NC13 is required (#467)

README.md

@@ -43,6 +43,7 @@ DigitalOcean example: https://youtu.be/LlqY5Y6P9Oc
 `wget https://raw.githubusercontent.com/nextcloud/vm/master/nextcloud_install_production.sh`
 2. Run the script with:<br>
 `sudo bash nextcloud_install_production.sh`
+Do not enable Redis Memcache support, please use the default [no].
 3. When the VM is installed it will automatically reboot. Remember to login with the user you created:<br>
 `ssh <user>@IP-ADDRESS`<br>
 If it automatically runs as root when you reboot the machine, you have to abort it by pressing `CTRL+C` and run the script as the user you just created:<br>

apps/collabora.sh

@@ -16,6 +16,9 @@ debug_mode
 # Check if root
 root_check
 
+# Nextcloud 13 is required.
+lowest_compatible_nc 13
+
 # Test RAM size (2GB min) + CPUs (min 2)
 ram_check 2 Collabora
 cpu_check 2 Collabora
@@ -122,8 +125,8 @@ fi
 # Disable RichDocuments (Collabora App) if activated
 if [ -d "$NCPATH"/apps/richdocuments ]
 then
-    occ_command "app:disable richdocuments"
-    rm -r "$NCPATH"/apps/richdocuments
+    occ_command app:disable richdocuments
+    rm -r "$NCPATH_APPS_PATH"/richdocuments
 fi
 
 # Install Collabora docker
@@ -222,7 +225,7 @@ then
     a2ensite "$SUBDOMAIN.conf"
     service apache2 restart
 # Install Collabora App
-    occ_command "app:install richdocuments"
+    occ_command app:install richdocuments
 else
     printf "${ICyan}\nIt seems like no certs were generated, please report this issue here: $ISSUES\n"
     any_key "Press any key to continue... "
@@ -233,10 +236,10 @@ fi
 if [ -d "$NC_APPS_PATH"/richdocuments ]
 then
 # Enable Collabora
-    occ_command "app:enable richdocuments"
-    occ_command "config:app:set richdocuments wopi_url --value=https://$SUBDOMAIN"
-    chown -R www-data:www-data $NCPATH/apps
-    occ_command "config:system:set trusted_domains 3 --value=$SUBDOMAIN"
+    occ_command app:enable richdocuments
+    occ_command config:app:set richdocuments wopi_url --value=https://"$SUBDOMAIN"
+    chown -R www-data:www-data "$NC_APPS_PATH"
+    occ_command config:system:set trusted_domains 3 --value="$SUBDOMAIN"
 # Add prune command
     {
     echo "#!/bin/bash"

apps/fail2ban.sh

@@ -15,12 +15,10 @@ DEBUG=0
 debug_mode
 
 # Check if root
-if ! is_root
-then
-    printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash %s/fail2ban.sh\n" "$SCRIPTS"
-    sleep 3
-    exit 1
-fi
+root_check
+
+# Nextcloud 13 is required.
+lowest_compatible_nc 13
 
 ### Local variables ###
 # location of Nextcloud logs
@@ -48,10 +46,10 @@ else
 fi
 
 # Set values in config.php
-sudo -u www-data php "$NCPATH/occ" config:system:set loglevel --value=2
-sudo -u www-data php "$NCPATH/occ" config:system:set log_type --value=file
-sudo -u www-data php "$NCPATH/occ" config:system:set logfile  --value="$NCLOG"
-sudo -u www-data php "$NCPATH/occ" config:system:set logtimezone  --value="$(cat /etc/timezone)"
+occ_command config:system:set loglevel --value=2
+occ_command config:system:set log_type --value=file
+occ_command config:system:set logfile  --value="$NCLOG"
+occ_command config:system:set logtimezone  --value="$(cat /etc/timezone)"
 
 # Create nextcloud.conf file
 cat << NCONF > /etc/fail2ban/filter.d/nextcloud.conf

apps/fulltextsearch.sh

@@ -8,9 +8,6 @@ true
 ES_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
 unset ES_INSTALL
 
