data php occ config:system:set overwrite.cli.url --value=https://"$DOMAIN_"/
sudo -u www-data php occ config:system:set trusted_domains 3 --value="$DOMAIN"
sudo -u www-data php occ config:system:set overwrite.cli.url --value=https://"$DOMAIN"/
echo "noip DDNS enabled"
}

13
etc/ncp-config.d/DDNS_spDYN.sh → bin/ncp/NETWORKING/DDNS_spDYN.sh
View File

@ -9,15 +9,10 @@
# GPL licensed (see end of file) * Use at your own risk!
#
ACTIVE_=no
DOMAIN_=mycloud.spdns.de
TOKEN_=your-spdns-token
IPv6_=no
INSTALLDIR=spdnsupdater
INSTALLPATH=/usr/local/etc/$INSTALLDIR
CRONFILE=/etc/cron.d/spdnsupdater
DESCRIPTION="Free Dynamic DNS provider (need account from spdyn.de)"
install()
{
@ -101,20 +96,20 @@ EOF
configure()
{
if [[ $ACTIVE_ == "yes" ]]; then
if [[ $ACTIVE == "yes" ]]; then
# Adds file to cron to run script for DNS record updates and change permissions
touch $CRONFILE
echo "*/5 * * * * root $INSTALLPATH/spdnsUpdater.sh $DOMAIN_ $TOKEN_ $IPv6_ >/dev/null 2>&1" > "$CRONFILE"
echo "10 * * * * root $INSTALLPATH/spdnsUpdater.sh $DOMAIN $TOKEN $IPv6 >/dev/null 2>&1" > "$CRONFILE"
chmod +x "$CRONFILE"
# First-time execution of update script and print response from spdns.de server
"$INSTALLPATH"/spdnsUpdater.sh "$DOMAIN_" "$TOKEN_" "$IPv6_"
"$INSTALLPATH"/spdnsUpdater.sh "$DOMAIN" "$TOKEN" "$IPv6"
echo -e "\nspdnsUpdater is now enabled"
# Removes config files and cron job if ACTIVE_ is set to no
elif [[ $ACTIVE_ == "no" ]]; then
elif [[ $ACTIVE == "no" ]]; then
echo "... removing cronfile: $CRONFILE"
rm -f "$CRONFILE"
echo -e "\nspdnsUpdater is now disabled"

24
etc/ncp-config.d/NFS.sh → bin/ncp/NETWORKING/NFS.sh
View File

@ -8,18 +8,6 @@
# More at: https://ownyourbits.com
#
ACTIVE_=no
DIR_=/media/USBdrive/ncdata/admin/files
SUBNET_=192.168.1.0/24
USER_=www-data
GROUP_=www-data
DESCRIPTION="NFS network file system server (for Linux LAN)"
INFOTITLE="Instructions for external synchronization"
INFO="If we intend to modify the data folder through NFS,
then we have to synchronize NextCloud to make it aware of the changes.
This can be done manually or automatically using 'nc-scan' and 'nc-scan-auto'"
install()
{
@ -34,7 +22,7 @@ install()
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
service nfs-kernel-server stop
systemctl disable nfs-kernel-server
echo -e "NFS disabled"
@ -43,16 +31,16 @@ configure()
# CHECKS
################################
id "$USER_" &>/dev/null || { echo "user USER_ does not exist" ; return 1; }
id -g "$GROUP_" &>/dev/null || { echo "group GROUP_ does not exist"; return 1; }
[ -d "$DIR_" ] || { echo -e "INFO: directory $DIR_ does not exist. Creating"; mkdir -p "$DIR_"; }
[[ $( stat -fc%d / ) == $( stat -fc%d $DIR_ ) ]] && \
id "$USER" &>/dev/null || { echo "user $USER does not exist" ; return 1; }
id -g "$GROUP" &>/dev/null || { echo "group $GROUP does not exist"; return 1; }
[ -d "$DIR" ] || { echo -e "INFO: directory $DIR does not exist. Creating"; mkdir -p "$DIR"; }
[[ $( stat -fc%d / ) == $( stat -fc%d $DIR ) ]] && \
echo -e "INFO: mounting a in the SD card\nIf you want to use an external mount, make sure it is properly set up"
# CONFIG
################################
cat > /etc/exports <<EOF
$DIR_ $SUBNET_(rw,sync,all_squash,anonuid=$(id -u $USER_),anongid=$(id -g $GROUP_),no_subtree_check)
$DIR $SUBNET(rw,sync,all_squash,anonuid=$(id -u $USER),anongid=$(id -g $GROUP),no_subtree_check)
EOF
systemctl enable rpcbind

23
etc/ncp-config.d/SSH.sh → bin/ncp/NETWORKING/SSH.sh
View File

@ -7,17 +7,6 @@
# GPL licensed (see end of file) * Use at your own risk!
#
ACTIVE_=no
USER_=root
PASS_=1234
CONFIRM_=1234
DESCRIPTION="Activate or deactivate SSH"
INFOTITLE="SSH notes"
INFO="In order to enable SSH, the password for user 'pi' can NOT remain set to the default raspberry.
You HAVE to create a NEW password for 'pi' if you want this program to enable SSH, it will fail if you dont!
The same will happen with user 'root' and password '1234'
Note: Use normal AlphaNumeric, the only special characters allowed are .,@-_/"
install() { :; }
@ -28,7 +17,7 @@ is_active()
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
systemctl stop ssh
systemctl disable ssh
echo "SSH disabled"
@ -36,18 +25,18 @@ configure()
}
# Check for bad ideas
[[ "$USER_" == "pi" ]] && [[ "$PASS_" == "raspberry" ]] && {
[[ "$USER" == "pi" ]] && [[ "$PASS" == "raspberry" ]] && {
echo "Refusing to use the default Raspbian user and password. It's insecure"
return 1
}
[[ "$USER_" == "root" ]] && [[ "$PASS_" == "1234" ]] && {
[[ "$USER" == "root" ]] && [[ "$PASS" == "1234" ]] && {
echo "Refusing to use the default Armbian user and password. It's insecure"
return 1
}
# Change credentials
id "$USER_" &>/dev/null || { echo "$USER_ doesn't exist"; return 1; }
echo -e "$PASS_\n$CONFIRM_" | passwd "$USER_" || return 1
id "$USER" &>/dev/null || { echo "$USER doesn't exist"; return 1; }
echo -e "$PASS\n$CONFIRM" | passwd "$USER" || return 1
# Check for insecure default pi password ( taken from old jessie method )
local SHADOW="$( grep -E '^pi:' /etc/shadow )"
@ -84,7 +73,7 @@ configure()
}
# Enable
chage -d 0 "$USER_"
chage -d 0 "$USER"
systemctl enable ssh
systemctl start ssh
echo "SSH enabled"

20
etc/ncp-config.d/dnsmasq.sh → bin/ncp/NETWORKING/dnsmasq.sh
View File

@ -8,14 +8,6 @@
# More at: https://ownyourbits.com/2017/03/09/dnsmasq-as-dns-cache-server-for-nextcloudpi-and-raspbian/
#
ACTIVE_=no
DOMAIN_=mycloud.ownyourbits.com
DNSSERVER_=8.8.8.8
CACHESIZE_=150
DESCRIPTION="DNS server with cache"
INFO="Remember to point your PC and devices DNS or
you router DNS to your Raspberry Pi IP"
install()
{
@ -48,7 +40,7 @@ EOF
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
service dnsmasq stop
update-rc.d dnsmasq disable
echo "dnmasq disabled"
@ -66,9 +58,9 @@ domain-needed # Never forward plain names (without a dot or domain part)
bogus-priv # Never forward addresses in the non-routed address spaces.
no-poll # Don't poll for changes in /etc/resolv.conf
no-resolv # Don't use /etc/resolv.conf or any other file
cache-size=$CACHESIZE_
server=$DNSSERVER_
address=/$DOMAIN_/$IP # This is optional if we add it to /etc/hosts
cache-size=$CACHESIZE
server=$DNSSERVER
address=/$DOMAIN/$IP # This is optional if we add it to /etc/hosts
EOF
# required to run in container
@ -80,8 +72,8 @@ EOF
update-rc.d dnsmasq enable
service dnsmasq restart
cd /var/www/nextcloud
sudo -u www-data php occ config:system:set trusted_domains 2 --value=$DOMAIN_
sudo -u www-data php occ config:system:set overwrite.cli.url --value=https://"$DOMAIN_"/
sudo -u www-data php occ config:system:set trusted_domains 2 --value=$DOMAIN
sudo -u www-data php occ config:system:set overwrite.cli.url --value=https://"$DOMAIN"/
echo "dnsmasq enabled"
}

