move from postgresql to master (#528)

This commit is contained in:
Daniel Hansson 2018-05-06 18:08:18 +02:00 коммит произвёл GitHub
Родитель dfa51692e6
Коммит c3fc43cc60
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
19 изменённых файлов: 582 добавлений и 881 удалений

Просмотреть файл

@ -30,13 +30,17 @@ DigitalOcean example: https://youtu.be/LlqY5Y6P9Oc
#### Minimum requirements:
* A clean Ubuntu Server 16.04.X
* OpenSSH (preferred)
* 20 GB HDD
* 20 GB HDD for OS
* XX GB HDD for DATA (/mnt/ncdata)
* At least 1 vCPU and 2 GB RAM (4 GB minimum if you are running OnlyOffice)
* A working internet connection (the script needs it to download files and variables)
#### Recommended
* Thick provisioned (better performance and easier to maintain)
* DHCP available
* 40 GB HDD for OS
* 4 vCPU
* 4 GB RAM
#### Installation
1. Get the latest install script from master:<br>

Просмотреть файл

@ -162,7 +162,7 @@ then
SSLCertificateKeyFile $CERTFILES/$SUBDOMAIN/privkey.pem
SSLOpenSSLConfCmd DHParameters $DHPARAMS
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
SSLCompression off

Просмотреть файл

@ -160,7 +160,8 @@ then
SSLOpenSSLConfCmd DHParameters $DHPARAMS
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog ${APACHE_LOG_DIR}/error.log

Просмотреть файл

@ -1,171 +0,0 @@
#!/bin/bash
# Tech and Me © - 2018, https://www.techandme.se/
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
MYCNFPW=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset MYCNFPW
# Check for errors + debug code and abort if something isn't right
# 1 = ON
# 0 = OFF
DEBUG=0
debug_mode
# Check if root
root_check
# Check that the script can see the external IP (apache fails otherwise)
if [ -z "$WANIP4" ]
then
echo "WANIP4 is an emtpy value, Apache will fail on reboot due to this. Please check your network and try again"
sleep 3
exit 1
fi
# Check Ubuntu version
if [ "$OS" != 1 ]
then
echo "Ubuntu Server is required to run this script."
echo "Please install that distro and try again."
sleep 3
exit 1
fi
if ! version 16.04 "$DISTRO" 16.04.4; then
echo "Ubuntu version seems to be $DISTRO"
echo "It must be between 16.04 - 16.04.4"
echo "Please install that version and try again."
exit 1
fi
echo
echo "Installing and securing phpMyadmin..."
echo "This may take a while, please don't abort."
echo
# Install phpmyadmin
echo "phpmyadmin phpmyadmin/dbconfig-install boolean true" | debconf-set-selections
echo "phpmyadmin phpmyadmin/app-password-confirm password $MARIADBMYCNFPASS" | debconf-set-selections
echo "phpmyadmin phpmyadmin/mysql/admin-pass password $MARIADBMYCNFPASS" | debconf-set-selections
echo "phpmyadmin phpmyadmin/mysql/app-pass password $MARIADBMYCNFPASS" | debconf-set-selections
echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2" | debconf-set-selections
apt update -q4 & spinner_loading
apt install -y -q \
php-gettext \
phpmyadmin
# Secure phpMyadmin
if [ -f $PHPMYADMIN_CONF ]
then
rm $PHPMYADMIN_CONF
fi
touch "$PHPMYADMIN_CONF"
cat << CONF_CREATE > "$PHPMYADMIN_CONF"
# phpMyAdmin default Apache configuration
Alias /phpmyadmin $PHPMYADMINDIR
<Directory $PHPMYADMINDIR>
Options FollowSymLinks
DirectoryIndex index.php
<IfModule mod_php.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
php_flag magic_quotes_gpc Off
php_flag track_vars On
php_flag register_globals Off
php_admin_flag allow_url_fopen On
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpm$
</IfModule>
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require ip $WANIP4
Require ip $ADDRESS
Require ip 127.0.0.1
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from $WANIP4
Allow from $ADDRESS
Allow from ::1
Allow from localhost
</IfModule>
</Directory>
# Authorize for setup
<Directory $PHPMYADMINDIR/setup>
Require all denied
</Directory>
# Authorize for setup
<Directory $PHPMYADMINDIR/setup>
<IfModule mod_authz_core.c>
<IfModule mod_authn_file.c>
AuthType Basic
AuthName "phpMyAdmin Setup"
AuthUserFile /etc/phpmyadmin/htpasswd.setup
</IfModule>
Require valid-user
</IfModule>
</Directory>
# Disallow web access to directories that don't need it
<Directory $PHPMYADMINDIR/libraries>
Require all denied
</Directory>
<Directory $PHPMYADMINDIR/setup/lib>
Require all denied
</Directory>
CONF_CREATE
# Secure phpMyadmin even more
CONFIG=/var/lib/phpmyadmin/config.inc.php
touch $CONFIG
cat << CONFIG_CREATE >> "$CONFIG"
<?php
\$i = 0;
\$i++;
\$cfg['Servers'][\$i]['host'] = 'localhost';
\$cfg['Servers'][\$i]['extension'] = 'mysql';
\$cfg['Servers'][\$i]['connect_type'] = 'socket';
\$cfg['Servers'][\$i]['compress'] = false;
\$cfg['Servers'][\$i]['auth_type'] = 'cookie';
\$cfg['UploadDir'] = '$SAVEPATH';
\$cfg['SaveDir'] = '$UPLOADPATH';
\$cfg['BZipDump'] = false;
\$cfg['Lang'] = 'en';
\$cfg['ServerDefault'] = 1;
\$cfg['ShowPhpInfo'] = true;
\$cfg['Export']['lock_tables'] = true;
?>
CONFIG_CREATE
if ! service apache2 restart
then
echo "Apache2 could not restart..."
echo "The script will exit."
exit 1
else
echo
echo "$PHPMYADMIN_CONF was successfully secured."
echo
fi