-ES_VERSION=6.1.1
-ES_DEB_VERSION="$(echo $ES_VERSION | head -c 1)"
-
 # Check for errors + debug code and abort if something isn't right
 # 1 = ON
 # 0 = OFF
@@ -18,14 +15,13 @@ DEBUG=0
 debug_mode
 
 # Must be root
-if ! is_root
-then
-    msg_box "Must be root to run script, in Ubuntu type: sudo -i"
-    exit 1
-fi
+root_check
+
+# Nextcloud 13 is required.
+lowest_compatible_nc 13
 
 # Make sure there is an Nextcloud installation
-if ! [ "$(sudo -u www-data php $NCPATH/occ -V)" ]
+if ! [ "$(occ_command -V)" ]
 then
     msg_box "It seems there is no Nextcloud server installed, please check your installation."
     exit 1
@@ -74,6 +70,7 @@ check_command /etc/init.d/elasticsearch start
 
 # Enable on bootup
 sudo systemctl enable elasticsearch.service
+update-ca-certificates -f
 
 # Install ingest-attachment plugin
 if [ -d /usr/share/elasticsearch ]
@@ -83,37 +80,66 @@ then
 fi
 
 # Check that ingest-attachment is properly installed
-if ! [ "$(curl -s http://127.0.0.1:9300)" ]
-then
-msg_box "Installation failed!
-Please report this to $ISSUES"
-    exit 1
-fi
+#if ! [ "$(curl -s http://127.0.0.1:9200)" ]
+#then
+#msg_box "Installation failed!
+#Please report this to $ISSUES"
+#    exit 1
+#fi
 
 # Install ReadOnlyREST
-# TODO Check with SHA
+echo "Downloading readonlyrest..."
+rm -f "/tmp/readonlyrest-1.16.15_es$ES_VERSION.zip"
+wget -q -T 10 -t 2 "https://github.com/nextcloud/vm/raw/master/apps/fulltextsearch-files/readonlyrest-1.16.15_es$ES_VERSION.zip" -P /tmp
+mkdir -p "$GPGDIR"
+wget -q -T 10 -t 2 "https://raw.githubusercontent.com/nextcloud/vm/master/apps/fulltextsearch-files/readonlyrest-1.16.15_es$ES_VERSION.zip.sha1" -P "$GPGDIR"
+echo "Verifying checksums..."
+sha1sum /tmp/readonlyrest-1.16.15_es"$ES_VERSION".zip | awk '{print $1}' > "$GPGDIR"/verify1
+cat "$GPGDIR"/readonlyrest-1.16.15_es"$ES_VERSION".zip.sha1 > "$GPGDIR"/verify2
+if [ -z "$(diff $GPGDIR/verify1 $GPGDIR/verify2)" ]
+then
+    echo "Checksum OK!"
+else
+msg_box "Checksum was not OK.
+
+Please report this to $ISSUES."
+rm -rf "$GPGDIR"
+rm -f /tmp/fulltextsearch-files/readonlyrest-1.16.15_es"$ES_VERSION".zip
+exit 1
+fi
+
 if [ -d /usr/share/elasticsearch ]
 then
     cd /usr/share/elasticsearch/bin
-    check_command ./elasticsearch-plugin install "$APP"/fulltextsearch-files/readonlyrest-1.16.15_es"$ES_VERSION".zip
+    check_command ./elasticsearch-plugin install $APP/fulltextsearch-files/readonlyrest-1.16.15_es$ES_VERSION.zip
+    rm -f /tmp/fulltextsearch-files/readonlyrest-1.16.15_es"$ES_VERSION".zip
 fi
 
 # Check that ReadOnlyREST is properly installed
-if ! [ "$(curl -s http://127.0.0.1:9300)" ]
-then
-msg_box "Installation failed!
-Please report this to $ISSUES"
-    exit 1
-fi
+#if ! [ "$(curl -s http://127.0.0.1:9200)" ]
+#then
+#msg_box "Installation failed!
+#Please report this to $ISSUES"
+#    exit 1
+#fi
 
 # Create configuration YML 
-# TODO: add password, user etc
 cat << YML_CREATE > /etc/elasticsearch/readonlyrest.yml
 readonlyrest:
-    access_control_rules:
 