26
etc/ncp-config.d/letsencrypt.sh → bin/ncp/NETWORKING/letsencrypt.sh
View File

@ -7,21 +7,11 @@
#
# More at https://ownyourbits.com/2017/03/17/lets-encrypt-installer-for-apache/
DOMAIN_=mycloud.ownyourbits.com
EMAIL_=mycloud@ownyourbits.com
NOTIFYUSER_=ncp
NCDIR=/var/www/nextcloud
OCC="$NCDIR/occ"
VHOSTCFG=/etc/apache2/sites-available/nextcloud.conf
VHOSTCFG2=/etc/apache2/sites-available/ncp.conf
DESCRIPTION="Automatic signed SSL certificates"
INFOTITLE="Warning"
INFO="Internet access is required for this configuration to complete
Both ports 80 and 443 need to be accessible from the internet
Your certificate will be automatically renewed every month"
is_active()
{
@ -52,15 +42,15 @@ EOF
# tested with certbot 0.10.2
configure()
{
local DOMAIN_LOWERCASE="${DOMAIN_,,}"
local DOMAIN_LOWERCASE="${DOMAIN,,}"
# Configure Apache
grep -q ServerName $VHOSTCFG && \
sed -i "s|ServerName .*|ServerName $DOMAIN_|" $VHOSTCFG || \
sed -i "/DocumentRoot/aServerName $DOMAIN_" $VHOSTCFG
sed -i "s|ServerName .*|ServerName $DOMAIN|" $VHOSTCFG || \
sed -i "/DocumentRoot/aServerName $DOMAIN" $VHOSTCFG
# Do it
letsencrypt certonly -n --no-self-upgrade --webroot -w $NCDIR --hsts --agree-tos -m $EMAIL_ -d $DOMAIN_ && {
letsencrypt certonly -n --no-self-upgrade --webroot -w $NCDIR --hsts --agree-tos -m $EMAIL -d $DOMAIN && {
# Set up auto-renewal
cat > /etc/cron.weekly/letsencrypt-ncp <<EOF
@ -69,13 +59,13 @@ configure()
# renew and notify
/usr/bin/certbot renew --quiet --renew-hook '
sudo -u www-data php $OCC notification:generate \
$NOTIFYUSER_ "SSL renewal" \
$NOTIFYUSER "SSL renewal" \
-l "Your SSL certificate(s) \$RENEWED_DOMAINS has been renewed for another 90 days"
'
# notify if fails
[[ \$? -ne 0 ]] && sudo -u www-data php $OCC notification:generate \
$NOTIFYUSER_ "SSL renewal error" \
$NOTIFYUSER "SSL renewal error" \
-l "SSL certificate renewal failed. See /var/log/letsencrypt/letsencrypt.log"
# cleanup
@ -91,8 +81,8 @@ EOF
sed -i "s|SSLCertificateKeyFile.*|SSLCertificateKeyFile /etc/letsencrypt/live/$DOMAIN_LOWERCASE/privkey.pem|" $VHOSTCFG2
# Configure Nextcloud
sudo -u www-data php $OCC config:system:set trusted_domains 4 --value=$DOMAIN_
sudo -u www-data php $OCC config:system:set overwrite.cli.url --value=https://"$DOMAIN_"/
sudo -u www-data php $OCC config:system:set trusted_domains 4 --value=$DOMAIN
sudo -u www-data php $OCC config:system:set overwrite.cli.url --value=https://"$DOMAIN"/
# delayed in bg so it does not kill the connection, and we get AJAX response
bash -c "sleep 2 && service apache2 reload" &>/dev/null &

19
etc/ncp-config.d/nc-forward-ports.sh → bin/ncp/NETWORKING/nc-forward-ports.sh
View File

@ -8,17 +8,6 @@
# More at: https://ownyourbits.com
#
HTTPSPORT_=443
HTTPPORT_=80
DESCRIPTION="Set port forwarding to access from outside (UPnP)"
INFOTITLE="Instructions for UPnP Port Forwarding"
INFO="For NextCloudPi to be able to setup your ports, UPnP must be activated
in your router. Activate it now on your router admin webpage.
** UPnP is considered a security risk **
Don't forget to disable it afterwards"
install()
{
@ -30,11 +19,11 @@ configure()
{
local IFACE=$( ip r | grep "default via" | awk '{ print $5 }' | head -1 )
local IP=$( ip a show dev "$IFACE" | grep global | grep -oP '\d{1,3}(.\d{1,3}){3}' | head -1 )
upnpc -d "$HTTPSPORT_" TCP
upnpc -d "$HTTPPORT_" TCP
upnpc -a "$IP" 443 "$HTTPSPORT_" TCP | tee >(cat - >&2) | grep -q "is redirected to internal" || \
upnpc -d "$HTTPSPORT" TCP
upnpc -d "$HTTPPORT" TCP
upnpc -a "$IP" 443 "$HTTPSPORT" TCP | tee >(cat - >&2) | grep -q "is redirected to internal" || \
{ echo -e "\nCould not forward ports automatically.\nDo it manually, or activate UPnP in your router and try again"; return 1; }
upnpc -a "$IP" 80 "$HTTPPORT_" TCP | tee >(cat - >&2) | grep -q "is redirected to internal" || \
upnpc -a "$IP" 80 "$HTTPPORT" TCP | tee >(cat - >&2) | grep -q "is redirected to internal" || \
{ echo -e "\nCould not forward ports automatically.\nDo it manually, or activate UPnP in your router and try again"; return 1; }
}

17
etc/ncp-config.d/nc-static-IP.sh → bin/ncp/NETWORKING/nc-static-IP.sh
View File

@ -8,10 +8,7 @@
# More at: https://ownyourbits.com
#
ACTIVE_=no
IP_=192.168.1.130
DESCRIPTION="Set up a static IP address (ACTIVE=yes), or DHCP (ACTIVE=no)"
configure()
{
@ -27,7 +24,7 @@ configure()
grep -q "^# NextCloudPi autogenerated" /etc/dhcpcd.conf && \
sed -i '/^# NextCloudPi autogenerated/,+6d' /etc/dhcpcd.conf
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
systemctl restart dhcpcd
echo "DHCP enabled"
return
@ -37,7 +34,7 @@ configure()
# NextCloudPi autogenerated
# don't modify! better use ncp-config
interface $IFACE
static ip_address=$IP_/24
static ip_address=$IP/24
static routers=$GW
static domain_name_servers=$DNS
@ -52,7 +49,7 @@ EOF
cp -n /etc/network/interfaces /etc/network/interfaces-ncp-backup-orig
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
cat > /etc/network/interfaces <<EOF
# Wired adapter #1
allow-hotplug $IFACE
@ -81,7 +78,7 @@ iface lo inet loopback
auto $IFACE
allow-hotplug $IFACE
iface $IFACE inet static
address $IP_
address $IP
netmask 255.255.255.0
gateway $GW
dns-nameservers $DNS 8.8.8.8
@ -89,9 +86,9 @@ EOF
systemctl restart networking
}
sudo -u www-data php /var/www/nextcloud/occ config:system:set trusted_domains 1 --value="$IP_"
sudo -u www-data php /var/www/nextcloud/occ config:system:set overwrite.cli.url --value=https://"$IP_"/
echo "Static IP set to $IP_"
sudo -u www-data php /var/www/nextcloud/occ config:system:set trusted_domains 1 --value="$IP"
sudo -u www-data php /var/www/nextcloud/occ config:system:set overwrite.cli.url --value=https://"$IP"/
echo "Static IP set to $IP"
}
install() { :; }

13
etc/ncp-config.d/samba.sh → bin/ncp/NETWORKING/samba.sh
View File

@ -8,15 +8,6 @@
# More at: https://ownyourbits.com
#
ACTIVE_=no
PWD_=ownyourbits
DESCRIPTION="SMB/CIFS file server (for Mac/Linux/Windows)"
INFOTITLE="Instructions for external synchronization"
INFO="If we intend to modify the data folder through SAMBA,
then we have to synchronize NextCloud to make it aware of the changes.
This can be done manually or automatically using 'nc-scan' and 'nc-scan-auto'"
install()
{
@ -42,7 +33,7 @@ EOF
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
service smbd stop
update-rc.d smbd disable
update-rc.d nmbd disable
@ -99,7 +90,7 @@ EOF
## create user with no login if it doesn't exist
id "$user" &>/dev/null || adduser --disabled-password --force-badname --gecos "" "$user" || return 1
echo -e "$PWD_\n$PWD_" | smbpasswd -s -a $user
echo -e "$PWD\n$PWD" | smbpasswd -s -a $user
usermod -aG www-data $user
sudo chmod g+w $DIR

14
etc/ncp-config.d/UFW.sh → bin/ncp/SECURITY/UFW.sh
View File

@ -8,13 +8,7 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
ACTIVE_=no
HTTP_=80
HTTPS_=443
SSH_=22
DESCRIPTION="Uncomplicated Firewall"
INFO="Beware of blocking the SSH port you are using!"
install()
{
@ -28,7 +22,7 @@ install()
configure()
{
[[ "$ACTIVE_" != yes ]] && {
[[ "$ACTIVE" != yes ]] && {
ufw --force reset
systemctl disable ufw
systemctl stop ufw
@ -40,12 +34,12 @@ configure()
systemctl start ufw
echo -e "\n# web server rules"
ufw allow $HTTP_/tcp
ufw allow $HTTPS_/tcp
ufw allow $HTTP/tcp
ufw allow $HTTPS/tcp
ufw allow 4443/tcp
echo -e "\n# SSH rules"
ufw allow $SSH_
ufw allow $SSH
echo -e "\n# DNS rules"
ufw allow dns

