diff --git a/index.php b/index.php deleted file mode 100644 index 9c34a623..00000000 --- a/index.php +++ /dev/null @@ -1,155 +0,0 @@ - - - - Nextcloud VM - - - - -
- -
-

Nextcloud VM - by Nextcloud Community

-
-
-
-

Thank you for downloading the pre-configured Nextcloud VM! If you see this page, you have successfully mounted the Nextcloud VM on the computer that will act as host for Nextcloud.

-

We have set everything up for you and the only thing you have to do now is to login. You can find login details in the middle of this page.

-

Don't hesitate to ask if you have any questions. You can ask for help in our community support channels. You can also check the complete install instructions.

-
- -

Login to Nextcloud

- -
-

Default User:

-

ncadmin

-

Default Password:

-

nextcloud

-

Note: The setup script will ask you to change the default password to your own. It's also recommended to change the default user. Do this by adding another admin user, log out from ncadmin, and login with your new user, then delete ncadmin.

-
-
-

How to mount the VM and and login:

-
-

Before you can use Nextcloud you have to run the setup script to complete the installation. This is easily done by just typing 'nextcloud' when you log in to the terminal for the first time.

-

The full path to the setup script is: /var/scripts/nextcloud-startup-script.sh. When the script is finnished it will be deleted, as it's only used the first time you boot the machine.

-
- -
-
- -

Access Nextcloud

- -
-

Use one of the following addresses, HTTPS is preffered: -

- -

-

Note: Please accept the warning in the browser if you connect via HTTPS. It is recommended
- to buy your own certificate and replace the self-signed certificate to your own.

-

Note: Before you can login you have to run the setup script, as descirbed in the video above.

-
- -

Access Webmin

- -
-

Use one of the following addresses, HTTPS is preferred: -

- -

-

Note: Please accept the warning in the browser if you connect via HTTPS.

-

- Login details -

-

Note: Webmin is installed when you run the setup script. To access Webmin externally you have to open port 10000 in your router.

-
- -

Access phpMyadmin

- -
-

Use one of the following addresses, HTTPS is preffered: -

- -

-

Note: Please accept the warning in the browser if you connect via HTTPS.

-

- Login details -

-

Note: Your external IP is set as approved in /etc/apache2/conf-available/phpmyadmin.conf, all other access is forbidden.