Просмотреть файл

@ -0,0 +1,54 @@
#!/bin/bash
# Tech and Me © - 2018, https://www.techandme.se/
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
# Check for errors + debug code and abort if something isn't right
# 1 = ON
# 0 = OFF
DEBUG=0
debug_mode
# Check if root
if ! is_root
then
printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash %s/phppgadmin_install_ubuntu16.sh\n" "$SCRIPTS"
sleep 3
exit 1
fi
# Check that the script can see the external IP (apache fails otherwise)
if [ -z "$WANIP4" ]
then
echo "WANIP4 is an emtpy value, Apache will fail on reboot due to this. Please check your network and try again"
sleep 3
exit 1
fi
# Check distrobution and version
check_distro_version
echo
echo "Installing and securing phpPGadmin..."
echo "This may take a while, please don't abort."
echo
# Install phpPGadmin
apt update -q4 & spinner_loading
apt install -y -q \
php-gettext \
phppgadmin
# Allow local access
sed -i "s|Require local|Require ip $GATEWAY/24|g" /etc/apache2/conf-available/phppgadmin.conf
if ! service apache2 restart
then
echo "Apache2 could not restart..."
echo "The script will exit."
exit 1
fi

36
apps/previewgenerator.sh Normal file
Просмотреть файл

@ -0,0 +1,36 @@
#!/bin/bash
# Tech and Me © - 2018, https://www.techandme.se/
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
PREVIEW_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset PREVIEW_INSTALL
# Check for errors + debug code and abort if something isn't right
# 1 = ON
# 0 = OFF
DEBUG=0
debug_mode
# Download and install Preview Generator
if [ ! -d "$NCPATH"/apps/previewgenerator ]
then
echo "Installing Preview Generator..."
wget -q "$PREVER_REPO/v$PREVER/$PREVER_FILE" -P "$NCPATH/apps"
tar -zxf "$NCPATH/apps/$PREVER_FILE" -C "$NCPATH/apps"
cd "$NCPATH/apps"
rm "$PREVER_FILE"
fi
# Enable Preview Generator
if [ -d "$NCPATH"/apps/previewgenerator ]
then
sudo -u www-data php "$NCPATH"/occ app:enable previewgenerator
chown -R www-data:www-data $NCPATH/apps
crontab -u www-data -l | { cat; echo "@daily php -f $NCPATH/occ preview:pre-generate >> /var/log/previewgenerator.log"; } | crontab -u www-data -
sudo -u www-data php "$NCPATH"/occ preview:generate-all
touch /var/log/previewgenerator.log
chown www-data:www-data /var/log/previewgenerator.log
fi