23
etc/ncp-config.d/fail2ban.sh → bin/ncp/SECURITY/fail2ban.sh
View File

@ -8,25 +8,18 @@
# More at: https://ownyourbits.com/2017/02/24/nextcloudpi-fail2ban-installer/
#
ACTIVE_=no
# time to ban an IP that exceeded attempts
BANTIME_=600
# cooldown time for incorrect passwords
FINDTIME_=600
# bad attempts before banning an IP
MAXRETRY_=6
# Option to activate email notifications
MAILALERTS_=no
# email to send notifications to
EMAIL_=optional@email.com
DESCRIPTION="Brute force protection for SSH and NextCloud"
install()
{
@ -70,7 +63,7 @@ EOF
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
service fail2ban stop
update-rc.d fail2ban disable
echo "fail2ban disabled"
@ -100,7 +93,7 @@ failregex = Login failed.*Remote IP.*'<HOST>'
ignoreregex =
EOF
[[ "$MAILALERTS_" == "yes" ]] && local ACTION=action_mwl || local ACTION=action_
[[ "$MAILALERTS" == "yes" ]] && local ACTION=action_mwl || local ACTION=action_
cat > /etc/fail2ban/jail.conf <<EOF
# The DEFAULT allows a global definition of the options. They can be overridden
@ -113,12 +106,12 @@ EOF
ignoreip = 127.0.0.1/8
# "bantime" is the number of seconds that a host is banned.
bantime = $BANTIME_
bantime = $BANTIME
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = $FINDTIME_
maxretry = $MAXRETRY_
findtime = $FINDTIME
maxretry = $MAXRETRY
#
# ACTIONS
@ -128,7 +121,7 @@ protocol = tcp
chain = INPUT
action_ = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
sendmail-whois-lines[name=%(__name__)s, dest=$EMAIL_, sender=ncp-fail2ban@ownyourbits.com]
sendmail-whois-lines[name=%(__name__)s, dest=$EMAIL, sender=ncp-fail2ban@ownyourbits.com]
action = %($ACTION)s
#
@ -141,7 +134,7 @@ enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = $MAXRETRY_
maxretry = $MAXRETRY
#
# HTTP servers
@ -153,7 +146,7 @@ enabled = true
port = http,https
filter = nextcloud
logpath = $NCLOG
maxretry = $MAXRETRY_
maxretry = $MAXRETRY
EOF
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
update-rc.d fail2ban defaults

12
etc/ncp-config.d/modsecurity.sh → bin/ncp/SECURITY/modsecurity.sh
View File

@ -8,14 +8,8 @@
# More at ownyourbits.com
#
ACTIVE_=no
NCDIR=/var/www/nextcloud/
NCPWB=/var/www/ncp-web/
DESCRIPTION="Web Application Firewall for extra security (experimental)"
INFOTITLE="Experimental feature warning"
INFO="This feature is highly experimental and has only been tested with
a basic NextCloud installation. If a new App does not work disable it"
install()
{
@ -93,10 +87,10 @@ configure()
</Directory>
EOF
[[ $ACTIVE_ == "yes" ]] && local STATE=On || local STATE=Off
[[ $ACTIVE == "yes" ]] && local STATE=On || local STATE=Off
sed -i "s|SecRuleEngine .*|SecRuleEngine $STATE|" /etc/modsecurity/modsecurity.conf
[[ $ACTIVE_ == "yes" ]] && echo "Enabling module security2" || echo "Disabling module security2"
[[ $ACTIVE_ == "yes" ]] && a2enmod security2 &>/dev/null || a2dismod security2 &>/dev/null
[[ $ACTIVE == "yes" ]] && echo "Enabling module security2" || echo "Disabling module security2"
[[ $ACTIVE == "yes" ]] && a2enmod security2 &>/dev/null || a2dismod security2 &>/dev/null
# delayed in bg so it does not kill the connection, and we get AJAX response
bash -c "sleep 2 && service apache2 reload" &>/dev/null &

1
etc/ncp-config.d/nc-audit.sh → bin/ncp/SECURITY/nc-audit.sh
View File

@ -8,7 +8,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
DESCRIPTION="Perform a security audit with lynis and debsecan"
install()
{

13
etc/ncp-config.d/nc-automount.sh → bin/ncp/SYSTEM/nc-automount.sh
View File

@ -8,17 +8,6 @@
# More at https://ownyourbits.com/
#
ACTIVE_=no
DESCRIPTION="Automount USB drives by plugging them in"
INFOTITLE="Automount notes"
INFO="Plugged in USB drives will be automounted under /media
on boot or at the moment of insertion.
Format your drive as ext4 in order to move NC datafolder or database
VFAT or NTFS is not recommended for this task, as it does not suport permissions
IMPORTANT: halt or umount the drive before extracting"
install()
{
@ -99,7 +88,7 @@ EOF
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
systemctl stop nc-automount
systemctl stop nc-automount-links
systemctl disable nc-automount

15
etc/ncp-config.d/nc-hdd-monitor.sh → bin/ncp/SYSTEM/nc-hdd-monitor.sh
View File

@ -8,11 +8,7 @@
# More at https://ownyourbits.com
#
ACTIVE_=no
NOTIFYUSER_=ncp
EMAIL_=optional@email.com
DESCRIPTION="Monitor HDD health automatically"
is_active()
{
@ -25,10 +21,9 @@ configure()
[[ ${#DRIVES[@]} == 0 ]] && {
echo "no drives detected. Disabling.."
ACTIVE_=no
}
[[ "$ACTIVE_" != yes ]] && {
[[ "$ACTIVE" != yes ]] && {
systemctl disable smartd
systemctl stop smartd
echo "HDD monitor disabled"
@ -37,16 +32,16 @@ configure()
cat > /etc/smartd.conf <<EOF
# short scan every day at 1am, long one on sundays at 2am
DEVICESCAN -a -m $EMAIL_ -M exec /usr/local/etc/ncp-hdd-notif.sh -s (S/../.././01|L/../../7/02)
DEVICESCAN -a -m $EMAIL -M exec /usr/local/etc/ncp-hdd-notif.sh -s (S/../.././01|L/../../7/02)
EOF
cat > /usr/local/etc/ncp-hdd-notif.sh <<EOF
#!/bin/bash
EOF
[[ "$EMAIL_" != "" ]] && {
[[ "$EMAIL" != "" ]] && {
cat >> /usr/local/etc/ncp-hdd-notif.sh <<EOF
sendmail "$EMAIL_" <<EOFMAIL
sendmail "$EMAIL" <<EOFMAIL
Subject: Hard drive problems found
"\$SMARTD_MESSAGE"
@ -57,7 +52,7 @@ EOF
cat >> /usr/local/etc/ncp-hdd-notif.sh <<EOF
wall "\$SMARTD_MESSAGE"
sudo -u www-data php /var/www/nextcloud/occ notification:generate \
$NOTIFYUSER_ "NextCloudPi HDD health \$SMARTD_FAILTYPE" \
$NOTIFYUSER "NextCloudPi HDD health \$SMARTD_FAILTYPE" \
-l "\$SMARTD_MESSAGE"
EOF
chmod +x /usr/local/etc/ncp-hdd-notif.sh

8
etc/ncp-config.d/nc-hdd-test.sh → bin/ncp/SYSTEM/nc-hdd-test.sh
View File

@ -8,11 +8,7 @@
# More at https://ownyourbits.com
#
SHORTTEST_=yes
LONGTEST_=no
DESCRIPTION="Check HDD health"
INFO="Running no test will display test results"
install()
{
@ -33,11 +29,11 @@ configure()
for dr in "${DRIVES[@]}"; do
smartctl --smart=on /dev/${dr} | sed 1,2d
if [[ "$SHORTTEST_" == yes ]]; then
if [[ "$SHORTTEST" == yes ]]; then
echo "* Starting test on $dr. Check results later"
smartctl -X "/dev/$dr" &>/dev/null
smartctl -t short "/dev/$dr" | sed 1,2d
elif [[ "$LONGTEST_" == yes ]]; then
elif [[ "$LONGTEST" == yes ]]; then
echo "* Starting test on $dr. Check results later"
smartctl -X "/dev/$dr" &>/dev/null
smartctl -t long "/dev/$dr" | sed 1,2d

1
etc/ncp-config.d/nc-info.sh → bin/ncp/SYSTEM/nc-info.sh
View File

@ -8,7 +8,6 @@
# More at: https://ownyourbits.com
#
DESCRIPTION="Print NextCloudPi system info"
install()
{

16
etc/ncp-config.d/nc-ramlogs.sh → bin/ncp/SYSTEM/nc-ramlogs.sh
View File

@ -8,11 +8,7 @@
# More at https://ownyourbits.com/
#
ACTIVE_=no
DESCRIPTION="mount logs in RAM to prevent SD degradation (faster, consumes more RAM)"
INFOTITLE="Warning"
INFO="You need to reboot for this change to take effect"
is_active()
{
@ -51,15 +47,9 @@ install()
configure()
{
find_unit_name
if [[ -z "$UNIT_NAME" ]]
then
echo "ERROR: log2ram service not found!"
fi
[[ $ACTIVE_ != "yes" ]] && {
systemctl disable "$UNIT_NAME"
systemctl stop "$UNIT_NAME"
[[ $ACTIVE != "yes" ]] && {
systemctl disable log2ram
systemctl stop log2ram
echo "Logs in SD. Reboot to take effect"
return
}