-
- - diff --git a/static/calendar.sh b/static/calendar.sh deleted file mode 100644 index d3b6a5c0..00000000 --- a/static/calendar.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash - -# Tech and Me © - 2017, https://www.techandme.se/ - -# shellcheck disable=2034,2059 -true -# shellcheck source=lib.sh -CALENDAR_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) -unset CALENDAR_INSTALL - -# Check for errors + debug code and abort if something isn't right -# 1 = ON -# 0 = OFF -DEBUG=0 -debug_mode - -# Download and install Calendar -if [ ! -d "$NCPATH"/apps/calendar ] -then - echo "Installing calendar..." - wget -q "$CALVER_REPO/v$CALVER/$CALVER_FILE" -P "$NCPATH/apps" - tar -zxf "$NCPATH/apps/$CALVER_FILE" -C "$NCPATH/apps" - cd "$NCPATH/apps" - rm "$CALVER_FILE" -fi - -# Enable Calendar -if [ -d "$NCPATH"/apps/calendar ] -then - sudo -u www-data php "$NCPATH"/occ app:enable calendar -fi diff --git a/static/collabora.sh b/static/collabora.sh deleted file mode 100644 index be33ecb5..00000000 --- a/static/collabora.sh +++ /dev/null @@ -1,286 +0,0 @@ -#!/bin/bash -# shellcheck disable=2034,2059 -true -# shellcheck source=lib.sh -COLLABORA_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) -unset COLLABORA_INSTALL - -# Tech and Me © - 2017, https://www.techandme.se/ - -# Check for errors + debug code and abort if something isn't right -# 1 = ON -# 0 = OFF -DEBUG=0 -debug_mode - -# Check if root -if ! is_root -then - printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash $SCRIPTS/collabora.sh\n" - exit 1 -fi - -# Notification -whiptail --msgbox "Please before you start, make sure that port 443 is directly forwarded to this machine!" "$WT_HEIGHT" "$WT_WIDTH" - -# Get the latest packages -apt update -q4 & spinner_loading - -# Check if Nextcloud is installed -echo "Checking if Nextcloud is installed..." -if ! curl -s https://"${NCDOMAIN//\\/}"/status.php | grep -q 'installed":true' -then - echo - echo "It seems like Nextcloud is not installed or that you don't use https on:" - echo "${NCDOMAIN//\\/}." - echo "Please install Nextcloud and make sure your domain is reachable, or activate SSL" - echo "on your domain to be able to run this script." - echo - echo "If you use the Nextcloud VM you can use the Let's Encrypt script to get SSL and activate your Nextcloud domain." - echo "When SSL is activated, run these commands from your terminal:" - echo "sudo wget $APP/collabora.sh" - echo "sudo bash collabora.sh" - any_key "Press any key to continue... " - exit 1 -fi - -# Check if $SUBDOMAIN exists and is reachable -echo -echo "Checking if $SUBDOMAIN exists and is reachable..." -if wget -q -T 10 -t 2 --spider "$SUBDOMAIN"; then - sleep 0.1 -elif wget -q -T 10 -t 2 --spider --no-check-certificate "https://$SUBDOMAIN"; then - sleep 0.1 -elif curl -s -k -m 10 "$SUBDOMAIN"; then - sleep 0.1 -elif curl -s -k -m 10 "https://$SUBDOMAIN" -o /dev/null; then - sleep 0.1 -else - echo "Nope, it's not there. You have to create $SUBDOMAIN and point" - echo "it to this server before you can run this script." - any_key "Press any key to continue... " - exit 1 -fi - -# Check if 443 is open using nmap, if not notify the user -apt update -q4 & spinner_loading -if [ "$(dpkg-query -W -f='${Status}' nmap 2>/dev/null | grep -c "ok installed")" == "1" ] -then - echo "nmap is already installed..." -else - apt install nmap -y -fi -if [ "$(nmap -sS -p 443 "$WANIP4" | grep -c "open")" == "1" ] -then - printf "${Green}Port 443 is open on $WANIP4!