64
lib.sh
Просмотреть файл

@ -9,7 +9,7 @@ true
SCRIPTS=/var/scripts
NCPATH=/var/www/nextcloud
HTML=/var/www
NCDATA=/var/ncdata
NCDATA=/mnt/ncdata
SNAPDIR=/var/snap/spreedme
GPGDIR=/tmp/gpg
BACKUP=/var/NCBACKUP
@ -25,10 +25,10 @@ WGET="/usr/bin/wget"
# WANIP4=$(dig +short myip.opendns.com @resolver1.opendns.com) # as an alternative
WANIP4=$(curl -s -m 5 ipinfo.io/ip)
[ ! -z "$LOAD_IP6" ] && WANIP6=$(curl -s -k -m 7 https://6.ifcfg.me)
IFCONFIG="/sbin/ifconfig"
INTERFACES="/etc/network/interfaces"
NETMASK=$($IFCONFIG | grep -w inet |grep -v 127.0.0.1| awk '{print $4}' | cut -d ":" -f 2)
INTERFACES="/etc/netplan/01-netcfg.yaml"
GATEWAY=$(route -n|grep "UG"|grep -v "UGH"|cut -f 10 -d " ")
DNS1="9.9.9.9"
DNS2="149.112.112.112"
# Repo
GITHUB_REPO="https://raw.githubusercontent.com/nextcloud/vm/master"
STATIC="$GITHUB_REPO/static"
@ -42,7 +42,7 @@ NCUSER=ncadmin
UNIXUSER=$SUDO_USER
UNIXUSER_PROFILE="/home/$UNIXUSER/.bash_profile"
ROOT_PROFILE="/root/.bash_profile"
# MARIADB
# Database
SHUF=$(shuf -i 25-29 -n 1)
MARIADB_PASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
NEWMARIADBPASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
@ -50,14 +50,16 @@ NEWMARIADBPASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head
ETCMYCNF=/etc/mysql/my.cnf
MYCNF=/root/.my.cnf
[ ! -z "$MYCNFPW" ] && MARIADBMYCNFPASS=$(grep "password" $MYCNF | sed -n "/password/s/^password='\(.*\)'$/\1/p")
PGDB_PASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
NEWPGPASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
[ ! -z "$NCDB" ] && NCCONFIGDB=$(grep "dbname" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g")
[ ! -z "$NCDBPASS" ] && NCCONFIGDBPASS=$(grep "dbpassword" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g")
# Path to specific files
PHPMYADMIN_CONF="/etc/apache2/conf-available/phpmyadmin.conf"
PHPMPGDMIN_CONF="/etc/apache2/conf-available/phppgadmin.conf"
SECURE="$SCRIPTS/setup_secure_permissions_nextcloud.sh"
SSL_CONF="/etc/apache2/sites-available/nextcloud_ssl_domain_self_signed.conf"
HTTP_CONF="/etc/apache2/sites-available/nextcloud_http_domain_self_signed.conf"
HTTP2_CONF="/etc/apache2/mods-available/http2.conf"
# Nextcloud version
[ ! -z "$NC_UPDATE" ] && CURRENTVERSION=$(sudo -u www-data php $NCPATH/occ status | grep "versionstring" | awk '{print $3}')
NCVERSION=$(curl -s -m 900 $NCREPO/ | sed --silent 's/.*href="nextcloud-\([^"]\+\).zip.asc".*/\1/p' | sort --version-sort | tail -1)
@ -80,6 +82,7 @@ CERTFILES="$LETSENCRYPTPATH/live"
DHPARAMS="$CERTFILES/$SUBDOMAIN/dhparam.pem"
# Collabora App
HTTPS_CONF="/etc/apache2/sites-available/$SUBDOMAIN.conf"
HTTP2_CONF="/etc/apache2/mods-available/http2.conf"
# Nextant
# this var get's the latest automatically:
SOLR_VERSION=$(curl -s https://github.com/apache/lucene-solr/tags | grep -o "release.*</span>$" | grep -o '[0-6].[0-9].[0-9]' | sort -t. -k1,1n -k2,2n -k3,3n | tail -n1)
@ -99,7 +102,7 @@ UPLOADPATH=""
SAVEPATH=""
# Redis
REDIS_CONF=/etc/redis/redis.conf
REDIS_SOCK=/var/run/redis/redis.sock
REDIS_SOCK=/var/run/redis/redis-server.sock
RSHUF=$(shuf -i 30-35 -n 1)
REDIS_PASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$RSHUF" | head -n 1)
# Extra security
@ -196,6 +199,25 @@ do
done
}
test_connection() {
install_if_not dnsutils
install_if_not network-manager
check_command service network-manager restart
ip link set "$IFACE" down
wait
ip link set "$IFACE" up
wait
check_command service network-manager restart
echo "Checking connection..."
sleep 3
if ! nslookup github.com
then
msg_box "Network NOT OK. You must have a working network connection to run this script
If you think that this is a bug, please report it to https://github.com/nextcloud/vm/issues."
exit 1
fi
}
# Install certbot (Let's Encrypt)
install_certbot() {
certbot --version 2> /dev/null
@ -211,9 +233,7 @@ else
apt update -q4 & spinner_loading
apt install certbot -y -q
apt update -q4 & spinner_loading
apt-mark hold mariadb*
apt dist-upgrade -y
apt-mark unhold mariadb*
fi
}
@ -224,7 +244,7 @@ service apache2 reload
certbot certonly --standalone --pre-hook "service apache2 stop" --post-hook "service apache2 start" --agree-tos --rsa-key-size 4096 -d "$SUBDOMAIN"
}
# Check if port is open # check_open_port 443
# Check if port is open # check_open_port 443 domain.example.com
check_open_port() {
# Check to see if user already has nmap installed on their system
if [ "$(dpkg-query -s nmap 2> /dev/null | grep -c "ok installed")" == "1" ]
@ -275,8 +295,27 @@ else
fi
}
check_distro_version() {
# Check Ubuntu version
echo "Checking server OS and version..."
if [ "$OS" != 1 ]
then
msg_box "Ubuntu Server is required to run this script.
Please install that distro and try again.
You can find the download link here: https://www.ubuntu.com/download/server"
exit 1
fi
if ! version 18.04 "$DISTRO" 18.04.4; then
msg_box "Ubuntu version $DISTRO must be between 18.04 - 18.04.4"
exit 1
fi
}
configure_max_upload() {
# Increase max filesize (expects that changes are made in /etc/php/7.0/apache2/php.ini)
# Increase max filesize (expects that changes are made in /etc/php/7.2/apache2/php.ini)
# Here is a guide: https://www.techandme.se/increase-max-file-size/
sed -i 's/ php_value upload_max_filesize.*/# php_value upload_max_filesize 511M/g' "$NCPATH"/.htaccess
sed -i 's/ php_value post_max_size.*/# php_value post_max_size 511M/g' "$NCPATH"/.htaccess
@ -353,7 +392,7 @@ check_command sudo -u www-data php "$NCPATH"/occ "$@";
network_ok() {
echo "Testing if network is OK..."
service networking restart
service network-manager restart
if wget -q -T 20 -t 2 http://github.com -O /dev/null & spinner_loading
then
return 0
@ -584,7 +623,6 @@ then
sleep 1
else
msg_box "It appears that something went wrong with the update.
Please report this to $ISSUES"
occ_command -V
exit