13
etc/ncp-config.d/nc-swapfile.sh → bin/ncp/SYSTEM/nc-swapfile.sh
View File

@ -8,9 +8,6 @@
# More at https://ownyourbits.com/
#
SWAPFILE_=/media/USBdrive/swap
SWAPSIZE_=1024
DESCRIPTION="Move and resize your swapfile. Recommended to move to a permanent USB drive"
is_active()
{
@ -21,9 +18,9 @@ is_active()
configure()
{
local ORIG="$( swapon | tail -1 | awk '{ print $1 }' )"
local DSTDIR="$( dirname "$SWAPFILE_" )"
[[ "$ORIG" == "$SWAPFILE_" ]] && { echo "nothing to do"; return 0; }
[[ -d "$SWAPFILE_" ]] && { echo "$SWAPFILE_ is a directory. Abort"; return 1; }
local DSTDIR="$( dirname "$SWAPFILE" )"
[[ "$ORIG" == "$SWAPFILE" ]] && { echo "nothing to do"; return 0; }
[[ -d "$SWAPFILE" ]] && { echo "$SWAPFILE is a directory. Abort"; return 1; }
[[ -d "$DSTDIR" ]] || { echo "$DSTDIR Doesn't exist. Abort"; return 1; }
[[ "$( stat -fc%T "$DSTDIR" )" == "btrfs" ]] && {
@ -34,8 +31,8 @@ configure()
[[ $( stat -fc%d / ) == $( stat -fc%d "$DSTDIR" ) ]] && \
echo -e "INFO: moving swapfile to another place in the same SD card\nIf you want to use an external mount, make sure it is properly set up"
sed -i "s|#\?CONF_SWAPFILE=.*|CONF_SWAPFILE=$SWAPFILE_|" /etc/dphys-swapfile
sed -i "s|#\?CONF_SWAPSIZE=.*|CONF_SWAPSIZE=$SWAPSIZE_|" /etc/dphys-swapfile
sed -i "s|#\?CONF_SWAPFILE=.*|CONF_SWAPFILE=$SWAPFILE|" /etc/dphys-swapfile
sed -i "s|#\?CONF_SWAPSIZE=.*|CONF_SWAPSIZE=$SWAPSIZE|" /etc/dphys-swapfile
grep -q vm.swappiness /etc/sysctl.conf || echo "vm.swappiness = 10" >> /etc/sysctl.conf && sysctl --load &>/dev/null
dphys-swapfile setup && dphys-swapfile swapon && {

14
etc/ncp-config.d/nc-wifi.sh → bin/ncp/SYSTEM/nc-wifi.sh
View File

@ -8,18 +8,6 @@
# More at https://ownyourbits.com/
#
ACTIVE_=no
DESCRIPTION="Configure your Wi-Fi connection"
INFOTITLE="Instructions to configure Wi-Fi"
INFO="
0) Write 'yes' to activate wifi, and 'no' to disable it
1) Select a Wi-Fi network
2) Press right arrow ->
3) Enter the passphrase for your Wi-Fi
4) Make sure to select 'connect automatically'
5) F10 to save
6) C to connect"
install()
{
@ -30,7 +18,7 @@ install()
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
systemctl stop wicd
systemctl disable wicd
systemctl start dhcpcd

4
etc/ncp-config.d/nc-zram.sh → bin/ncp/SYSTEM/nc-zram.sh
View File

@ -8,8 +8,6 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
ACTIVE_=no
DESCRIPTION="Enable compressed RAM to improve swap performance"
install()
{
@ -65,7 +63,7 @@ chmod +x /usr/local/bin/ncp-zram
configure()
{
[[ $ACTIVE_ != "yes" ]] && {
[[ $ACTIVE != "yes" ]] && {
systemctl stop zram
systemctl disable zram
echo "ZRAM disabled"

9
etc/ncp-config.d/unattended-upgrades.sh → bin/ncp/SYSTEM/unattended-upgrades.sh
View File

@ -8,9 +8,6 @@
# More at: ownyourbits.com
#
ACTIVE_=yes
AUTOREBOOT_=yes
DESCRIPTION="Automatic installation of security updates. Keep your cloud safe"
install()
{
@ -21,8 +18,8 @@ install()
configure()
{
[[ $ACTIVE_ == "yes" ]] && local AUTOUPGRADE=1 || local AUTOUPGRADE=0
[[ $AUTOREBOOT_ == "yes" ]] && local AUTOREBOOT=true || local AUTOREBOOT=false
[[ $ACTIVE == "yes" ]] && local AUTOUPGRADE=1 || local AUTOUPGRADE=0
[[ $AUTOREBOOT == "yes" ]] && local AUTOREBOOT=true || local AUTOREBOOT=false
# Raspbian case
grep -q Raspbian /etc/issue && {
@ -63,7 +60,7 @@ Dpkg::Options {
};
EOF
}
echo "Unattended upgrades active: $ACTIVE_ (autoreboot $AUTOREBOOT_)"
echo "Unattended upgrades active: $ACTIVE (autoreboot $AUTOREBOOT)"
}
# License

1
etc/ncp-config.d/nc-fix-permissions.sh → bin/ncp/TOOLS/nc-fix-permissions.sh
View File

@ -8,7 +8,6 @@
# More at: https://ownyourbits.com
#
DESCRIPTION="Fix permissions for NC data files, in case they were copied externally"
configure()
{

12
etc/ncp-config.d/nc-format-USB.sh → bin/ncp/TOOLS/nc-format-USB.sh
View File

@ -8,14 +8,6 @@
# More at: https://ownyourbits.com
#
LABEL_=myCloudDrive
DESCRIPTION="Format an external USB drive as a BTRFS partition (dangerous)"
INFOTITLE="Instructions for USB drive formatting"
INFO="Make sure that ONLY the USB drive that you want to format is plugged in.
careful, this will destroy any data in the USB drive
** YOU WILL LOSE ALL YOUR USB DATA **"
configure()
{
@ -47,12 +39,12 @@ configure()
parted /dev/"$NAME" --script -- mklabel gpt || return 2
parted /dev/"$NAME" --script -- mkpart primary 0% 100% || return 3
sleep 0.5
mkfs.btrfs -q /dev/"${NAME}1" -f -L "$LABEL_"
mkfs.btrfs -q /dev/"${NAME}1" -f -L "$LABEL"
local RET=$?
# enable nc-automount if enabled
killall -CONT udiskie 2>/dev/null
[ $RET -eq 0 ] && echo "Drive $NAME formatted successfuly and labeled $LABEL_"
[ $RET -eq 0 ] && echo "Drive $NAME formatted successfuly and labeled $LABEL"
return $RET
}

4
etc/ncp-config.d/nc-previews.sh → bin/ncp/TOOLS/nc-previews.sh
View File

@ -8,10 +8,6 @@
# More at nextcloudpi.com
#
DESCRIPTION="Generate previews for the gallery"
INFO="This will make browsing the gallery much more smooth.
For big collections, this can take a LONG time, depending on your hardware"
configure()
{

1
etc/ncp-config.d/nc-scan.sh → bin/ncp/TOOLS/nc-scan.sh
View File

@ -8,7 +8,6 @@
# More at: https://ownyourbits.com
#
DESCRIPTION="Scan NC for externally modified files"
install()
{

6
etc/ncp-config.d/nc-update-nextcloud.sh → bin/ncp/TOOLS/nc-update-nextcloud.sh
View File

@ -8,15 +8,11 @@
# More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
#
VERSION_=0
LATEST=14.0.4
DESCRIPTION="Update current instance to a new Nextcloud version"
INFO="Set to 0 to update to the latest avaliable version"
configure()
{
[[ "$VERSION_" == "0" ]] && VERSION_="$LATEST"
bash /usr/local/bin/ncp-update-nc "$VERSION_"
bash /usr/local/bin/ncp-update-nc "$VERSION"
}
install() { :; }

1
etc/ncp-config.d/nc-update.sh → bin/ncp/TOOLS/nc-update.sh
View File

@ -8,7 +8,6 @@
# More at https://ownyourbits.com/
#
DESCRIPTION="Update NextCloudPi"
configure()
{

12
build-SD-rpi.sh
View File

@ -57,12 +57,12 @@ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
# install everything
cd /tmp/ncp-build || exit 1
source etc/library.sh
install_script lamp.sh
install_script etc/ncp-config.d/nc-nextcloud.sh
activate_script etc/ncp-config.d/nc-nextcloud.sh
install_script ncp.sh
activate_script etc/ncp-config.d/nc-init.sh
install_script post-inst.sh
install_app lamp.sh
install_app etc/ncp-config.d/nc-nextcloud.sh
run_app etc/ncp-config.d/nc-nextcloud.sh
install_app ncp.sh
run_app etc/ncp-config.d/nc-init.sh
run_app post-inst.sh
# harden SSH further for Raspbian
sed -i 's|^#PermitRootLogin .*|PermitRootLogin no|' /etc/ssh/sshd_config