${Color_Off}\n" - apt remove --purge nmap -y -else - echo "Port 443 is not open on $WANIP4. We will do a second try on $SUBDOMAIN instead." - any_key "Press any key to test $SUBDOMAIN... " - if [[ "$(nmap -sS -PN -p 443 "$SUBDOMAIN" | grep -m 1 "open" | awk '{print $2}')" = "open" ]] - then - printf "${Green}Port 443 is open on $SUBDOMAIN!${Color_Off}\n" - apt remove --purge nmap -y - else - whiptail --msgbox "Port 443 is not open on $SUBDOMAIN. Please follow this guide to open ports in your router: https://www.techandme.se/open-port-80-443/" "$WT_HEIGHT" "$WT_WIDTH" - any_key "Press any key to exit... " - apt remove --purge nmap -y - exit 1 - fi -fi - -# Install Docker -if [ "$(dpkg-query -W -f='${Status}' docker-ce 2>/dev/null | grep -c "ok installed")" == "1" ] -then - docker -v -else - apt update -q4 & spinner_loading - apt install -y \ - apt-transport-https \ - ca-certificates \ - curl \ - software-properties-common - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - - apt-key fingerprint 0EBFCD88 - add-apt-repository \ - "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ - $(lsb_release -cs) \ - stable" - apt update - apt install docker-ce -y - docker -v -fi - -# Load aufs -apt-get install linux-image-extra-"$(uname -r)" -y -# apt install aufs-tools -y # already included in the docker-ce package -AUFS=$(grep -r "aufs" /etc/modules) -if ! [ "$AUFS" = "aufs" ] -then - echo "aufs" >> /etc/modules -fi - -# Set docker storage driver to AUFS -AUFS2=$(grep -r "aufs" /etc/default/docker) -if ! [ "$AUFS2" = 'DOCKER_OPTS="--storage-driver=aufs"' ] -then - echo 'DOCKER_OPTS="--storage-driver=aufs"' >> /etc/default/docker - service docker restart -fi - -# Check of docker runs and kill it -DOCKERPS=$(docker ps -a -q) -if [ "$DOCKERPS" != "" ] -then - echo "Removing old Docker instance(s)... ($DOCKERPS)" - any_key "Press any key to continue. Press CTRL+C to abort" - docker stop "$DOCKERPS" - docker rm "$DOCKERPS" -fi - -# Disable RichDocuments (Collabora App) if activated -if [ -d "$NCPATH"/apps/richdocuments ] -then - sudo -u www-data php "$NCPATH"/occ app:disable richdocuments - rm -r "$NCPATH"/apps/richdocuments -fi - -# Install Collabora docker -docker pull collabora/code -docker run -t -d -p 127.0.0.1:9980:9980 -e "domain=$NCDOMAIN" --restart always --cap-add MKNOD collabora/code - -# Install Apache2 -if [ "$(dpkg-query -W -f='${Status}' apache2 2>/dev/null | grep -c "ok installed")" == "1" ] -then - sleep 0.1 -else - { - i=1 - while read -r line; do - ((i++)) - echo $i - done < <(apt install apache2 -y) - } | whiptail --title "Progress" --gauge "Please wait while installing Apache2" 6 60 0 -fi - -# Enable Apache2 module's -a2enmod proxy -a2enmod proxy_wstunnel -a2enmod proxy_http -a2enmod ssl - -# Create Vhost for Collabora online in Apache2 -if [ ! -f "$HTTPS_CONF" ]; -then - cat << HTTPS_CREATE > "$HTTPS_CONF" - - ServerName $SUBDOMAIN:443 - - # SSL configuration, you may want to take the easy route instead and use Lets Encrypt! - SSLEngine on - SSLCertificateChainFile $CERTFILES/$SUBDOMAIN/chain.pem - SSLCertificateFile $CERTFILES/$SUBDOMAIN/cert.pem - SSLCertificateKeyFile $CERTFILES/$SUBDOMAIN/privkey.pem - SSLOpenSSLConfCmd DHParameters $DHPARAMS - SSLProtocol all -SSLv2 -SSLv3 - SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS - SSLHonorCipherOrder on - SSLCompression off - - # Encoded slashes need to be allowed - AllowEncodedSlashes NoDecode - - # Container uses a unique non-signed certificate - SSLProxyEngine