Просмотреть файл

@ -2,15 +2,22 @@
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
NC_UPDATE=1 && FIRST_IFACE=1 && CHECK_CURRENT_REPO=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
NCDB=1 && FIRST_IFACE=1 && CHECK_CURRENT_REPO=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset FIRST_IFACE
unset CHECK_CURRENT_REPO
unset NC_UPDATE
unset NCDB
# Tech and Me © - 2018, https://www.techandme.se/
## If you want debug mode, please activate it further down in the code at line ~60
# FUNCTIONS #
msg_box() {
local PROMPT="$1"
whiptail --msgbox "${PROMPT}" "$WT_HEIGHT" "$WT_WIDTH"
}
is_root() {
if [[ "$EUID" -ne 0 ]]
then
@ -20,11 +27,6 @@ is_root() {
fi
}
msg_box() {
local PROMPT="$1"
whiptail --msgbox "${PROMPT}" "$WT_HEIGHT" "$WT_WIDTH"
}
root_check() {
if ! is_root
then
@ -45,7 +47,7 @@ fi
network_ok() {
echo "Testing if network is OK..."
service networking restart
service network-manager restart
if wget -q -T 20 -t 2 http://github.com -O /dev/null
then
return 0
@ -54,12 +56,20 @@ network_ok() {
fi
}
check_command() {
if ! "$@";
then
printf "${IRed}Sorry but something went wrong. Please report this issue to $ISSUES and include the output of the error message. Thank you!${Color_Off}\n"
echo "$* failed"
exit 1
fi
}
# END OF FUNCTIONS #
# Check if root
root_check
# Nextcloud 13 is required.
lowest_compatible_nc 13
# Check network
if network_ok
then
@ -68,16 +78,47 @@ else
echo "Setting correct interface..."
[ -z "$IFACE" ] && IFACE=$(lshw -c network | grep "logical name" | awk '{print $3; exit}')
# Set correct interface
{
sed '/# The primary network interface/q' /etc/network/interfaces
printf 'auto %s\niface %s inet dhcp\n# This is an autoconfigured IPv6 interface\niface %s inet6 auto\n' "$IFACE" "$IFACE" "$IFACE"
} > /etc/network/interfaces.new
mv /etc/network/interfaces.new /etc/network/interfaces
service networking restart
# shellcheck source=lib.sh
CHECK_CURRENT_REPO=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset CHECK_CURRENT_REPO
cat <<-SETDHCP > "/etc/netplan/01-netcfg.yaml"
network:
version: 2
renderer: networkd
ethernets:
$IFACE:
dhcp4: yes
dhcp6: yes
SETDHCP
check_command netplan apply
check_command service network-manager restart
ip link set "$IFACE" down
wait
ip link set "$IFACE" up
wait
check_command service network-manager restart
echo "Checking connection..."
sleep 3
if ! nslookup github.com
then
msg_box "Network NOT OK. You must have a working network connection to run this script
If you think that this is a bug, please report it to https://github.com/nextcloud/vm/issues."
exit 1
fi
fi
# Check network again
if network_ok
then
printf "${Green}Online!${Color_Off}\n"
else
msg_box "Network NOT OK. You must have a working network connection to run this script
If you think that this is a bug, please report it to https://github.com/nextcloud/vm/issues."
exit 1
fi
# shellcheck source=lib.sh
NCDB=1 && CHECK_CURRENT_REPO=1 && NC_UPDATE=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset NC_UPDATE
unset CHECK_CURRENT_REPO
unset NCDB
# Check for errors + debug code and abort if something isn't right
# 1 = ON
@ -85,15 +126,14 @@ fi
DEBUG=0
debug_mode
# Check network
if network_ok
then
printf "${Green}Online!${Color_Off}\n"
else
msg_box "Network NOT OK!
# Nextcloud 13 is required.
lowest_compatible_nc 13
You must have a working Network connection to run this script.
Please report this issue here: $ISSUES"
# Check that this run on the PostgreSQL VM
if ! which psql > /dev/null
then
echo "This script is intended to be run on then PostgreSQL VM but PostgreSQL is not installed."
echo "Aborting..."
exit 1
fi
@ -167,7 +207,7 @@ download_static_script update
download_static_script trusted
download_static_script test_connection
download_static_script setup_secure_permissions_nextcloud
download_static_script change_mysql_pass
download_static_script change_db_pass
download_static_script nextcloud
download_static_script update-config
download_static_script index
@ -190,8 +230,8 @@ msg_box "This script will configure your Nextcloud and activate SSL.
It will also do the following:
- Generate new SSH keys for the server
- Generate new MariaDB password
- Install phpMyadmin and make it secure
- Generate new PotgreSQL password
- Install phpPGadmin and make it secure
- Install selected apps and automatically configure them
- Detect and set hostname
- Upgrade your system and Nextcloud to latest version
@ -242,12 +282,11 @@ printf "\nGenerating new SSH keys for the server...\n"
rm -v /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
# Generate new MariaDB password
echo "Generating new MARIADB password..."
if bash "$SCRIPTS/change_mysql_pass.sh" && wait
then
rm "$SCRIPTS/change_mysql_pass.sh"
fi
# Generate new PostgreSQL password
echo "Generating new PostgreSQL password..."
check_command bash "$SCRIPTS/change_db_pass.sh"
sleep 3
clear
msg_box "The following script will install a trusted
SSL certificate through Let's Encrypt.
@ -272,7 +311,7 @@ clear
# Install Apps
whiptail --title "Which apps do you want to install?" --checklist --separate-output "Automatically configure and install selected apps\nSelect by pressing the spacebar" "$WT_HEIGHT" "$WT_WIDTH" 4 \
"Fail2ban" "(Extra Bruteforce protection) " OFF \
"phpMyadmin" "(*SQL GUI) " OFF \
"phpPGadmin" "(PostgreSQL GUI) " OFF \
"Netdata" "(Real-time server monitoring) " OFF \
"Collabora" "(Online editing 2GB RAM) " OFF \
"OnlyOffice" "(Online editing 4GB RAM) " OFF \
@ -288,12 +327,12 @@ do
run_app_script fail2ban
;;
Netdata)
run_app_script netdata
phpPGadmin)
run_app_script phppgadmin_install_ubuntu
;;
phpMyadmin)
run_app_script phpmyadmin_install_ubuntu16
Netdata)
run_app_script netdata
;;
OnlyOffice)
@ -390,8 +429,9 @@ rm "$SCRIPTS"/temporary-fix.sh
# Cleanup 1
occ_command maintenance:repair
rm -f "$SCRIPTS/ip.sh"
rm -f "$SCRIPTS/change_db_pass.sh"
rm -f "$SCRIPTS/test_connection.sh"
rm -f "$SCRIPTS/change_mysql_pass.sh"
rm -f "$SCRIPTS/instruction.sh"
rm -f "$NCDATA/nextcloud.log"
rm -f "$SCRIPTS/nextcloud-startup-script.sh"
@ -472,7 +512,7 @@ Login to Nextcloud in your browser:
Some tips and tricks:
1. Publish your server online: https://goo.gl/iUGE2U
2. To login to MariaDB just type: mysql -u root
2. To login to PostgreSQL just type: sudo -u postgres psql nextcloud_db
3. To update this VM just type: sudo bash /var/scripts/update.sh
4. Change IP to something outside DHCP: sudo nano /etc/network/interfaces
5. Please report any bugs here: https://github.com/nextcloud/vm/issues
@ -493,12 +533,6 @@ fi
# Prefer IPv6
sed -i "s|precedence ::ffff:0:0/96 100|#precedence ::ffff:0:0/96 100|g" /etc/gai.conf
# Shutdown MariaDB gracefully
echo "Shutting down MariaDB..."
check_command sudo systemctl stop mariadb.service
rm -f /var/lib/mysql/ib_logfile[01]
echo
# Reboot
any_key "Installation finished, press any key to reboot system..."
rm -f "$SCRIPTS/nextcloud-startup-script.sh"