2
docker-armhf/lamp/Dockerfile
View File

@ -13,7 +13,7 @@ RUN \
# installation
source /usr/local/etc/library.sh; \
set +x; \
install_script /usr/local/etc/lamp.sh; \
install_app /usr/local/etc/lamp.sh; \
# stop mysqld
mysqladmin -u root shutdown; \

11
docker-armhf/nextcloud/Dockerfile
View File

@ -7,7 +7,8 @@ SHELL ["/bin/bash", "-c"]
ENV DOCKERBUILD 1
COPY etc/library.sh /usr/local/etc/
COPY etc/ncp-config.d/nc-init.sh etc/ncp-config.d/nc-nextcloud.sh /
COPY bin/ncp/CONFIG/nc-nextcloud.sh /
COPY etc/ncp-config.d/nc-nextcloud.cfg /usr/local/etc/ncp-config.d/
RUN \
@ -16,11 +17,11 @@ touch /.ncp-image; \
# installation ( /var/www/nextcloud -> /data/app which will be in a volume )
apt-get update; \
apt-get install --no-install-recommends -y wget ca-certificates sudo; \
apt-get install --no-install-recommends -y wget ca-certificates sudo jq; \
source /usr/local/etc/library.sh; \
set +x; \
install_script /nc-nextcloud.sh; \
activate_script /nc-nextcloud.sh; \
install_app /nc-nextcloud.sh; \
run_app_unsafe /nc-nextcloud.sh; \
mv /var/www/nextcloud /data-ro/app; \
ln -s /data-ro/app /var/www/nextcloud; \
@ -38,7 +39,7 @@ rm -f /var/log/alternatives.log /var/log/apt/*; \
# specific cleanup
apt-get purge -y wget ca-certificates; \
rm /nc-nextcloud.sh; \
rm /nc-nextcloud.sh /usr/local/etc/ncp-config.d/nc-nextcloud.cfg; \
rm /.ncp-image;
COPY docker-common/nextcloud/020nextcloud /etc/services-enabled.d/

14
docker-armhf/nextcloudpi/Dockerfile
View File

@ -7,7 +7,7 @@ SHELL ["/bin/bash", "-c"]
ENV DOCKERBUILD 1
RUN mkdir -p /tmp/ncp-build
COPY bin/* /tmp/ncp-build/bin/
COPY bin/ /tmp/ncp-build/bin/
COPY etc /tmp/ncp-build/etc/
COPY ncp.sh update.sh /tmp/ncp-build/
COPY ncp-web /tmp/ncp-build/ncp-web/
@ -31,19 +31,18 @@ apt-get install --no-install-recommends -y wget ca-certificates; \
source /usr/local/etc/library.sh; \
set +x; \
cd /tmp/ncp-build/; \
install_script ncp.sh; \
install_app ncp.sh; \
# fix default paths
sed -i 's|/media/USBdrive|/data/backups|' /usr/local/etc/ncp-config.d/nc-backup.sh; \
sed -i 's|/media/USBdrive|/data/backups|' /usr/local/etc/ncp-config.d/nc-backup.cfg; \
# specific cleanup
rm -r /tmp/ncp-build; \
cd /; rm -r /tmp/ncp-build; \
rm /.ncp-image; \
# cleanup all NCP extras
source /usr/local/etc/library.sh; \
cd /usr/local/etc/ncp-config.d/; \
for script in *.sh; do cleanup_script $script; done; \
find /usr/local/bin/ncp -name '*.sh' | while read l; do cleanup_script $l; done; \
# should be cleaned up in no-ip.sh, but breaks udiskie.
# safe to do it here since no automount in docker
@ -60,6 +59,9 @@ rm -f /var/log/alternatives.log /var/log/apt/*; \
rm /var/cache/debconf/*-old;
COPY docker-common/nextcloudpi/000ncp /etc/services-enabled.d/
COPY bin/ncp/CONFIG/nc-init.sh /
COPY etc/ncp-config.d/nc-init.cfg /usr/local/etc/ncp-config.d/
# 4443 - ncp-web
EXPOSE 80 443 4443

1
docker-common/debian-ncp/run-parts.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash
cleanup()
{
for file in $( ls -1rv /etc/services-enabled.d ); do

2
docker-common/nextcloud/020nextcloud
View File

@ -36,7 +36,7 @@ postfix start
test -f /data/app/config/config.php || {
echo "Uninitialized instance, running nc-init..."
source /usr/local/etc/library.sh
activate_script /nc-init.sh
run_app_unsafe /nc-init.sh
mv /index.php /var/www/nextcloud/ # restore this file after init
}

2
docker/lamp/Dockerfile
View File

@ -13,7 +13,7 @@ RUN \
# installation
source /usr/local/etc/library.sh; \
set +x; \
install_script /usr/local/etc/lamp.sh; \
install_app /usr/local/etc/lamp.sh; \
# stop mysqld
mysqladmin -u root shutdown; \

11
docker/nextcloud/Dockerfile
View File

@ -7,7 +7,8 @@ SHELL ["/bin/bash", "-c"]
ENV DOCKERBUILD 1
COPY etc/library.sh /usr/local/etc/
COPY etc/ncp-config.d/nc-init.sh etc/ncp-config.d/nc-nextcloud.sh /
COPY bin/ncp/CONFIG/nc-nextcloud.sh /
COPY etc/ncp-config.d/nc-nextcloud.cfg /usr/local/etc/ncp-config.d/
RUN \
@ -16,11 +17,11 @@ touch /.ncp-image; \
# installation ( /var/www/nextcloud -> /data/app which will be in a volume )
apt-get update; \
apt-get install --no-install-recommends -y wget ca-certificates sudo; \
apt-get install --no-install-recommends -y wget ca-certificates sudo jq; \
source /usr/local/etc/library.sh; \
set +x; \
install_script /nc-nextcloud.sh; \
activate_script /nc-nextcloud.sh; \
install_app /nc-nextcloud.sh; \
run_app_unsafe /nc-nextcloud.sh; \
mv /var/www/nextcloud /data-ro/app; \
ln -s /data-ro/app /var/www/nextcloud; \
@ -38,7 +39,7 @@ rm -f /var/log/alternatives.log /var/log/apt/*; \
# specific cleanup
apt-get purge -y wget ca-certificates; \
rm /nc-nextcloud.sh; \
rm /nc-nextcloud.sh /usr/local/etc/ncp-config.d/nc-nextcloud.cfg; \
rm /.ncp-image;
COPY docker-common/nextcloud/020nextcloud /etc/services-enabled.d/

14
docker/nextcloudpi/Dockerfile
View File

@ -7,7 +7,7 @@ SHELL ["/bin/bash", "-c"]
ENV DOCKERBUILD 1
RUN mkdir -p /tmp/ncp-build
COPY bin/* /tmp/ncp-build/bin/
COPY bin/ /tmp/ncp-build/bin/
COPY etc /tmp/ncp-build/etc/
COPY ncp.sh update.sh /tmp/ncp-build/
COPY ncp-web /tmp/ncp-build/ncp-web/
@ -31,19 +31,18 @@ apt-get install --no-install-recommends -y wget ca-certificates; \
source /usr/local/etc/library.sh; \
set +x; \
cd /tmp/ncp-build/; \
install_script ncp.sh; \
install_app ncp.sh; \
# fix default paths
sed -i 's|/media/USBdrive|/data/backups|' /usr/local/etc/ncp-config.d/nc-backup.sh; \
sed -i 's|/media/USBdrive|/data/backups|' /usr/local/etc/ncp-config.d/nc-backup.cfg; \
# specific cleanup
rm -r /tmp/ncp-build; \
cd /; rm -r /tmp/ncp-build; \
rm /.ncp-image; \
# cleanup all NCP extras
source /usr/local/etc/library.sh; \
cd /usr/local/etc/ncp-config.d/; \
for script in *.sh; do cleanup_script $script; done; \
find /usr/local/bin/ncp -name '*.sh' | while read l; do cleanup_script $l; done; \
# should be cleaned up in no-ip.sh, but breaks udiskie.
# safe to do it here since no automount in docker
@ -60,6 +59,9 @@ rm -f /var/log/alternatives.log /var/log/apt/*; \
rm /var/cache/debconf/*-old;
COPY docker-common/nextcloudpi/000ncp /etc/services-enabled.d/
COPY bin/ncp/CONFIG/nc-init.sh /
COPY etc/ncp-config.d/nc-init.cfg /usr/local/etc/ncp-config.d/
# 4443 - ncp-web
EXPOSE 80 443 4443