-    - name: "Block 1 - Allowing anything from localhost"
-      hosts: [127.0.0.1]
+
+  access_control_rules:
+
+  - name: Accept requests from cloud1 on $NCADMIN-index
+    groups: ["cloud1"]
+    indices: ["$NCADMIN-index"]
+
+
+  users:
+
+  - username: $NCADMIN
+    auth_key: $NCADMIN:$ROREST
+    groups: ["cloud1"]
 YML_CREATE
 
 # Restart Elastic Search
@@ -126,7 +152,7 @@ install_and_enable_app files_fulltextsearch
 chown -R www-data:www-data $NC_APPS_PATH
 
 # Final setup
-# Add password and user values to FTS GUI TODO
-occ_command "config:app:set --value '1' fullnextsearch app_navigation"
-check_command occ_command "fulltextsearch:index"
-
+occ_command fulltextsearch:configure '{"search_platform":"OCA\\FullTextSearch_ElasticSearch\\Platform\\ElasticSearchPlatform"}'
+occ_command fulltextsearch_elasticsearch:configure "{\"elastic_host\":\"http:\\\\${NCADMIN}:${ROREST}@localhost:9200\",\"elastic_index\":\"${NCADMIN}\"}"
+occ_command files_fulltextsearch:configure "{\"files_pdf\":\"1\",\"files_office\":\"1\"}"
+occ_command fulltextsearch:index

apps/netdata.sh

@@ -2,6 +2,8 @@
 
 # Tech and Me © - 2017, https://www.techandme.se/
 
+echo "Installing Netdata..."
+
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh

apps/nextant.sh

@@ -17,11 +17,10 @@ debug_mode
 # Solr Server & Nextant App Installation
 
 # Must be root
-if ! is_root
-then
-    echo "Must be root to run script, in Ubuntu type: sudo -i"
-    exit 1
-fi
+root_check
+
+# Nextcloud 13 is required.
+lowest_compatible_nc 12
 
 msg_box "Nextant is not maintained anymore, and soon to be replaced with Full Text Search. Sorry, not much we can do about it. 
 
@@ -32,7 +31,7 @@ You can find the repository here: https://github.com/nextcloud/fulltextsearch,
 but please send your PR to the Nextcloud VM repository"
 
 # Make sure there is an Nextcloud installation
-if ! [ "$(sudo -u www-data php $NCPATH/occ -V)" ]
+if ! [ "$(occ_command -V)" ]
 then
     echo "It seems there is no Nextcloud server installed, please check your installation."
     exit 1
@@ -107,8 +106,8 @@ check_command tar zxf nextant-1.0.8.tar.gz
 
 # Enable Nextant
 rm -r "$NT_RELEASE"
-check_command sudo -u www-data php $NCPATH/occ app:enable nextant
+occ_command app:enable nextant
 chown -R www-data:www-data $NCPATH/apps
-check_command sudo -u www-data php $NCPATH/occ nextant:test http://127.0.0.1:8983/solr/ nextant --save
-check_command sudo -u www-data php $NCPATH/occ nextant:index
+occ_command nextant:test http://127.0.0.1:8983/solr/ nextant --save
+occ_command nextant:index
 

apps/onlyoffice.sh

@@ -16,6 +16,9 @@ debug_mode
 # Check if root
 root_check
 
+# Nextcloud 13 is required.
+lowest_compatible_nc 13
+
 # Test RAM size (4GB min) + CPUs (min 2)
 ram_check 4 OnlyOffice
 cpu_check 2 OnlyOffice
@@ -121,8 +124,8 @@ fi
 # Disable Onlyoffice if activated
 if [ -d "$NCPATH"/apps/onlyoffice ]
 then
-    occ_command "app:disable onlyoffice"
-    rm -r "$NCPATH"/apps/onlyoffice
+    occ_command app:disable onlyoffice
+    rm -r "$NC_APPS_PATH"/onlyoffice
 fi
 