On - SSLProxyVerify None - SSLProxyCheckPeerCN Off - SSLProxyCheckPeerName Off - - # keep the host - ProxyPreserveHost On - - # static html, js, images, etc. served from loolwsd - # loleaflet is the client part of LibreOffice Online - ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0 - ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet - - # WOPI discovery URL - ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0 - ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery - - # Main websocket - ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/\$1/ws nocanon - - # Admin Console websocket - ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws - - # Download as, Fullscreen presentation and Image upload operations - ProxyPass /lool https://127.0.0.1:9980/lool - ProxyPassReverse /lool https://127.0.0.1:9980/lool - -HTTPS_CREATE - - if [ -f "$HTTPS_CONF" ]; - then - echo "$HTTPS_CONF was successfully created" - sleep 1 - else - echo "Unable to create vhost, exiting..." - echo "Please report this issue here $ISSUES" - exit 1 - fi -fi - -# Let's Encrypt -letsencrypt --version 2> /dev/null -LE_IS_AVAILABLE=$? -if [ $LE_IS_AVAILABLE -eq 0 ] -then - letsencrypt --version -else - echo "Installing letsencrypt..." - add-apt-repository ppa:certbot/certbot -y - apt update -q4 & spinner_loading - apt install letsencrypt -y -q - apt update -q4 & spinner_loading - apt dist-upgrade -y -fi - -# Stop Apache to aviod port conflicts -a2dissite 000-default.conf -sudo service apache2 stop - -# Generate certs -if letsencrypt certonly --standalone --agree-tos --rsa-key-size 4096 -d "$SUBDOMAIN" -then - # Generate DHparams chifer - if [ ! -f "$DHPARAMS" ] - then - openssl dhparam -dsaparam -out "$DHPARAMS" 8192 - fi - printf "${ICyan}\n" - printf "Certs are generated!\n" - printf "${Color_Off}\n" - a2ensite "$SUBDOMAIN.conf" - service apache2 restart -# Install Collabora App - check_command wget -q "$COLLVER_REPO/$COLLVER/$COLLVER_FILE" -P "$NCPATH/apps" - check_command tar -zxf "$NCPATH/apps/$COLLVER_FILE" -C "$NCPATH/apps" - cd "$NCPATH/apps" || exit 1 - rm "$COLLVER_FILE" -else - printf "${ICyan}\nIt seems like no certs were generated, please report this issue here: $ISSUES\n" - any_key "Press any key to continue... " - service apache2 restart -fi - -# Enable RichDocuments (Collabora App) -if [ -d "$NCPATH"/apps/richdocuments ] -then - check_command sudo -u www-data php "$NCPATH"/occ app:enable richdocuments - check_command sudo -u www-data "$NCPATH"/occ config:app:set richdocuments wopi_url --value="https://$SUBDOMAIN" - echo - echo "Collabora is now succesfylly installed." - echo "You may have to reboot before Docker will load correctly." - any_key "Press any key to continue... " -fi diff --git a/static/contacts.sh b/static/contacts.sh deleted file mode 100644 index 18db8b34..00000000 --- a/static/contacts.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash - -# Tech and Me © - 2017, https://www.techandme.se/ - -# shellcheck disable=2034,2059 -true -# shellcheck source=lib.sh -CONTACTS_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) -unset CONTACTS_INSTALL - -# Check for errors + debug code and abort if something isn't right -# 1 = ON -# 0 = OFF -DEBUG=0 -debug_mode - -# Download and install Contacts -if [ ! -d "$NCPATH/apps/contacts" ] -then - echo "Installing contacts..." - wget -q "$CONVER_REPO/v$CONVER/$CONVER_FILE" -P "$NCPATH/apps" - tar -zxf "$NCPATH/apps/$CONVER_FILE" -C "$NCPATH/apps" - cd "$NCPATH/apps" - rm "$CONVER_FILE" -fi - -# Enable Contacts -if [ -d "$NCPATH"/apps/contacts ] -then - sudo -u www-data php "$NCPATH"/occ app:enable contacts -fi diff --git a/static/nextant.sh b/static/nextant.sh deleted file mode 100644 index 474b4748..00000000 --- a/static/nextant.sh +++ /dev/null @@ -1,110 +0,0 @@ -#!