255
etc/library.sh
View File

@ -8,172 +8,211 @@
# More at ownyourbits.com
#
CFGDIR=/usr/local/etc/ncp-config.d
BINDIR=/usr/local/bin/ncp
# Initializes $INSTALLATION_CODE
function config()
function configure_app()
{
local INSTALL_SCRIPT="$1"
local BACKTITLE="NextCloudPi installer configuration"
local ncp_app="$1"
local cfg_file="$CFGDIR/$ncp_app.cfg"
local backtitle="NextCloudPi installer configuration"
local ret=1
# checks
type dialog &>/dev/null || { echo "please, install dialog for interactive configuration"; return 1; }
[[ -f "$cfg_file" ]] || return 0;
test -f "$INSTALL_SCRIPT" || { echo "file $INSTALL_SCRIPT not found"; return 1; }
local VARS=( $( grep "^[[:alpha:]]\+_=" "$INSTALL_SCRIPT" | sed 's|_=.*$||' ) )
local VALS=( $( grep "^[[:alpha:]]\+_=" "$INSTALL_SCRIPT" | sed 's|^.*_=||' ) )
local cfg="$( cat "$cfg_file" )"
local len="$(jq '.params | length' <<<"$cfg")"
[[ $len -eq 0 ]] && return
[[ "$NO_CONFIG" == "1" ]] || test ${#VARS[@]} -eq 0 && { INSTALLATION_CODE="$( cat "$INSTALL_SCRIPT" )"; return; }
for i in $( seq 1 1 ${#VARS[@]} ); do
local PARAM+="${VARS[$((i-1))]} $i 1 ${VALS[$((i-1))]} $i 15 60 120 "
# read cfg parameters
for (( i = 0 ; i < len ; i++ )); do
local var="$(jq -r ".params[$i].id" <<<"$cfg")"
local val="$(jq -r ".params[$i].value" <<<"$cfg")"
local vars+=("$var")
local vals+=("$val")
local idx=$((i+1))
local parameters+="$var $idx 1 $val $idx 15 60 120 "
done
# dialog
local DIALOG_OK=0
local DIALOG_CANCEL=1
local DIALOG_ERROR=254
local DIALOG_ESC=255
local RET=0
local res=0
while test $RET != 1 && test $RET != 250; do
while test $res != 1 && test $res != 250; do
local value
value="$( dialog --ok-label "Start" \
--no-lines --backtitle "$BACKTITLE" \
--form "Enter configuration for $( basename "$INSTALL_SCRIPT" .sh )" \
20 70 0 $PARAM \
--no-lines --backtitle "$backtitle" \
--form "Enter configuration for $ncp_app" \
20 70 0 $parameters \
3>&1 1>&2 2>&3 )"
RET=$?
case $RET in
res=$?
case $res in
$DIALOG_CANCEL)
return 1
break
;;
$DIALOG_OK)
local RET_VALS=()
while read l; do RET_VALS+=("$l"); done < <( echo -e "$value" )
for i in $( seq 0 1 $(( ${#RET_VALS[@]} - 1 )) ); do
while read val; do local ret_vals+=("$val"); done <<<"$value"
for (( i = 0 ; i < len ; i++ )); do
# check for invalid characters
grep -q "[&[:space:]]" <<< "${RET_VALS[$i]}" && { echo "Invalid characters in field ${VARS[$i]}"; return 1; }
grep -q "[;&[:space:]]" <<< "${ret_vals[$i]}" && { echo "Invalid characters in field ${vars[$i]}"; break; }
local SEDRULE+="s|^${VARS[$i]}_=.*|${VARS[$i]}_=${RET_VALS[$i]}|;"
cfg="$(jq ".params[$i].value = \"${ret_vals[$i]}\"" <<<"$cfg")"
done
ret=0
break
;;
$DIALOG_ERROR)
echo "ERROR!$value"
return 1
break
;;
$DIALOG_ESC)
echo "ESC pressed."
return 1
break
;;
*)
echo "Return code was $RET"
return 1
echo "Return code was $res"
break
;;
esac
done
INSTALLATION_CODE="$( sed "$SEDRULE" "$INSTALL_SCRIPT" )"
echo "$cfg" > "$cfg_file"
printf '\033[2J' && tput cup 0 0 # clear screen, don't clear scroll, cursor on top
return $ret
}
function install_script()
function run_app()
{
(
local SCRIPT=$1
source ./"$SCRIPT"
echo -e "Installing $( basename "$SCRIPT" .sh )"
set +x
install
)
local ncp_app=$1
local script="$(find "$BINDIR" -name $ncp_app.sh)"
[[ -f "$script" ]] || { echo "file $script not found"; return 1; }
run_app_unsafe "$script"
}
function activate_script()
# receives a script file, no security checks
function run_app_unsafe()
{
local SCRIPT=$1
echo -e "Activating $( basename "$SCRIPT" .sh )"
launch_script "$SCRIPT"
local script=$1
local ncp_app="$(basename "$script" .sh)"
local cfg_file="$CFGDIR/$ncp_app.cfg"
local log=/var/log/ncp.log
[[ -f "$script" ]] || { echo "file $script not found"; return 1; }
touch $log
chmod 640 $log
chown root:www-data $log
echo "Running $ncp_app"
echo "[ $ncp_app ]" >> $log
# read script
unset configure
source "$script"
# read cfg parameters
[[ -f "$cfg_file" ]] && {
local cfg="$( cat "$cfg_file" )"
local len="$(jq '.params | length' <<<"$cfg")"
for (( i = 0 ; i < len ; i++ )); do
local var="$(jq -r ".params[$i].id" <<<"$cfg")"
local val="$(jq -r ".params[$i].value" <<<"$cfg")"
eval "$var=$val"
done
}
# run
configure 2>&1 | tee -a $log
local ret="${PIPESTATUS[0]}"
echo "" >> $log
return "$ret"
}
function is_active_script()
function is_active_app()
{
(
local SCRIPT=$1
unset is_active
source "$SCRIPT"
[[ $( type -t is_active ) == function ]] && {
is_active
return $?
}
grep -q "^ACTIVE_=yes" "$SCRIPT" && return 0
)
}
local ncp_app=$1
local bin_dir=${2:-.}
local script="$bin_dir/$ncp_app.sh"
local cfg_file="$CFGDIR/$ncp_app.cfg"
function run_and_log()
{
local SCRIPT=$1
touch /var/log/ncp.log
chmod 640 /var/log/ncp.log
chown root:www-data /var/log/ncp.log
echo -e "[ $( basename "$SCRIPT" .sh ) ]" >> /var/log/ncp.log
configure 2>&1 | tee -a /var/log/ncp.log
local RET="${PIPESTATUS[0]}"
echo "" >> /var/log/ncp.log
return "$RET"
}
[[ -f "$script" ]] || local script="$(find "$BINDIR" -name $ncp_app.sh)"
[[ -f "$script" ]] || { echo "file $script not found"; return 1; }
function launch_script()
{
(
local SCRIPT=$1
source ./"$SCRIPT"
set +x
run_and_log "$SCRIPT"
)
# function
unset is_active
source "$script"
[[ $( type -t is_active ) == function ]] && { is_active; return $?; }
# config
[[ -f "$cfg_file" ]] || return 1
local cfg="$( cat "$cfg_file" )"
[[ "$(jq -r ".params[0].id" <<<"$cfg")" == "ACTIVE" ]] && \
[[ "$(jq -r ".params[0].value" <<<"$cfg")" == "yes" ]] && \
return 0
}
# show an info box for a script if the INFO variable is set in the script
function info_script()
function info_app()
{
(
local SCRIPT=$1
cd /usr/local/etc/ncp-config.d/ || return 1
unset show_info INFO INFOTITLE
source ./"$SCRIPT"
local INFOTITLE="${INFOTITLE:-Info}"
[[ "$INFO" == "" ]] && return 0
whiptail --yesno --backtitle "NextCloudPi configuration" --title "$INFOTITLE" "$INFO" 20 90
)
local ncp_app=$1
local cfg_file="$CFGDIR/$ncp_app.cfg"
local cfg="$( cat "$cfg_file" 2>/dev/null )"
local info=$( jq -r .info <<<"$cfg" )
local infotitle=$( jq -r .infotitle <<<"$cfg" )
[[ "$info" == "" ]] || [[ "$info" == "null" ]] && return 0
[[ "$infotitle" == "" ]] || [[ "$infotitle" == "null" ]] && infotitle="Info"
whiptail --yesno \
--backtitle "NextCloudPi configuration" \
--title "$infotitle" \
--yes-button "I understand" \
--no-button "Go back" \
"$info" 20 90
}
function configure_script()
function install_app()
{
(
local SCRIPT=$1
cd /usr/local/etc/ncp-config.d/ || return 1
config "$SCRIPT" || return 1 # writes "$INSTALLATION_CODE"
echo -e "$INSTALLATION_CODE" > "$SCRIPT" # save configuration
source ./"$SCRIPT" # load configuration
printf '\033[2J' && tput cup 0 0 # clear screen, don't clear scroll, cursor on top
echo -e "Launching $( basename "$SCRIPT" .sh )"
set +x
run_and_log "$SCRIPT"
return 0
)
local ncp_app=$1
# $1 can be either an installed app name or an app script
if [[ -f "$ncp_app" ]]; then
local script="$ncp_app"
local ncp_app="$(basename "$script" .sh)"
else
local script="$(find "$BINDIR" -name $ncp_app.sh)"
fi
# do it
unset install
source "$script"
echo "Installing $ncp_app"
(install)
}
function cleanup_script()
{
(
local SCRIPT=$1
cd /usr/local/etc/ncp-config.d/ || return 1
unset cleanup
source ./"$SCRIPT"
if [[ $( type -t cleanup ) == function ]]; then
cleanup
return $?
fi
return 0
)
local script=$1
unset cleanup
source "$script"
if [[ $( type -t cleanup ) == function ]]; then
cleanup
return $?
fi
return 0
}
function persistent_cfg()

