2017-01-23 20:59:44 +03:00
#!/bin/bash
2020-02-10 21:46:24 +03:00
# @copyright Copyright (c) 2020 Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-23 20:59:44 +03:00
#
# @author Arthur Schiwon <blizzz@arthur-schiwon.de>
#
# @license GNU AGPL version 3 or any later version
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
2019-02-14 12:14:25 +03:00
getarg() { # by Univention
local found=0
for arg in "${ARGS[@]}"; do
if [ "$found" -eq 1 ]; then
echo "$arg"
break
fi
if [ "$arg" = "$1" ]; then
found=1
fi
done
}
2019-02-14 01:49:10 +03:00
ERROR_FILE=$(getarg "--error-file")
error_msg() {
if [ -n "$1" ]; then
IN="$@"
else
read IN # from stdin
fi
if [ -n "$ERROR_FILE" ]; then
echo "$IN" | tee -a "$ERROR_FILE" >&2
else
echo "$IN" >&2
fi
}
2020-02-10 21:46:24 +03:00
install_hub_apps () {
$OCC app:enable calendar
$OCC app:enable contacts
$OCC app:enable mail
2020-02-14 01:17:53 +03:00
$OCC app:install spreed 2> /dev/null; echo -n 'enabling Talk... '; $OCC app:enable spreed
2020-02-10 21:46:24 +03:00
# logic for office suite resides in join script
}
2017-02-03 22:06:32 +03:00
NC_DATADIR="$NC_PERMDATADIR/nextcloud-data"
2017-01-23 20:59:44 +03:00
NC_UCR_FILE="$NC_PERMCONFDIR/ucr"
2020-01-16 11:42:11 +03:00
mv "$NC_PERMCONFDIR/ucs.crt" /usr/local/share/ca-certificates/ucs.crt 2>&1 | error_msg
update-ca-certificates 2>&1 | error_msg
2017-01-23 20:59:44 +03:00
cd /var/www/html
2022-12-02 00:06:46 +03:00
if [ ! -f occ ]; then
error_msg "/var/www/html/occ missing – was the docker container modified manually?"
2019-02-14 01:49:10 +03:00
exit 21
2017-01-23 20:59:44 +03:00
fi
2022-12-02 00:06:46 +03:00
OCC="sudo -u www-data php /var/www/html/occ"
2017-01-25 14:47:17 +03:00
2022-12-02 00:06:46 +03:00
NC_IS_INSTALLED=$($OCC status | grep "installed: true" -c)
2017-01-26 21:30:38 +03:00
NC_IS_UPGRADE=1
2017-01-25 14:47:17 +03:00
if [ "$NC_IS_INSTALLED" -eq 0 ] ; then
NC_IS_UPGRADE=0
2017-01-23 20:59:44 +03:00
2017-02-09 18:34:18 +03:00
NC_ADMIN_PWD_FILE="$NC_PERMCONFDIR/admin.secret"
NC_DB_TYPE="pgsql"
NC_LOCAL_ADMIN="nc_admin"
2022-12-02 00:06:46 +03:00
NC_LOCAL_ADMIN_PWD=$(pwgen -y 30 1)
2017-02-09 18:34:18 +03:00
echo "$NC_LOCAL_ADMIN_PWD" > "$NC_ADMIN_PWD_FILE"
chmod 600 "$NC_ADMIN_PWD_FILE"
2017-01-25 14:47:17 +03:00
mkdir -p "$NC_DATADIR"
2017-02-03 22:06:32 +03:00
chown www-data:www-data -R "$NC_DATADIR"
2017-01-23 20:59:44 +03:00
2017-01-25 14:47:17 +03:00
$OCC maintenance:install \
--admin-user "$NC_LOCAL_ADMIN" \
--admin-pass "$NC_LOCAL_ADMIN_PWD" \
--database "$NC_DB_TYPE" \
--database-host "$DB_HOST" \
--database-port "$DB_PORT" \
--database-name "$DB_NAME" \
--database-user "$DB_USER" \
--database-pass "$DB_PASSWORD" \
2019-02-14 01:49:10 +03:00
--data-dir "$NC_DATADIR" \
2>&1 | error_msg
2017-01-23 20:59:44 +03:00
2017-01-25 14:47:17 +03:00
STATE=$?
if [[ $STATE != 0 ]]; then
2019-02-14 01:49:10 +03:00
error_msg "Error while installing Nextcloud. Please check the apache log within the Nextcloud docker container, and (if existing) the nextcloud.log file in $NC_DATADIR."