/bin/bash - -# Tech and Me © - 2017, https://www.techandme.se/ - -# shellcheck disable=2034,2059 -true -# shellcheck source=lib.sh -NEXTANT_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) -unset NEXTANT_INSTALL - -# Check for errors + debug code and abort if something isn't right -# 1 = ON -# 0 = OFF -DEBUG=0 -debug_mode - -# Solr Server & Nextant App Installation - -# Must be root -if ! is_root -then - echo "Must be root to run script, in Ubuntu type: sudo -i" - exit 1 -fi - -# Make sure there is an Nextcloud installation -if ! [ "$(sudo -u www-data php $NCPATH/occ -V)" ] -then - echo "It seems there is no Nextcloud server installed, please check your installation." - exit 1 -fi - -# Check if it's a clean install -if [ -d "$SOLR_HOME" ] -then - echo - echo "It seems like $SOLR_HOME already exists. Have you already run this script?" - echo "If yes, revert all the settings and try again, it must be a clean install." - exit 1 -fi - -echo "Starting to setup Solr & Nextant on Nextcloud..." - -# Installing requirements -apt update -q4 & spinner_loading -apt install default-jre -y - -# Getting and installing Apache Solr -echo "Installing Apache Solr" -echo "It might take some time depending on your bandwith, please be patient..." -mkdir -p "$SOLR_HOME" -check_command cd "$SOLR_HOME" -wget -q "$SOLR_DL" --show-progress -tar -zxf "$SOLR_RELEASE" -if "./solr-$SOLR_VERSION/bin/install_solr_service.sh" "$SOLR_RELEASE" -then - rm -rf "${SOLR_HOME:?}/$SOLR_RELEASE" - wget -q https://raw.githubusercontent.com/apache/lucene-solr/master/solr/bin/install_solr_service.sh -P $SCRIPTS/ -else - echo "Solr failed to install, something is wrong with the Solr installation" - exit 1 -fi - -sudo sed -i '35,37 s/"jetty.host" \//"jetty.host" default="127.0.0.1" \//' $SOLR_JETTY - -iptables -A INPUT -p tcp -s localhost --dport 8983 -j ACCEPT -iptables -A INPUT -p tcp --dport 8983 -j DROP -# Not tested -#sudo apt install iptables-persistent -#sudo service iptables-persistent start -#sudo iptables-save > /etc/iptables.conf - -if service solr start -then - sudo -u solr /opt/solr/bin/solr create -c nextant -else - echo "Solr failed to start, something is wrong with the Solr installation" - exit 1 -fi - -# Add search suggestions feature -sed -i '2i " "$SOLR_DSCONF" -sed -i '4i ]>' "$SOLR_DSCONF" - -sed -i '$d' "$SOLR_DSCONF" | sed -i '$d' "$SOLR_DSCONF" -echo " -&nextant_component; -" | tee -a "$SOLR_DSCONF" - -check_command "echo \"SOLR_OPTS=\\\"\\\$SOLR_OPTS -Dsolr.allow.unsafe.resourceloading=true\\\"\" | sudo tee -a /etc/default/solr.in.sh" - -check_command service solr restart - -# Get nextant app for nextcloud -check_command wget -q -P "$NC_APPS_PATH" "$NT_DL" -check_command cd "$NC_APPS_PATH" -check_command tar zxf "$NT_RELEASE" - -# Set secure permissions -if [ ! -f $SECURE ] -then -run_static_script setup_secure_permissions_nextcloud -fi - -# Enable Nextant -rm -r "$NT_RELEASE" -check_command sudo -u www-data php $NCPATH/occ app:enable nextant -check_command sudo -u www-data php $NCPATH/occ nextant:test http://127.0.0.1:8983/solr/ nextant --save -check_command sudo -u www-data php $NCPATH/occ nextant:index diff --git a/static/passman.sh