 # Install Onlyoffice docker
@@ -222,10 +225,10 @@ fi
 if [ -d "$NC_APPS_PATH"/onlyoffice ]
 then
 # Enable OnlyOffice
-    occ_command "app:enable onlyoffice"
-    occ_command "config:app:set onlyoffice DocumentServerUrl --value=https://$SUBDOMAIN/"
-    chown -R www-data:www-data $NCPATH/apps
-    occ_command "config:system:set trusted_domains 3 --value=$SUBDOMAIN"
+    occ_command app:enable onlyoffice
+    occ_command config:app:set onlyoffice DocumentServerUrl --value=https://"$SUBDOMAIN/"
+    chown -R www-data:www-data "$NC_APPS_PATH"
+    occ_command config:system:set trusted_domains 3 --value="$SUBDOMAIN"
 # Add prune command
     {
     echo "#!/bin/bash"

apps/phpmyadmin_install_ubuntu16.sh

@@ -15,12 +15,7 @@ DEBUG=0
 debug_mode
 
 # Check if root
-if ! is_root
-then
-    printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash %s/phpmyadmin_install.sh\n" "$SCRIPTS"
-    sleep 3
-    exit 1
-fi
+root_check
 
 # Check that the script can see the external IP (apache fails otherwise)
 if [ -z "$WANIP4" ]

apps/spreedme.sh

@@ -21,11 +21,10 @@ then
 fi
 
 # Check if Nextcloud exists
-if [ ! -d "$NCPATH" ]
-then
-    echo "Nextcloud does not seem to be installed. This script will exit..."
-    exit
-fi
+root_check
+
+# Nextcloud 13 is required.
+lowest_compatible_nc 13
 
 # Install if missing
 install_if_not apache2
@@ -46,16 +45,16 @@ fi
 if [ -d "$NC_APPS_PATH/spreedme" ]
 then
     # Remove
-    occ_command 'app:disable spreedme'
+    occ_command app:disable spreedme
     echo "SpreedMe app already seems to be installed and will now be re-installed..."
     rm -R "NC_APPS_PATH/spreedme"
     # Reinstall
-    occ_command 'app:install spreedme'
+    occ_command app:install spreedme
 else
-    occ_command 'app:install spreedme'
+    occ_command app:install spreedme
 fi
-occ_command 'app:enable spreedme'
-chown -R www-data:www-data $NC_APPS_PATH
+occ_command app:enable spreedme
+chown -R www-data:www-data "$NC_APPS_PATH"
 
 # Generate secret keys
 SHAREDSECRET=$(openssl rand -hex 32)

apps/webmin.sh

@@ -13,6 +13,9 @@ true
 DEBUG=0
 debug_mode
 
+# Check if root
+root_check
+
 # Install packages for Webmin
 apt install -y zip perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python
 

lib.sh

@@ -59,7 +59,7 @@ SSL_CONF="/etc/apache2/sites-available/nextcloud_ssl_domain_self_signed.conf"
 HTTP_CONF="/etc/apache2/sites-available/nextcloud_http_domain_self_signed.conf"
 HTTP2_CONF="/etc/apache2/mods-available/http2.conf"
 # Nextcloud version
-[ ! -z "$NC_UPDATE" ] && CURRENTVERSION=$(sudo -u www-data php $NCPATH/occ "status" | grep "versionstring" | awk '{print $3}')
+[ ! -z "$NC_UPDATE" ] && CURRENTVERSION=$(occ_command status | grep "versionstring" | awk '{print $3}')
 NCVERSION=$(curl -s -m 900 $NCREPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)
 STABLEVERSION="nextcloud-$NCVERSION"
 NCMAJOR="${NCVERSION%%.*}"
@@ -106,6 +106,11 @@ REDIS_PASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$RSHUF" | head -n
 SPAMHAUS=/etc/spamhaus.wl
 ENVASIVE=/etc/apache2/mods-available/mod-evasive.load
 APACHE2=/etc/apache2/apache2.conf
+# Full text Search
+[ ! -z "$ES_INSTALL" ] && ROREST=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
+[ ! -z "$ES_INSTALL" ] && ES_VERSION=6.1.1
+[ ! -z "$ES_INSTALL" ] && ES_DEB_VERSION="$(echo $ES_VERSION | head -c 1)"
+[ ! -z "$ES_INSTALL" ] && NCADMIN=$(occ_command user:list | awk '{print $3}')
 