Просмотреть файл

@ -48,6 +48,10 @@ debug_mode
# Check if root
root_check
# Set locales
install_if_not language-pack-en-base
sudo locale-gen "sv_SE.UTF-8" && sudo dpkg-reconfigure --frontend=noninteractive locales
# Test RAM size (2GB min) + CPUs (min 1)
ram_check 2 Nextcloud
cpu_check 1 Nextcloud
@ -55,21 +59,8 @@ cpu_check 1 Nextcloud
# Create new current user
run_static_script adduser nextcloud_install_production.sh
# Check Ubuntu version
echo "Checking server OS and version..."
if [ "$OS" != 1 ]
then
msg_box "Ubuntu Server is required to run this script.
Please install that distro and try again.
You can find the download link here: https://www.ubuntu.com/download/server"
exit 1
fi
if ! version 16.04 "$DISTRO" 16.04.4; then
msg_box "Ubuntu version $DISTRO must be between 16.04 - 16.04.4"
exit 1
fi
# Check distrobution and version
check_distro_version
# Check if key is available
if ! wget -q -T 10 -t 2 "$NCREPO" > /dev/null
@ -91,34 +82,8 @@ then
mkdir -p "$SCRIPTS"
fi
# Change DNS
if ! [ -x "$(command -v resolvconf)" ]
then
apt install resolvconf -y -q
dpkg-reconfigure resolvconf
fi
echo "nameserver 9.9.9.9" > /etc/resolvconf/resolv.conf.d/base
echo "nameserver 149.112.112.112" >> /etc/resolvconf/resolv.conf.d/base
# Check network
if ! [ -x "$(command -v nslookup)" ]
then
apt install dnsutils -y -q
fi
if ! [ -x "$(command -v ifup)" ]
then
apt install ifupdown -y -q
fi
sudo ifdown "$IFACE" && sudo ifup "$IFACE"
if ! nslookup google.com
then
msg_box "Network NOT OK. You must have a working network connection to run this script."
exit 1
fi
# Set locales
apt install language-pack-en-base -y
sudo locale-gen "sv_SE.UTF-8" && sudo dpkg-reconfigure --frontend=noninteractive locales
test_connection
# Check where the best mirrors are and update
echo
@ -155,56 +120,19 @@ else
clear
fi
# Update system
# Install PostgreSQL
# sudo add-apt-repository "deb http://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main"
# wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
apt update -q4 & spinner_loading
apt install postgresql-10 -y
# Write MariaDB pass to file and keep it safe
{
echo "[client]"
echo "password='$MARIADB_PASS'"
} > "$MYCNF"
chmod 0600 $MYCNF
chown root:root $MYCNF
# Install MARIADB
apt install software-properties-common -y
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.ddg.lth.se/mariadb/repo/10.2/ubuntu xenial main'
sudo debconf-set-selections <<< "mariadb-server-10.2 mysql-server/root_password password $MARIADB_PASS"
sudo debconf-set-selections <<< "mariadb-server-10.2 mysql-server/root_password_again password $MARIADB_PASS"
apt update -q4 & spinner_loading
check_command apt install mariadb-server-10.2 -y
# Prepare for Nextcloud installation
# https://blog.v-gar.de/2018/02/en-solved-error-1698-28000-in-mysqlmariadb/
mysql -u root mysql -p"$MARIADB_PASS" -e "UPDATE user SET plugin='' WHERE user='root';"
mysql -u root mysql -p"$MARIADB_PASS" -e "UPDATE user SET password=PASSWORD('$MARIADB_PASS') WHERE user='root';"
mysql -u root -p"$MARIADB_PASS" -e "flush privileges;"
# mysql_secure_installation
apt -y install expect
SECURE_MYSQL=$(expect -c "
set timeout 10
spawn mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send \"$MARIADB_PASS\r\"
expect \"Change the root password?\"
send \"n\r\"
expect \"Remove anonymous users?\"
send \"y\r\"
expect \"Disallow root login remotely?\"
send \"y\r\"
expect \"Remove test database and access to it?\"
send \"y\r\"
expect \"Reload privilege tables now?\"
send \"y\r\"
expect eof
")
echo "$SECURE_MYSQL"
apt -y purge expect
# Write a new MariaDB config
run_static_script new_etc_mycnf
# Create DB
cd /tmp
sudo -u postgres psql <<END
CREATE USER $NCUSER WITH PASSWORD '$PGDB_PASS';
CREATE DATABASE nextcloud_db WITH OWNER $NCUSER TEMPLATE template0 ENCODING 'UTF8';
END
service postgresql restart
# Install Apache
check_command apt install apache2 -y
@ -216,35 +144,35 @@ a2enmod rewrite \
ssl \
setenvif
# Install PHP 7.0
# Install PHP 7.2
apt update -q4 & spinner_loading
check_command apt install -y \
libapache2-mod-php7.0 \
php7.0-common \
php7.0-mysql \
php7.0-intl \
php7.0-mcrypt \
php7.0-ldap \
php7.0-imap \
php7.0-cli \
php7.0-gd \
php7.0-pgsql \
php7.0-json \
php7.0-sqlite3 \
php7.0-curl \
php7.0-xml \
php7.0-zip \
php7.0-mbstring \
libapache2-mod-php7.2 \
php7.2-common \
php7.2-intl \
php7.2-ldap \
php7.2-imap \
php7.2-cli \
php7.2-gd \
php7.2-pgsql \
php7.2-json \
php7.2-curl \
php7.2-xml \
php7.2-zip \
php7.2-mbstring \
php-smbclient \
php-imagick \
libmagickcore-6.q16-2-extra
libmagickcore-6.q16-3-extra