b/static/passman.sh deleted file mode 100644 index 3131765c..00000000 --- a/static/passman.sh +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash -# shellcheck disable=2034,2059 -true -# shellcheck source=lib.sh -PASSMAN_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) -unset PASSMAN_INSTALL - -# Tech and Me © - 2017, https://www.techandme.se/ - -# Check for errors + debug code and abort if something isn't right -# 1 = ON -# 0 = OFF -DEBUG=0 -debug_mode - -# Check if root -if ! is_root -then - printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash $SCRIPTS/passman.sh\n" - exit 1 -fi - -# Check if file is downloadable -echo "Checking latest released version on the Passman download server and if it's possible to download..." -if wget -q -T 10 -t 2 "$PASSVER_REPO/$PASSVER_FILE" -O /dev/null -then - echo "Latest version is: $PASSVER" -else - echo "Failed! Download is not available at the moment, try again later." - echo "Please report this issue here: $ISSUES" - any_key "Press any key to continue..." - exit 1 -fi - -# Test checksum -mkdir -p $SHA256 -wget -q "$PASSVER_REPO/$PASSVER_FILE" -P "$SHA256" -wget -q "$PASSVER_REPO/$PASSVER_FILE.sha256" -P "$SHA256" -echo "Verifying integrity of $PASSVER_FILE..." -cd "$SHA256" || exit 1 -CHECKSUM_STATE=$(echo -n "$(sha256sum -c "$PASSVER_FILE.sha256")" | tail -c 2) -if [ "$CHECKSUM_STATE" != "OK" ] -then - echo "Warning! Checksum does not match!" - rm $SHA256 -R - exit 1 -else - echo "SUCCESS! Checksum is OK!" - rm $SHA256 -R -fi - -# Download and install Passman -if [ ! -d $NCPATH/apps/passman ] -then - wget -q "$PASSVER_REPO/$PASSVER_FILE" -P "$NCPATH/apps" - tar -zxf "$NCPATH/apps/$PASSVER_FILE" -C "$NCPATH/apps" - cd "$NCPATH/apps" || exit 1 - rm "$PASSVER_FILE" -fi - -# Enable Passman -if [ -d $NCPATH/apps/passman ] -then - check_command sudo -u www-data php $NCPATH/occ app:enable passman - sleep 2 -fi diff --git a/static/phpmyadmin_install_ubuntu16.sh b/static/phpmyadmin_install_ubuntu16.sh deleted file mode 100644 index 4165804e..00000000 --- a/static/phpmyadmin_install_ubuntu16.sh +++ /dev/null @@ -1,180 +0,0 @@ -#!/bin/bash - -# Tech and Me © - 2017, https://www.techandme.se/ - -# shellcheck disable=2034,2059 -true -# shellcheck source=lib.sh -. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) - -# Check for errors + debug code and abort if something isn't right -# 1 = ON -# 0 = OFF -DEBUG=0 -debug_mode - -# Check if root -if ! is_root -then - printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash %s/phpmyadmin_install.sh\n" "$SCRIPTS" - sleep 3 - exit 1 -fi - -# Check that the script can see the external IP (apache fails otherwise) -if [ -z "$WANIP4" ] -then - echo "WANIP4 is an emtpy value, Apache will fail on reboot due to this. Please check your network and try again" - sleep 3 - exit 1 -fi - -# Check Ubuntu version -echo -echo "Checking server OS and version..." -if [ "$OS" != 1 ] -then - echo "Ubuntu Server is required to run this script." - echo "Please install that distro and try again." - sleep 3 - exit 1 -fi - - -if ! version 16.04 "$DISTRO" 16.04.4; then - echo "Ubuntu version seems to be $DISTRO" - echo "It must be between 16.04 - 16.04.4" - echo "Please install that version and try again." - exit 1 -fi - -echo -echo "Installing and securing phpMyadmin..." -echo "This may take a while, please don't abort." -echo - -# Install phpmyadmin -echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | debconf-set-selections -echo "phpmyadmin