26
etc/ncp-config.d/DDNS_duckDNS.cfg Normal file
View File

@ -0,0 +1,26 @@
{
"id": "DDNS_duckDNS",
"name": "DDNS_duckDNS",
"title": "DDNS_duckDNS",
"description": "Free Dynamic DNS provider (need account from https://duckdns.org)",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "DOMAIN",
"name": "DOMAIN",
"value": "mycloud.duckdns.org"
},
{
"id": "TOKEN",
"name": "TOKEN",
"value": "your-duckdns-token"
}
]
}

31
etc/ncp-config.d/DDNS_freeDNS.cfg Normal file
View File

@ -0,0 +1,31 @@
{
"id": "DDNS_freeDNS",
"name": "DDNS_freeDNS",
"title": "DDNS_freeDNS",
"description": "DDNS FreeDNS client (need account)",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "UPDATEHASH",
"name": "UPDATEHASH",
"value": "abcdefghijklmnopqrstuvwxyzABCDEFGHIJK1234567"
},
{
"id": "DOMAIN",
"name": "DOMAIN",
"value": "mynextcloud.example.com"
},
{
"id": "UPDATEINTERVAL",
"name": "UPDATEINTERVAL",
"value": "30"
}
]
}

36
etc/ncp-config.d/DDNS_no-ip.cfg Normal file
View File

@ -0,0 +1,36 @@
{
"id": "DDNS_no-ip",
"name": "DDNS_no-ip",
"title": "DDNS_no-ip",
"description": "DDNS no-ip free provider (need account)",
"info": "For this step to succeed, you need to register a noip account first.\nInternet access is required for this configuration to complete.",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "USER",
"name": "USER",
"value": "my-noip-user@email.com"
},
{
"id": "PASS",
"name": "PASS",
"value": "noip-pass"
},
{
"id": "DOMAIN",
"name": "DOMAIN",
"value": "mycloud.ownyourbits.com"
},
{
"id": "TIME",
"name": "TIME",
"value": "30"
}
]
}

26
etc/ncp-config.d/DDNS_spDYN.cfg Normal file
View File

@ -0,0 +1,26 @@
{
"id": "DDNS_spDYN",
"name": "DDNS_spDYN",
"title": "DDNS_spDYN",
"description": "Free Dynamic DNS provider (need account from spdyn.de)",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "DOMAIN",
"name": "DOMAIN",
"value": "mycloud.spdns.de"
},
{
"id": "TOKEN",
"name": "TOKEN",
"value": "your-spdns-token"
}
]
}

36
etc/ncp-config.d/NFS.cfg Normal file
View File

@ -0,0 +1,36 @@
{
"id": "NFS",
"name": "NFS",
"title": "NFS",
"description": "NFS network file system server (for Linux LAN)",
"info": "If we intend to modify the data folder through NFS,\nthen we have to synchronize NextCloud to make it aware of the changes.\n\nThis can be done manually or automatically using 'nc-scan' and 'nc-scan-auto'",
"infotitle": "Instructions for external synchronization",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "DIR",
"name": "DIR",
"value": "/media/USBdrive/ncdata/admin/files"
},
{
"id": "SUBNET",
"name": "SUBNET",
"value": "192.168.1.0/24"
},
{
"id": "USER",
"name": "USER",
"value": "www-data"
},
{
"id": "GROUP",
"name": "GROUP",
"value": "www-data"
}
]
}

31
etc/ncp-config.d/SSH.cfg Normal file
View File

@ -0,0 +1,31 @@
{
"id": "SSH",
"name": "SSH",
"title": "SSH",
"description": "Activate or deactivate SSH",
"info": "In order to enable SSH, the password for user 'pi' can NOT remain set to the default raspberry. \nYou HAVE to create a NEW password for 'pi' if you want this program to enable SSH, it will fail if you dont!\nThe same will happen with user 'root' and password '1234'\nNote: Use normal AlphaNumeric, the only special characters allowed are .,@-_/",
"infotitle": "SSH notes",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "USER",
"name": "USER",
"value": "root"
},
{
"id": "PASS",
"name": "PASS",
"value": "1234"
},
{
"id": "CONFIRM",
"name": "CONFIRM",
"value": "1234"
}
]
}

31
etc/ncp-config.d/UFW.cfg Normal file
View File

@ -0,0 +1,31 @@
{
"id": "UFW",
"name": "UFW",
"title": "UFW",
"description": "Uncomplicated Firewall",
"info": "Beware of blocking the SSH port you are using!",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "HTTP",
"name": "HTTP",
"value": "80"
},
{
"id": "HTTPS",
"name": "HTTPS",
"value": "443"
},
{
"id": "SSH",
"name": "SSH",
"value": "22"
}
]
}

31
etc/ncp-config.d/dnsmasq.cfg Normal file
View File

@ -0,0 +1,31 @@
{
"id": "dnsmasq",
"name": "dnsmasq",
"title": "dnsmasq",
"description": "DNS server with cache",
"info": "Remember to point your PC and devices DNS or\nyou router DNS to your Raspberry Pi IP",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "DOMAIN",
"name": "DOMAIN",
"value": "mycloud.ownyourbits.com"
},
{
"id": "DNSSERVER",
"name": "DNSSERVER",
"value": "8.8.8.8"
},
{
"id": "CACHESIZE",
"name": "CACHESIZE",
"value": "150"
}
]
}

42
etc/ncp-config.d/fail2ban.cfg Normal file
View File

@ -0,0 +1,42 @@
{
"id": "fail2ban",
"name": "fail2ban",
"title": "fail2ban",
"description": "Brute force protection for SSH and NextCloud",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "BANTIME",
"name": "BANTIME",
"value": "600"
},
{
"id": "FINDTIME",
"name": "FINDTIME",
"value": "600"
},
{
"id": "MAXRETRY",
"name": "MAXRETRY",
"value": "6"
},
{
"id": "MAILALERTS",
"name": "MAILALERTS",
"value": "no",
"type": "bool"
},
{
"id": "EMAIL",
"name": "EMAIL",
"value": "optional@email.com"
}
]
}

25
etc/ncp-config.d/letsencrypt.cfg Normal file
View File

@ -0,0 +1,25 @@
{
"id": "letsencrypt",
"name": "letsencrypt",
"title": "letsencrypt",
"description": "Automatic signed SSL certificates",
"info": "Internet access is required for this configuration to complete\nBoth ports 80 and 443 need to be accessible from the internet\n \nYour certificate will be automatically renewed every month",
"infotitle": "Warning",
"params": [
{
"id": "DOMAIN",
"name": "DOMAIN",
"value": "mycloud.ownyourbits.com"
},
{
"id": "EMAIL",
"name": "EMAIL",
"value": "mycloud@ownyourbits.com"
},
{
"id": "NOTIFYUSER",
"name": "NOTIFYUSER",
"value": "ncp"
}
]
}

16
etc/ncp-config.d/modsecurity.cfg Normal file
View File

@ -0,0 +1,16 @@
{
"id": "modsecurity",
"name": "modsecurity",
"title": "modsecurity",
"description": "Web Application Firewall for extra security (experimental)",
"info": "This feature is highly experimental and has only been tested with\na basic NextCloud installation. If a new App does not work disable it",
"infotitle": "Experimental feature warning",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
}
]
}

25
etc/ncp-config.d/nc-admin.cfg Normal file
View File

@ -0,0 +1,25 @@
{
"id": "nc-admin",
"name": "nc-admin",
"title": "nc-admin",
"description": "Change password for the Nextcloud admin user",
"info": "",
"infotitle": "",
"params": [
{
"id": "USER",
"name": "USER",
"value": "ncp"
},
{
"id": "PASSWORD",
"name": "PASSWORD",
"value": "ownyourbits"
},
{
"id": "CONFIRM",
"name": "CONFIRM",
"value": "ownyourbits"
}
]
}

9
etc/ncp-config.d/nc-audit.cfg Normal file
View File

@ -0,0 +1,9 @@
{
"id": "nc-audit",
"name": "nc-audit",
"title": "nc-audit",
"description": "Perform a security audit with lynis and debsecan",
"info": "",
"infotitle": "",
"params": []
}

16
etc/ncp-config.d/nc-automount.cfg Normal file
View File

@ -0,0 +1,16 @@
{
"id": "nc-automount",
"name": "nc-automount",
"title": "nc-automount",
"description": "Automount USB drives by plugging them in",
"info": "Plugged in USB drives will be automounted under /media\non boot or at the moment of insertion.\n\nFormat your drive as ext4 in order to move NC datafolder or database\nVFAT or NTFS is not recommended for this task, as it does not suport permissions\n\nIMPORTANT: halt or umount the drive before extracting",
"infotitle": "Automount notes",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
}
]
}