# Enable SMB client
# echo '# This enables php-smbclient' >> /etc/php/7.0/apache2/php.ini
# echo 'extension="smbclient.so"' >> /etc/php/7.0/apache2/php.ini
# Install VM-tools
apt install open-vm-tools -y
install_if_not open-vm-tools
# Format /dev/sdb to host the ncdata
run_static_script format-sdb
# Download and validate Nextcloud package
check_command download_verify_nextcloud_stable
@ -263,17 +191,14 @@ rm "$HTML/$STABLEVERSION.tar.bz2"
download_static_script setup_secure_permissions_nextcloud
bash $SECURE & spinner_loading
# Create database nextcloud_db
mysql -u root -p"$MARIADB_PASS" -e "CREATE DATABASE IF NOT EXISTS nextcloud_db;"
# Install Nextcloud
cd "$NCPATH"
occ_command maintenance:install \
--data-dir="$NCDATA" \
--database=mysql \
--database=pgsql \
--database-name=nextcloud_db \
--database-user=root \
--database-pass="$MARIADB_PASS" \
--database-user="$NCUSER" \
--database-pass="$PGDB_PASS" \
--admin-user="$NCUSER" \
--admin-pass="$NCPASS"
echo
@ -282,41 +207,20 @@ occ_command status
sleep 3
echo
# Enable UTF8mb4 (4-byte support)
databases=$(mysql -u root -p"$MARIADB_PASS" -e "SHOW DATABASES;" | tr -d "| " | grep -v Database)
for db in $databases; do
if [[ "$db" != "performance_schema" ]] && [[ "$db" != _* ]] && [[ "$db" != "information_schema" ]];
then
echo "Changing to UTF8mb4 on: $db"
mysql -u root -p"$MARIADB_PASS" -e "ALTER DATABASE $db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
fi
done
#if [ $? -ne 0 ]
#then
# echo "UTF8mb4 was not set. Something is wrong."
# echo "Please report this bug to $ISSUES. Thank you!"
# exit 1
#fi
# Repair and set Nextcloud config values
mysqlcheck -u root -p"$MARIADB_PASS" --auto-repair --optimize --all-databases
occ_command config:system:set mysql.utf8mb4 --type boolean --value="true"
occ_command maintenance:repair
# Prepare cron.php to be run every 15 minutes
crontab -u www-data -l | { cat; echo "*/15 * * * * php -f $NCPATH/cron.php > /dev/null 2>&1"; } | crontab -u www-data -
# Change values in php.ini (increase max file size)
# max_execution_time
sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" /etc/php/7.0/apache2/php.ini
sed -i "s|max_execution_time =.*|max_execution_time = 3500|g" /etc/php/7.2/apache2/php.ini
# max_input_time
sed -i "s|max_input_time =.*|max_input_time = 3600|g" /etc/php/7.0/apache2/php.ini
sed -i "s|max_input_time =.*|max_input_time = 3600|g" /etc/php/7.2/apache2/php.ini
# memory_limit
sed -i "s|memory_limit =.*|memory_limit = 512M|g" /etc/php/7.0/apache2/php.ini
sed -i "s|memory_limit =.*|memory_limit = 512M|g" /etc/php/7.2/apache2/php.ini
# post_max
sed -i "s|post_max_size =.*|post_max_size = 1100M|g" /etc/php/7.0/apache2/php.ini
sed -i "s|post_max_size =.*|post_max_size = 1100M|g" /etc/php/7.2/apache2/php.ini
# upload_max
sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1000M|g" /etc/php/7.0/apache2/php.ini
sed -i "s|upload_max_filesize =.*|upload_max_filesize = 1000M|g" /etc/php/7.2/apache2/php.ini
# Set max upload in Nextcloud .htaccess
configure_max_upload
@ -340,7 +244,7 @@ echo "opcache.memory_consumption=256"
echo "opcache.save_comments=1"
echo "opcache.revalidate_freq=1"
echo "opcache.validate_timestamps=1"
} >> /etc/php/7.0/apache2/php.ini
} >> /etc/php/7.2/apache2/php.ini
# Install preview generator
install_and_enable_app previewgenerator
@ -361,7 +265,10 @@ install_and_enable_app issuetemplate
install_and_enable_app caniupdate
# Install Figlet
apt install figlet -y
install_if_not figlet
# To be able to use snakeoil certs
install_if_not ssl-cert
# Generate $HTTP_CONF
if [ ! -f $HTTP_CONF ]
@ -520,7 +427,7 @@ check_command run_static_script change-ncadmin-profile
check_command run_static_script change-root-profile
# Install Redis
run_static_script redis-server-ubuntu16
run_static_script redis-server-ubuntu
# Upgrade
apt update -q4 & spinner_loading
@ -537,13 +444,13 @@ apt autoclean
find /root "/home/$UNIXUSER" -type f \( -name '*.sh*' -o -name '*.html*' -o -name '*.tar*' -o -name '*.zip*' \) -delete
# Install virtual kernels for Hyper-V, and extra for UTF8 kernel module + Collabora and OnlyOffice
# Kernel 4.4
apt install --install-recommends -y \
linux-virtual-lts-xenial \
linux-tools-virtual-lts-xenial \
linux-cloud-tools-virtual-lts-xenial \
linux-image-virtual-lts-xenial \
linux-image-extra-"$(uname -r)"
# Kernel 4.15
yes | apt install --install-recommends \
linux-virtual \
linux-tools-virtual \
linux-cloud-tools-virtual \
linux-image-virtual \
linux-image-extra-virtual
# Set secure permissions final (./data/.htaccess has wrong permissions otherwise)
bash $SECURE & spinner_loading