phpmyadmin/app-password-confirm password $PW_FILE" | debconf-set-selections -echo "phpmyadmin phpmyadmin/mysql/admin-pass password $PW_FILE" | debconf-set-selections -echo "phpmyadmin phpmyadmin/mysql/app-pass password $PW_FILE" | debconf-set-selections -echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2" | debconf-set-selections -apt update -q4 & spinner_loading -apt install -y -q \ - php-gettext \ - phpmyadmin - -# Remove Password file -rm /var/mysql_password.txt - -# Secure phpMyadmin -if [ -f $PHPMYADMIN_CONF ] -then - rm $PHPMYADMIN_CONF -fi -touch "$PHPMYADMIN_CONF" -cat << CONF_CREATE > "$PHPMYADMIN_CONF" -# phpMyAdmin default Apache configuration - -Alias /phpmyadmin $PHPMYADMINDIR - - - Options FollowSymLinks - DirectoryIndex index.php - - - - AddType application/x-httpd-php .php - - - SetHandler application/x-httpd-php - - - php_flag magic_quotes_gpc Off - php_flag track_vars On - php_flag register_globals Off - php_admin_flag allow_url_fopen On - php_value include_path . - php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp - php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpm$ - - - -# Apache 2.4 - - Require ip $WANIP4 - Require ip $ADDRESS - Require ip 127.0.0.1 - Require ip ::1 - - - - -# Apache 2.2 - Order Deny,Allow - Deny from All - Allow from $WANIP4 - Allow from $ADDRESS - Allow from ::1 - Allow from localhost - - - -# Authorize for setup - - Require all denied - - -# Authorize for setup - - - - AuthType Basic - AuthName "phpMyAdmin Setup" - AuthUserFile /etc/phpmyadmin/htpasswd.setup - - Require valid-user - - - -# Disallow web access to directories that don't need it - - Require all denied - - - Require all denied - -CONF_CREATE - -# Secure phpMyadmin even more -CONFIG=/var/lib/phpmyadmin/config.inc.php -touch $CONFIG -cat << CONFIG_CREATE >> "$CONFIG" - -CONFIG_CREATE - -if ! service apache2 restart -then - echo "Apache2 could not restart..." - echo "The script will exit." - exit 1 -else - echo - echo "$PHPMYADMIN_CONF was successfully secured." - echo -fi diff --git a/static/spreedme.sh b/static/spreedme.sh deleted file mode 100644 index 6908fa71..00000000 --- a/static/spreedme.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/bash - -# Tech and Me © - 2017, https://www.techandme.se/ - -# shellcheck disable=2034,2059 -true -# shellcheck source=lib.sh -. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) - -# Check for errors + debug code and abort if something isn't right -# 1 = ON -# 0 = OFF -DEBUG=0 -debug_mode - -# Check if root -if ! is_root -then - printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash %s/nextcloud_install_production.sh\n" "$SCRIPTS" - exit 1 -fi - -# Check if Nextcloud exists -if [ ! -d "$NCPATH" ] -then - echo "Nextcloud does not seem to be installed. This script will exit..." - exit -fi - -# Check if apache is installed -if ! [ "$(dpkg-query -W -f='${Status}' apache2 2>/dev/null | grep -c "ok installed")" -eq 1 ] -then - echo "Apache is not installed, the script will exit." - exit 1 -fi - -# Install Nextcloud Spreedme Snap -if [ -d "$SNAPDIR" ] -then - echo "SpreeMe Snap already seems to be installed and wil now be re-installed..." - snap remove spreedme - rm -rf "$SNAPDIR" - snap install spreedme -else - snap install spreedme -fi - -# Install and activate the SpreedMe app -if [ -d "$NCPATH/apps/spreedme" ] -then - # Remove - sudo -u www-data php "$NCPATH/occ" app:disable spreedme - echo "SpreedMe app already seems to be installed and