 ## functions
 
@@ -333,7 +338,7 @@ fi
 }
 
 check_command() {
-  if ! eval "$*"
+  if ! "$@";
   then
      printf "${IRed}Sorry but something went wrong. Please report this issue to $ISSUES and include the output of the error message. Thank you!${Color_Off}\n"
      echo "$* failed"
@@ -372,13 +377,13 @@ install_and_enable_app() {
 if [ ! -d "$NC_APPS_PATH/$1" ]
 then
     echo "Installing $1..."
-    occ_command "app:install $1"
+    occ_command app:install "$1"
 fi
 
 # Enable $1
 if [ -d "$NC_APPS_PATH/$1" ]
 then
-    occ_command "app:enable $1"
+    occ_command app:enable "$1"
     chown -R www-data:www-data "$NC_APPS_PATH"
 fi
 }
@@ -534,7 +539,18 @@ any_key() {
 
 # Example: occ_command 'maintenance:mode --on'
 occ_command() {
-check_command sudo -u www-data php "$NCPATH"/occ "$1"
+check_command sudo -u www-data php "$NCPATH"/occ "$@";
+}
+
+lowest_compatible_nc() {
+if [ "${CURRENTVERSION%%.*}" -lt "$1" ]
+then
+msg_box "This script is developed to work with Nextcloud $1 and later
+Please upgrade your Nextcloud to that version before running this script
+
+If you are using Nextcloud $1 and later and still see this message,
+please report this to $ISSUES"
+fi
 }
 
 ## bash colors

nextcloud-startup-script.sh

@@ -56,6 +56,9 @@ network_ok() {
 # Check if root
 root_check
 
+# Nextcloud 13 is required.
+lowest_compatible_nc 13
+
 # Check network
 if network_ok
 then
@@ -117,7 +120,7 @@ which could be the case if you are running directly from the scripts and not the
 As long as the user you created have sudo permissions it's safe to continue.
 This would be the case if you in the previous step created a new user with the script.
 
-If the user you are running this script with doesn't have sudo permissions,
+If the user you are running this script with a user that doesn't have sudo permissions,
 please abort this script and report this issue to $ISSUES."
         fi
     fi
@@ -130,6 +133,7 @@ is_process_running dpkg
 # Check where the best mirrors are and update
 msg_box "To make downloads as fast as possible when updating you should have mirrors that are as close to you as possible.
 This VM comes with mirrors based on servers in that where used when the VM was released and packaged.
+
 We recomend you to change the mirrors based on where this is currently installed."
 echo "Checking current mirror..."
 printf "Your current server repository is:  ${Cyan}$REPO${Color_Off}\n"
@@ -209,11 +213,14 @@ clear
 if [[ "no" == $(ask_yes_or_no "Do you run this script on a *remote* VPS like DigitalOcean, HostGator or similar?") ]]
 then
     # Change IP
-    printf "\n${Color_Off}OK, we assume you run this locally and we will now configure your IP to be static.${Color_Off}\n"
-    echo "Your internal IP is: $ADDRESS"
-    printf "\n${Color_Off}Write this down, you will need it to set static IP\n"
-    echo "in your router later. It's included in this guide:"
-    echo "https://www.techandme.se/open-port-80-443/ (step 1 - 5)"
+msg_box "OK, we assume you run this locally and we will now configure your IP to be static.
+
+Your internal IP is: $ADDRESS
+
+Write this down, you will need it to set static IP
+in your router later. It's included in this guide:
+
+https://www.techandme.se/open-port-80-443/ (step 1 - 5)"
     any_key "Press any key to set static IP..."
     ifdown "$IFACE"
     wait
@@ -239,11 +246,13 @@ then
     then
         # Connected!
         printf "${Green}Connected!${Color_Off}\n"
-        printf "We will use the DHCP IP: ${Green}$ADDRESS${Color_Off}. If you want to change it later then just edit the interfaces file:\n"
-        printf "sudo nano /etc/network/interfaces\n"
-        echo "If you experience any bugs, please report it here:"
-        echo "$ISSUES"
-        any_key "Press any key to continue..."
+msg_box "We will use the DHCP IP: $ADDRESS
+
+If you want to change it later then just edit the interfaces file:
+sudo nano /etc/network/interfaces
+
+If you experience any bugs, please report it here:
+$ISSUES"
     else
         # Not connected!
         printf "${Red}Not Connected${Color_Off}\nYou should change your settings manually in the next step.\n"
@@ -280,8 +289,8 @@ fi
 # Pretty URLs
 echo "Setting RewriteBase to \"/\" in config.php..."
 chown -R www-data:www-data $NCPATH
-sudo -u www-data php $NCPATH/occ config:system:set htaccess.RewriteBase --value="/"
-sudo -u www-data php $NCPATH/occ maintenance:update:htaccess
+occ_command config:system:set htaccess.RewriteBase --value="/"
+occ_command maintenance:update:htaccess
 bash $SECURE & spinner_loading
 