21
etc/ncp-config.d/nc-autoupdate-nc.cfg Normal file
View File

@ -0,0 +1,21 @@
{
"id": "nc-autoupdate-nc",
"name": "nc-autoupdate-nc",
"title": "nc-autoupdate-nc",
"description": "Automatically apply Nextcloud updates",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "NOTIFYUSER",
"name": "NOTIFYUSER",
"value": "ncp"
}
]
}

21
etc/ncp-config.d/nc-autoupdate-ncp.cfg Normal file
View File

@ -0,0 +1,21 @@
{
"id": "nc-autoupdate-ncp",
"name": "nc-autoupdate-ncp",
"title": "nc-autoupdate-ncp",
"description": "Automatically apply NextCloudPi updates",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "NOTIFYUSER",
"name": "NOTIFYUSER",
"value": "ncp"
}
]
}

43
etc/ncp-config.d/nc-backup-auto.cfg Normal file
View File

@ -0,0 +1,43 @@
{
"id": "nc-backup-auto",
"name": "nc-backup-auto",
"title": "nc-backup-auto",
"description": "Periodic backups",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "DESTDIR",
"name": "DESTDIR",
"value": "/media/USBdrive/ncp-backups"
},
{
"id": "INCLUDEDATA",
"name": "INCLUDEDATA",
"value": "no",
"type": "bool"
},
{
"id": "COMPRESS",
"name": "COMPRESS",
"value": "no",
"type": "bool"
},
{
"id": "BACKUPDAYS",
"name": "BACKUPDAYS",
"value": "7"
},
{
"id": "BACKUPLIMIT",
"name": "BACKUPLIMIT",
"value": "4"
}
]
}

32
etc/ncp-config.d/nc-backup.cfg Normal file
View File

@ -0,0 +1,32 @@
{
"id": "nc-backup",
"name": "nc-backup",
"title": "nc-backup",
"description": "Backup this NC instance to a file",
"info": "",
"infotitle": "",
"params": [
{
"id": "DESTDIR",
"name": "DESTDIR",
"value": "/media/USBdrive/ncp-backups"
},
{
"id": "INCLUDEDATA",
"name": "INCLUDEDATA",
"value": "no",
"type": "bool"
},
{
"id": "COMPRESS",
"name": "COMPRESS",
"value": "no",
"type": "bool"
},
{
"id": "BACKUPLIMIT",
"name": "BACKUPLIMIT",
"value": "4"
}
]
}

15
etc/ncp-config.d/nc-database.cfg Normal file
View File

@ -0,0 +1,15 @@
{
"id": "nc-database",
"name": "nc-database",
"title": "nc-database",
"description": "Move your database to a new location, like a USB drive",
"info": "Note that non Unix filesystems such as NTFS are not supported\nbecause they do not provide a compatible user/permissions system.\n\nYou need to use a USB drive that is permanently on and is responsive \nor the database will fail.\n\nPlease note that the default location, when first installed is /var/lib/mysql/. \nMove it to the desired location by editing the DBDIR= field, the one shown is an example.\n\n** If it ever fails with a white page, move the database back to the SD **",
"infotitle": "",
"params": [
{
"id": "DBDIR",
"name": "DBDIR",
"value": "/media/USBdrive/ncdatabase"
}
]
}

15
etc/ncp-config.d/nc-datadir.cfg Normal file
View File

@ -0,0 +1,15 @@
{
"id": "nc-datadir",
"name": "nc-datadir",
"title": "nc-datadir",
"description": "Change your data dir to a new location, like a USB drive",
"info": "Note that non Unix filesystems such as NTFS are not supported\nbecause they do not provide a compatible user/permissions system.\nAlso please note that the default location, when first installed is /var/www/nextcloud/data. \nMove it to the desired location by editing the DATADIR= field, the PATH shown is an example.",
"infotitle": "",
"params": [
{
"id": "DATADIR",
"name": "DATADIR",
"value": "/media/USBdrive/ncdata"
}
]
}

15
etc/ncp-config.d/nc-export-ncp.cfg Normal file
View File

@ -0,0 +1,15 @@
{
"id": "nc-export-ncp",
"name": "nc-export-ncp",
"title": "nc-export-ncp",
"description": "Export NextCloudPi configuration",
"info": "",
"infotitle": "",
"params": [
{
"id": "DIR",
"name": "DIR",
"value": "/media/USBdrive/"
}
]
}

9
etc/ncp-config.d/nc-fix-permissions.cfg Normal file
View File

@ -0,0 +1,9 @@
{
"id": "nc-fix-permissions",
"name": "nc-fix-permissions",
"title": "nc-fix-permissions",
"description": "Fix permissions for NC data files, in case they were copied externally",
"info": "",
"infotitle": "",
"params": []
}

15
etc/ncp-config.d/nc-format-USB.cfg Normal file
View File

@ -0,0 +1,15 @@
{
"id": "nc-format-USB",
"name": "nc-format-USB",
"title": "nc-format-USB",
"description": "Format an external USB drive as a BTRFS partition (dangerous)",
"info": "Make sure that ONLY the USB drive that you want to format is plugged in.\ncareful, this will destroy any data in the USB drive\n\n** YOU WILL LOSE ALL YOUR USB DATA **",
"infotitle": "Instructions for USB drive formatting",
"params": [
{
"id": "LABEL",
"name": "LABEL",
"value": "myCloudDrive"
}
]
}

20
etc/ncp-config.d/nc-forward-ports.cfg Normal file
View File

@ -0,0 +1,20 @@
{
"id": "nc-forward-ports",
"name": "nc-forward-ports",
"title": "nc-forward-ports",
"description": "Set port forwarding to access from outside (UPnP)",
"info": "For NextCloudPi to be able to setup your ports, UPnP must be activated\nin your router. Activate it now on your router admin webpage.\n\n** UPnP is considered a security risk **\n\nDon't forget to disable it afterwards",
"infotitle": "Instructions for UPnP Port Forwarding",
"params": [
{
"id": "HTTPSPORT",
"name": "HTTPSPORT",
"value": "443"
},
{
"id": "HTTPPORT",
"name": "HTTPPORT",
"value": "80"
}
]
}

26
etc/ncp-config.d/nc-hdd-monitor.cfg Normal file
View File

@ -0,0 +1,26 @@
{
"id": "nc-hdd-monitor",
"name": "nc-hdd-monitor",
"title": "nc-hdd-monitor",
"description": "Monitor HDD health automatically",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "no",
"type": "bool"
},
{
"id": "NOTIFYUSER",
"name": "NOTIFYUSER",
"value": "ncp"
},
{
"id": "EMAIL",
"name": "EMAIL",
"value": "optional@email.com"
}
]
}

22
etc/ncp-config.d/nc-hdd-test.cfg Normal file
View File

@ -0,0 +1,22 @@
{
"id": "nc-hdd-test",
"name": "nc-hdd-test",
"title": "nc-hdd-test",
"description": "Check HDD health",
"info": "Running no test will display test results",
"infotitle": "",
"params": [
{
"id": "SHORTTEST",
"name": "SHORTTEST",
"value": "yes",
"type": "bool"
},
{
"id": "LONGTEST",
"name": "LONGTEST",
"value": "no",
"type": "bool"
}
]
}

16
etc/ncp-config.d/nc-httpsonly.cfg Normal file
View File

@ -0,0 +1,16 @@
{
"id": "nc-httpsonly",
"name": "nc-httpsonly",
"title": "nc-httpsonly",
"description": "Force HTTPS",
"info": "",
"infotitle": "",
"params": [
{
"id": "ACTIVE",
"name": "ACTIVE",
"value": "yes",
"type": "bool"
}
]
}

15
etc/ncp-config.d/nc-import-ncp.cfg Normal file
View File

@ -0,0 +1,15 @@
{
"id": "nc-import-ncp",
"name": "nc-import-ncp",
"title": "nc-import-ncp",
"description": "Import NextCloudPi configuration from file",
"info": "",
"infotitle": "",
"params": [
{
"id": "FILE",
"name": "FILE",
"value": "/media/USBdrive/ncp-config_xxxxxx.cfg"
}
]
}

9
etc/ncp-config.d/nc-info.cfg Normal file
View File

@ -0,0 +1,9 @@
{
"id": "nc-info",
"name": "nc-info",
"title": "nc-info",
"description": "Print NextCloudPi system info",
"info": "",
"infotitle": "",
"params": []
}

20
etc/ncp-config.d/nc-init.cfg Normal file
View File

@ -0,0 +1,20 @@
{
"id": "nc-init",
"name": "nc-init",
"title": "nc-init",
"description": "(Re)initiate Nextcloud to a clean configuration",
"info": "This action will configure NextCloud to NextCloudPi defaults.\n\n** YOUR CONFIGURATION WILL BE LOST **\n\n",
"infotitle": "Clean NextCloud configuration",
"params": [
{
"id": "ADMINUSER",
"name": "ADMINUSER",
"value": "ncp"
},
{
"id": "ADMINPASS",
"name": "ADMINPASS",
"value": "ownyourbits"
}
]
}

Some files were not shown because too many files have changed in this diff Show More