will now be re-installed..." - rm -R "$NCPATH/apps/spreedme" - # Reinstall - wget -q "$SPREEDME_REPO/$SPREEDME_FILE" -P "$NCPATH/apps" - tar -zxf "$NCPATH/apps/$SPREEDME_FILE" -C "$NCPATH/apps" - cd "$NCPATH/apps" - rm "$SPREEDME_FILE" - mv "nextcloud-spreedme-$SPREEDME_VER" spreedme -else - wget -q "$SPREEDME_REPO/$SPREEDME_FILE" -P "$NCPATH/apps" - tar -zxf "$NCPATH/apps/$SPREEDME_FILE" -C "$NCPATH/apps" - cd "$NCPATH/apps" - rm "$SPREEDME_FILE" - mv "nextcloud-spreedme-$SPREEDME_VER" spreedme -fi -check_command sudo -u www-data php "$NCPATH/occ" app:enable spreedme - -# Generate secret keys -SHAREDSECRET=$(openssl rand -hex 32) -TEMPLINK=$(openssl rand -hex 32) -sed -i "s|sharedsecret_secret = .*|sharedsecret_secret = $SHAREDSECRET|g" "$SNAPDIR/current/server.conf" - -# Populate the else empty config file (uses database for content by default) -cp "$NCPATH/apps/spreedme/config/config.php.in" "$NCPATH/apps/spreedme/config/config.php" - -# Place the key in the NC app config -sed -i "s|.*SPREED_WEBRTC_SHAREDSECRET.*| const SPREED_WEBRTC_SHAREDSECRET = '$SHAREDSECRET';|g" "$NCPATH/apps/spreedme/config/config.php" - -# Allow to create temporary links -sed -i "s|const OWNCLOUD_TEMPORARY_PASSWORD_LOGIN_ENABLED.*|const OWNCLOUD_TEMPORARY_PASSWORD_LOGIN_ENABLED = true;|g" "$NCPATH/apps/spreedme/config/config.php" - -# Set temporary links hash -sed -i "s|const OWNCLOUD_TEMPORARY_PASSWORD_SIGNING_KEY.*|const OWNCLOUD_TEMPORARY_PASSWORD_SIGNING_KEY = '$TEMPLINK';|g" "$NCPATH/apps/spreedme/config/config.php" - - -# Enable Apache mods -a2enmod proxy \ - proxy_wstunnel \ - proxy_http \ - headers - -# Add config to vhost -VHOST=/etc/apache2/spreedme.conf -if [ ! -f $VHOST ] -then -cat << VHOST > "$VHOST" - - ProxyPass http://127.0.0.1:8080/webrtc - ProxyPassReverse /webrtc - - - - ProxyPass ws://127.0.0.1:8080/webrtc/ws - - - ProxyVia On - ProxyPreserveHost On - RequestHeader set X-Forwarded-Proto 'https' env=HTTPS - # RequestHeader set X-Forwarded-Proto 'https' # Use this if you are behind a (Nginx) reverse proxy with http backends -VHOST -fi - -if ! grep -Fxq "Include $VHOST" /etc/apache2/apache2.conf -then - sed -i "145i Include $VHOST" "/etc/apache2/apache2.conf" -fi - -# Restart services -service apache2 restart -if ! systemctl restart snap.spreedme.spreed-webrtc.service -then - echo "Something is wrong, the installation did not finish correctly" - exit 1 -else - echo - echo "Success! SpreedMe is now installed and configured." - echo "You may have to change SPREED_WEBRTC_ORIGIN in:" - echo "(sudo nano) $NCPATH/apps/spreedme/config/config.php" - echo - exit 0 -fi -any_key "Press any key to continue..." -clear diff --git a/static/webmin.sh b/static/webmin.sh deleted file mode 100644 index 1ea6c1a6..00000000 --- a/static/webmin.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -# Tech and Me © - 2017, https://www.techandme.se/ - -# shellcheck disable=2034,2059 -true -# shellcheck source=lib.sh -. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) - -# Check for errors + debug code and abort if something isn't right -# 1 = ON -# 0 = OFF -DEBUG=0 -debug_mode - -# Install packages for Webmin -apt install -y zip perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python - -# Install Webmin -sed -i '$a deb http://download.webmin.com/download/repository sarge contrib' /etc/apt/sources.list -if wget -q http://www.webmin.com/jcameron-key.asc -O- | sudo apt-key add - -then - apt update -q4 & spinner_loading - apt install webmin -y -fi