 # Generate new SSH Keys
@@ -332,10 +341,11 @@ fi
 whiptail --title "Which apps do you want to install?" --checklist --separate-output "Automatically configure and install selected apps\nSelect by pressing the spacebar" "$WT_HEIGHT" "$WT_WIDTH" 4 \
 "Fail2ban" "(Extra Bruteforce protection)   " OFF \
 "phpMyadmin" "(*SQL GUI)       " OFF \
-"Netdata" "(*Real-time server monitoring)       " OFF \
+"Netdata" "(Real-time server monitoring)       " OFF \
 "Collabora" "(Online editing 2GB RAM)   " OFF \
 "OnlyOffice" "(Online editing 4GB RAM)   " OFF \
 "Passman" "(Password storage)   " OFF \
+"FullTextSearch" "(Elasticsearch [still in BETA])   " OFF \
 "Talk" "(Nextcloud Video calls and chat)   " OFF \
 "Spreed.ME" "(3rd-party Video calls and chat)   " OFF 2>results
 
@@ -365,6 +375,10 @@ do
         Passman)
            install_and_enable_app passman
         ;;
+        
+        FullTextSearch)
+           install_and_enable_app fulltextsearch
+        ;;        
 
         Talk)
             install_and_enable_app spreed
@@ -403,14 +417,14 @@ do
 done
 echo
 clear
-NCADMIN=$(sudo -u www-data php $NCPATH/occ user:list | awk '{print $3}')
+NCADMIN=$(occ_command user:list | awk '{print $3}')
 printf "${Color_Off}\n"
 echo "For better security, change the Nextcloud password for [$NCADMIN]"
 echo "The current password for $NCADMIN is [$NCPASS]"
 any_key "Press any key to change password for Nextcloud..."
 while true
 do
-    sudo -u www-data php "$NCPATH/occ" user:resetpassword "$NCADMIN" && break
+    occ_command user:resetpassword "$NCADMIN" && break
 done
 clear
 
@@ -433,7 +447,7 @@ bash $SCRIPTS/temporary-fix.sh
 rm "$SCRIPTS"/temporary-fix.sh
 
 # Cleanup 1
-sudo -u www-data php "$NCPATH/occ" maintenance:repair
+occ_command maintenance:repair
 rm -f "$SCRIPTS/ip.sh"
 rm -f "$SCRIPTS/test_connection.sh"
 rm -f "$SCRIPTS/change_mysql_pass.sh"

nextcloud_install_production.sh

@@ -23,6 +23,15 @@ else
     apt install curl -y
 fi
 
+# Install lshw if not existing
+if [ "$(dpkg-query -W -f='${Status}' "lshw" 2>/dev/null | grep -c "ok installed")" == "1" ]
+then
+    echo "lshw OK"
+else
+    apt update -q4 & spinner_loading
+    apt install lshw -y
+fi
+
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
@@ -39,6 +48,9 @@ debug_mode
 # Check if root
 root_check
 