Просмотреть файл

@ -2,9 +2,8 @@
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
NCDB=1 && MYCNFPW=1 && NC_UPDATE=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
NCDB=1 && NC_UPDATE=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset NC_UPDATE
unset MYCNFPW
unset NCDB
# Tech and Me © - 2018, https://www.techandme.se/
@ -28,24 +27,18 @@ is_process_running apt
is_process_running dpkg
# System Upgrade
if which mysql > /dev/null
then
apt-mark hold mariadb*
apt-mark hold mariadb-server-10.2*
fi
apt update -q4 & spinner_loading
export DEBIAN_FRONTEND=noninteractive ; apt dist-upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold"
if which mysql > /dev/null
then
apt-mark unhold mariadb*
apt-mark unhold mariadb-server-10.2*
echo
echo "If you want to upgrade MariaDB, please run 'sudo apt update && sudo apt dist-upgrade -y'"
sleep 2
# Update Redis PHP extention
if type pecl > /dev/null 2>&1
then
install_if_not php7.0-dev
echo "Trying to upgrade the Redis Pecl extenstion..."
yes no | pecl upgrade redis
service redis-server restart
service apache2 restart
fi
# Update Netdata
@ -126,6 +119,42 @@ else
exit 0
fi
# Upgrade Nextcloud
echo "Checking latest released version on the Nextcloud download server and if it's possible to download..."
if ! wget -q --show-progress -T 10 -t 2 "$NCREPO/$STABLEVERSION.tar.bz2"
then
msg_box "Nextcloud does not exist. You were looking for: $NCVERSION
Please check available versions here: $NCREPO"
exit 1
else
rm -f "$STABLEVERSION.tar.bz2"
fi
echo "Backing up files and upgrading to Nextcloud $NCVERSION in 10 seconds..."
echo "Press CTRL+C to abort."
sleep 10
# Backup PostgreSQL
if which psql > /dev/null
then
cd /tmp
if sudo -u postgres psql -c "SELECT 1 AS result FROM pg_database WHERE datname='$NCCONFIGDB'" | grep "1 row" > /dev/null
then
echo "Doing pgdump of $NCCONFIGDB..."
check_command sudo -u postgres pg_dump "$NCCONFIGDB" > "$BACKUP"/nextclouddb.sql
else
echo "Doing pgdump of all databases..."
check_command sudo -u postgres pg_dumpall > "$BACKUP"/alldatabases.sql
fi
fi
# If MariaDB then:
mariadb_backup() {
MYCNF=/root/.my.cnf
MARIADBMYCNFPASS=$(grep "password" $MYCNF | sed -n "/password/s/^password='\(.*\)'$/\1/p")
NCCONFIGDB=$(grep "dbname" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g")
NCCONFIGDBPASS=$(grep "dbpassword" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g")
# Path to specific files
# Make sure old instaces can upgrade as well
if [ ! -f "$MYCNF" ] && [ -f /var/mysql_password.txt ]
then
@ -149,32 +178,23 @@ then
exit 1
fi
if [ -z "$MARIADBMYCNFPASS" ]
# Backup MariaDB
if mysql -u root -p"$MARIADBMYCNFPASS" -e "SHOW DATABASES LIKE '$NCCONFIGDB'" > /dev/null
then
msg_box "Something went wrong with copying your mysql password to $MYCNF.
We wrote a guide on how to fix this. You can find the guide here:
https://www.techandme.se/reset-mysql-5-7-root-password/"
exit 1
echo "Doing mysqldump of $NCCONFIGDB..."
check_command mysqldump -u root -p"$MARIADBMYCNFPASS" -d "$NCCONFIGDB" > "$BACKUP"/nextclouddb.sql
else
rm -f /var/mysql_password.txt
echo "Doing mysqldump of all databases..."
check_command mysqldump -u root -p"$MARIADBMYCNFPASS" -d --all-databases > "$BACKUP"/alldatabases.sql
fi
}
# Upgrade Nextcloud
echo "Checking latest released version on the Nextcloud download server and if it's possible to download..."
if ! wget -q --show-progress -T 10 -t 2 "$NCREPO/$STABLEVERSION.tar.bz2"
# Do the actual backup
if which mysql > /dev/null
then
msg_box "Nextcloud does not exist. You were looking for: $NCVERSION
Please check available versions here: $NCREPO"
exit 1
else
rm -f "$STABLEVERSION.tar.bz2"
mariadb_backup
fi
echo "Backing up files and upgrading to Nextcloud $NCVERSION in 10 seconds..."
echo "Press CTRL+C to abort."
sleep 10
# Check if backup exists and move to old
echo "Backing up data..."
DATE=$(date +%Y-%m-%d-%H%M%S)
@ -205,16 +225,6 @@ else
printf "${Green}\nBackup OK!${Color_Off}\n"
fi
# Backup MARIADB
if mysql -u root -p"$MARIADBMYCNFPASS" -e "SHOW DATABASES LIKE '$NCCONFIGDB'" > /dev/null
then
echo "Doing mysqldump of $NCCONFIGDB..."
check_command mysqldump -u root -p"$MARIADBMYCNFPASS" -d "$NCCONFIGDB" > "$BACKUP"/nextclouddb.sql
else
echo "Doing mysqldump of all databases..."
check_command mysqldump -u root -p"$MARIADBMYCNFPASS" -d --all-databases > "$BACKUP"/alldatabases.sql
fi
# Download and validate Nextcloud package
check_command download_verify_nextcloud_stable

28
static/change_db_pass.sh Normal file
Просмотреть файл

@ -0,0 +1,28 @@
#!/bin/bash
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
NCDBPASS=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset NCDBPASS
# Tech and Me © - 2018, https://www.techandme.se/
# Check for errors + debug code and abort if something isn't right
# 1 = ON
# 0 = OFF
DEBUG=0
debug_mode
# Change PostgreSQL Password
cd /tmp
sudo -u www-data php "$NCPATH"/occ config:system:set dbpassword --value="$NEWPGPASS"
if [ "$(sudo -u postgres psql -c "ALTER USER $NCUSER WITH PASSWORD '$NEWPGPASS'";)" == "ALTER ROLE" ]
then
echo -e "${Green}Your new PosgreSQL Nextcloud password is: $NEWPGPASS${Color_Off}"
else
echo "Changing PostgreSQL Nextcloud password failed."
sed -i "s| 'dbpassword' =>.*| 'dbpassword' => '$NCCONFIGDBPASS',|g" /var/www/nextcloud/config/config.php
echo "Nothing is changed. Your old password is: $NCCONFIGDBPASS"
exit 1
fi