exit 22;
2017-01-25 14:47:17 +03:00
fi
fi
2022-12-02 00:06:46 +03:00
UPGRADE_LOGFILE="/var/log/nextcloud-upgrade_"$(date +%y_%m_%d)".log"
2017-01-25 14:47:17 +03:00
$OCC check
$OCC status
$OCC app:list
2017-03-21 19:12:13 +03:00
$OCC upgrade 2>&1>> "$UPGRADE_LOGFILE"
2019-02-14 01:49:10 +03:00
error_msg "The upgrade log is written to $UPGRADE_LOGFILE within the nextcloud container"
2017-01-23 20:59:44 +03:00
# basic Nextcloud configuration
2022-12-02 00:06:46 +03:00
eval "$(cat \"$NC_UCR_FILE\")"
2017-01-25 14:47:17 +03:00
if [ "$NC_IS_UPGRADE" -eq 0 ] ; then
2020-03-25 15:13:47 +03:00
$OCC config:system:set updatechecker --type=boolean --value="false" # this is handled via UCS AppCenter
$OCC config:system:set upgrade.disable-web --type=boolean --value="true"
2017-06-26 16:42:47 +03:00
$OCC config:system:set --value "\OC\Memcache\APCu" memcache.local
2017-02-02 18:29:20 +03:00
$OCC config:system:set overwriteprotocol --value="https"
$OCC config:system:set overwritewbroot --value="/nextcloud"
$OCC config:system:set overwrite.cli.url --value="https://$NC_UCR_DOMAIN/nextcloud"
$OCC config:system:set htaccess.RewriteBase --value="/nextcloud"
$OCC background:cron
2017-01-25 14:47:17 +03:00
$OCC app:enable user_ldap
2019-07-16 01:22:54 +03:00
$OCC app:install user_saml && $OCC app:enable user_saml
2017-03-18 03:39:42 +03:00
$OCC app:disable updatenotification
2020-02-10 21:46:24 +03:00
install_hub_apps
2017-09-05 14:28:17 +03:00
2020-03-24 16:30:19 +03:00
# set IP-related settings
2018-03-13 23:06:48 +03:00
$OCC config:system:set trusted_proxies 0 --value="$NC_TRUSTED_PROXY_IP"
$OCC config:system:set trusted_domains 0 --value="$NC_UCR_DOMAIN"
NC_TRUSTED_DOMAIN_NO=1
NC_HOST_IPS=($NC_HOST_IPS)
for HOST_IP in "${NC_HOST_IPS[@]}" ; do
HOST_IP=$(echo "$HOST_IP" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
$OCC config:system:set trusted_domains "$NC_TRUSTED_DOMAIN_NO" --value="$HOST_IP"
NC_TRUSTED_DOMAIN_NO=$(($NC_TRUSTED_DOMAIN_NO+1))
done
2019-04-03 14:26:51 +03:00
# This should not be necessary, but was observed… TODO: try to reproduce outside UCS, but with psql
$OCC db:convert-filecache-bigint -n
2020-02-07 16:07:16 +03:00
$OCC db:add-missing-indices
2019-04-03 14:26:51 +03:00
2024-01-25 18:20:57 +03:00
# ensure that all apps are up to date on installation
2019-12-02 19:38:48 +03:00
$OCC app:update --all
2017-03-21 19:12:13 +03:00
else
2017-06-26 16:42:47 +03:00
# attempt to re-enable disabled apps
2019-02-14 01:48:50 +03:00
DISABLED_APPS=( $(cat "$UPGRADE_LOGFILE" | grep "Disabled incompatible app:" | cut -d ":" -f 2 | egrep -o "[a-z]+[a-z0-9_]*[a-z0-9]+") )
2017-03-21 19:12:13 +03:00
for APPID in "${DISABLED_APPS[@]}" ; do
2019-03-14 13:37:06 +03:00
$OCC app:enable "$APPID" || $OCC app:install "$APPID" || error_msg "Could not re-enable $APPID"
2017-03-21 19:12:13 +03:00
done
2017-01-25 14:47:17 +03:00
fi
2017-04-25 13:25:42 +03:00
2018-11-27 15:07:18 +03:00
# Recreate the htaccess on both install and update
$OCC maintenance:update:htaccess
2022-11-04 13:00:02 +03:00
$OCC config:system:set one-click-instance --value=true --type=bool
2022-11-07 12:08:45 +03:00
$OCC config:system:set one-click-instance.user-limit --value=500 --type=int
2022-11-04 13:00:02 +03:00
$OCC config:system:set one-click-instance.link --value="https://nextcloud.com/univention/"
$OCC app:enable support
2017-09-20 00:15:25 +03:00
# env var is set from the dockerfile
if [ "$NC_IS_PATCHED" = true ]; then
$OCC config:system:set integrity.check.disabled --value="true" --type=boolean
# (un)comment and adjust following line depending on the use case,
# otherwise a warning is shown, still
2019-01-03 01:43:38 +03:00
$OCC integrity:check-app dav
2017-09-20 00:15:25 +03:00
$OCC integrity:check-app user_ldap
2019-11-08 12:31:04 +03:00
$OCC integrity:check-core
2017-09-20 00:15:25 +03:00
# integrity checks are done once on upgrade case, thus we can directly remove the flag again
$OCC config:system:delete integrity.check.disabled
fi
2020-01-22 23:08:28 +03:00
echo "*/5 * * * * www-data php -f /var/www/html/cron.php" > /etc/cron.d/nextcloud