+# Nextcloud 13 is required.
+lowest_compatible_nc 13
+
 # Test RAM size (2GB min) + CPUs (min 1)
 ram_check 2 Nextcloud
 cpu_check 1 Nextcloud
@@ -259,17 +271,17 @@ mysql -u root -p"$MARIADB_PASS" -e "CREATE DATABASE IF NOT EXISTS nextcloud_db;"
 
 # Install Nextcloud
 cd "$NCPATH"
-check_command sudo -u www-data php occ maintenance:install \
-    --data-dir="$NCDATA" \
-    --database="mysql" \
-    --database-name="nextcloud_db" \
-    --database-user="root" \
-    --database-pass="$MARIADB_PASS" \
-    --admin-user="$NCUSER" \
-    --admin-pass="$NCPASS"
+occ_command "maintenance:install \
+    --data-dir=$NCDATA \
+    --database=mysql \
+    --database-name=nextcloud_db \
+    --database-user=root \
+    --database-pass=$MARIADB_PASS \
+    --admin-user=$NCUSER \
+    --admin-pass=$NCPASS"
 echo
 echo "Nextcloud version:"
-sudo -u www-data php "$NCPATH"/occ status
+occ_command status
 sleep 3
 echo
 
@@ -291,8 +303,8 @@ done
 
 # Repair and set Nextcloud config values
 mysqlcheck -u root -p"$MARIADB_PASS" --auto-repair --optimize --all-databases
-check_command sudo -u www-data $NCPATH/occ config:system:set mysql.utf8mb4 --type boolean --value="true"
-check_command sudo -u www-data $NCPATH/occ maintenance:repair
+occ_command config:system:set mysql.utf8mb4 --type boolean --value="true"
+occ_command maintenance:repair
 
 # Prepare cron.php to be run every 15 minutes
 crontab -u www-data -l | { cat; echo "*/15  *  *  *  * php -f $NCPATH/cron.php > /dev/null 2>&1"; } | crontab -u www-data -
@@ -313,10 +325,10 @@ sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1000M|g" /etc/php/7.0/ap
 configure_max_upload
 
 # Set SMTP mail
-sudo -u www-data php "$NCPATH"/occ config:system:set mail_smtpmode --value="smtp"
+occ_command config:system:set mail_smtpmode --value="smtp"
 
 # Set logrotate
-sudo -u www-data php "$NCPATH"/occ config:system:set log_rotate_size --value="10485760"
+occ_command config:system:set log_rotate_size --value="10485760"
 
 # Enable OPCache for PHP 
 # https://docs.nextcloud.com/server/12/admin_manual/configuration_server/server_tuning.html#enable-php-opcache
@@ -340,7 +352,7 @@ install_and_enable_app previewgenerator
 if [ -d "$NC_APPS_PATH/previewgenerator" ]
 then
     crontab -u www-data -l | { cat; echo "@daily php -f $NCPATH/occ preview:pre-generate >> /var/log/previewgenerator.log"; } | crontab -u www-data -
-    sudo -u www-data php "$NCPATH"/occ preview:generate-all
+    occ_command preview:generate-all
     touch /var/log/previewgenerator.log
     chown www-data:www-data /var/log/previewgenerator.log
 fi

nextcloud_update.sh

@@ -58,6 +58,9 @@ then
 docker images | grep -v REPOSITORY | awk '{print $1}' | xargs -L1 docker pull
 fi
 
+# Nextcloud 13 is required.
+lowest_compatible_nc 13
+
 ## OLD WAY ##
 #if [ "$(docker image inspect onlyoffice/documentserver >/dev/null 2>&1 && echo yes || echo no)" == "yes" ]
 #then
@@ -240,7 +243,7 @@ then
     echo "$BACKUP/themes/ exists"
     echo 
     printf "${Green}All files are backed up.${Color_Off}\n"
-    sudo -u www-data php "$NCPATH"/occ maintenance:mode --on
+    occ_command maintenance:mode --on
     echo "Removing old Nextcloud instance in 5 seconds..." && sleep 5
     rm -rf $NCPATH
     tar -xjf "$HTML/$STABLEVERSION.tar.bz2" -C "$HTML"
@@ -248,8 +251,8 @@ then
     cp -R $BACKUP/themes "$NCPATH"/
     cp -R $BACKUP/config "$NCPATH"/
     bash $SECURE & spinner_loading
-    sudo -u www-data php "$NCPATH"/occ maintenance:mode --off
-    sudo -u www-data php "$NCPATH"/occ upgrade --no-app-disable
+    occ_command maintenance:mode --off
+    occ_command upgrade --no-app-disable
 else
 msg_box "Something went wrong with backing up your old nextcloud instance
 Please check in $BACKUP if the folders exist."
@@ -282,14 +285,14 @@ fi
 # Pretty URLs
 echo "Setting RewriteBase to \"/\" in config.php..."
 chown -R www-data:www-data "$NCPATH"
-sudo -u www-data php "$NCPATH"/occ config:system:set htaccess.RewriteBase --value="/"
-sudo -u www-data php "$NCPATH"/occ maintenance:update:htaccess
+occ_command config:system:set htaccess.RewriteBase --value="/"
+occ_command maintenance:update:htaccess
 bash "$SECURE"
 
 # Repair
-sudo -u www-data php "$NCPATH"/occ maintenance:repair
+occ_command maintenance:repair
 
-CURRENTVERSION_after=$(sudo -u www-data php "$NCPATH"/occ status | grep "versionstring" | awk '{print $3}')
+CURRENTVERSION_after=$(occ_command status | grep "versionstring" | awk '{print $3}')
 if [[ "$NCVERSION" == "$CURRENTVERSION_after" ]]
 then
 msg_box "Latest version is: $NCVERSION. Current version is: $CURRENTVERSION_after.
@@ -300,8 +303,8 @@ If you notice that some apps are disabled it's due to that they are not compatib
 To recover your old apps, please check $BACKUP/apps and copy them to $NCPATH/apps manually.
 
 Thank you for using Tech and Me's updater!"
-    sudo -u www-data php "$NCPATH"/occ status
-    sudo -u www-data php "$NCPATH"/occ maintenance:mode --off
+    occ_command status
+    occ_command maintenance:mode --off
     echo "NEXTCLOUD UPDATE success-$(date +"%Y%m%d")" >> /var/log/cronjobs_success.log
     ## Un-hash this if you want the system to reboot
     # reboot
@@ -315,6 +318,6 @@ Your files are still backed up at $BACKUP. No worries!
 Please report this issue to $ISSUES
 
 Maintenance mode is kept on."
-sudo -u www-data php "$NCPATH"/occ status
+occ_command status
     exit 1
 fi

static/redis-server-ubuntu16.sh

@@ -13,11 +13,7 @@ DEBUG=0
 debug_mode
 
 # Must be root
-if ! is_root
-then
-    echo "Must be root to run script, in Ubuntu type: sudo -i"
-    exit 1
-fi
+root_check
 
 # Check Ubuntu version
 echo "Checking server OS and version..."
@@ -94,11 +90,25 @@ cat <<ADD_TO_CONFIG >> $NCPATH/config/config.php
 );
 ADD_TO_CONFIG
 
-# Redis performance tweaks
+## Redis performance tweaks ##
 if ! grep -Fxq "vm.overcommit_memory = 1" /etc/sysctl.conf
 then
     echo 'vm.overcommit_memory = 1' >> /etc/sysctl.conf
 fi
+
+# Disable THP
+if ! grep -Fxq "never" /sys/kernel/mm/transparent_hugepage/enabled
+then
+    echo "never" > /sys/kernel/mm/transparent_hugepage/enabled
+fi
+
+# Raise TCP backlog
+#if ! grep -Fxq "net.core.somaxconn" /proc/sys/net/core/somaxconn
+#then
+#    sed -i "s|net.core.somaxconn.*||g" /etc/sysctl.conf
+#    sysctl -w net.core.somaxconn=512
+#    echo "net.core.somaxconn = 512" >> /etc/sysctl.conf
+#fi
 sed -i "s|# unixsocket .*|unixsocket $REDIS_SOCK|g" $REDIS_CONF
 sed -i "s|# unixsocketperm .*|unixsocketperm 777|g" $REDIS_CONF
 sed -i "s|^port.*|port 0|" $REDIS_CONF