Просмотреть файл

@ -1,30 +0,0 @@
#!/bin/bash
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
MYCNFPW=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset MYCNFPW
# Tech and Me © - 2018, https://www.techandme.se/
# Check for errors + debug code and abort if something isn't right
# 1 = ON
# 0 = OFF
DEBUG=0
debug_mode
# Change MARIADB Password
if mysqladmin -u root -p"$MARIADBMYCNFPASS" password "$NEWMARIADBPASS" > /dev/null 2>&1
then
echo -e "${Green}Your new MARIADB root password is: $NEWMARIADBPASS${Color_Off}"
cat << LOGIN > "$MYCNF"
[client]
password='$NEWMARIADBPASS'
LOGIN
chmod 0600 $MYCNF
exit 0
else
echo "Changing MARIADB root password failed."
echo "Your old password is: $MARIADBMYCNFPASS"
exit 1
fi

126
static/format-sdb.sh Normal file
Просмотреть файл

@ -0,0 +1,126 @@
#!/bin/bash
# Tech and Me © - 2018, https://www.techandme.se/
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
# Check if root
root_check
# Check if ZFS utils are installed
install_if_not zfsutils-linux
LABEL_=ncdata
MOUNT_=/mnt/$LABEL_
format() {
# umount if mounted
umount /mnt/* &> /dev/null
# mkdir if not existing
mkdir -p "$MOUNT_"
# Check still not mounted
#These functions return exit codes: 0 = found, 1 = not found
isMounted() { findmnt -rno SOURCE,TARGET "$1" >/dev/null;} #path or device
isDevMounted() { findmnt -rno SOURCE "$1" >/dev/null;} #device only
isPathMounted() { findmnt -rno TARGET "$1" >/dev/null;} #path only
isDevPartOfZFS() { zpool status | grep "$1" >/dev/null;} #device memeber of a zpool
if isPathMounted "/mnt/ncdata"; #Spaces in path names are ok.
then
msg_box "/mnt/ncdata is mounted and need to be unmounted before you can run this script."
exit 1
fi
if isDevMounted "/dev/sdb";
then
msg_box "/dev/sdb is mounted and need to be unmounted before you can run this script."
exit 1
fi
#Universal:
if isMounted "/mnt/ncdata";
then
msg_box "/mnt/ncdata is mounted and need to be unmounted before you can run this script."
exit 1
fi
if isMounted "/dev/sdb1";
then
msg_box "/dev/sdb1 is mounted and need to be unmounted before you can run this script."
exit 1
fi
if isDevPartOfZFS "sdb";
then
msg_box "/dev/sdb is a member of a ZFS pool and needs to be removed from any zpool before you can run this script."
exit 1
fi
# Get the name of the drive
SDB=$(fdisk -l | grep sdb | awk '{print $2}' | cut -d ":" -f1 | head -1)
if [ "$SDB" != "/dev/sdb" ]
then
msg_box "It seems like /dev/sdb does not exist.
This script requires that you mount a second drive to hold the data.
Please shutdown the server and mount a second drive, then start this script again.
If you want help you can buy support in our shop:
https://shop.techandme.se/index.php/product/premium-support-per-30-minutes/"
exit 1
fi
if lsblk -l -n | grep -v mmcblk | grep disk | awk '{ print $1 }' | tail -1 > /dev/null
then
msg_box "Formatting $SDB when you hit OK.
*** WARNING: ALL YOUR DATA WILL BE ERASED! ***"
if zpool list | grep "$LABEL_" > /dev/null
then
check_command zpool destroy "$LABEL_"
fi
check_command wipefs -a -f "$SDB"
sleep 0.5
check_command zpool create -f -o ashift=12 "$LABEL_" "$SDB"
check_command zpool set failmode=continue "$LABEL_"
check_command zfs set mountpoint="$MOUNT_" "$LABEL_"
check_command zfs set compression=lz4 "$LABEL_"
check_command zfs set sync=standard "$LABEL_"
check_command zfs set xattr=sa "$LABEL_"
check_command zfs set primarycache=all "$LABEL_"
check_command zfs set atime=off "$LABEL_"
check_command zfs set recordsize=128k "$LABEL_"
check_command zfs set logbias=latency "$LABEL_"
else
msg_box "It seems like /dev/sdb does not exist.
This script requires that you mount a second drive to hold the data.
Please shutdown the server and mount a second drive, then start this script again.
If you want help you can buy support in our shop:
https://shop.techandme.se/index.php/product/premium-support-per-30-minutes/"
exit 1
fi
}
format
# Success!
if grep "$LABEL_" /etc/mtab
then
msg_box "$MOUNT_ mounted successfully as a ZFS volume.
Automatic scrubbing is done montly via a cronjob that you can find here:
/etc/cron.d/zfsutils-linux
CURRENT STATUS:
$(zpool status $LABEL_)
$(zpool list)"
fi

Просмотреть файл

@ -135,21 +135,21 @@
<p>Note: Webmin is installed when you run the setup script. To access Webmin externally you have to open port 10000 in your router.</p>
</div>
<h2>Access phpMyadmin</h2>
<h2>Access phpPGadmin</h2>
<div class="information">
<p>Use one of the following addresses, HTTPS is preffered:
<h3>
<ul>
<li><a href="http://<?=$_SERVER['SERVER_NAME'];?>/phpmyadmin">http://<?=$_SERVER['SERVER_NAME'];?></a> (HTTP)</li>
<li><a href="https://<?=$_SERVER['SERVER_NAME'];?>/phpmyadmin">https://<?=$_SERVER['SERVER_NAME'];?></a> (HTTPS)</li>
<li><a href="http://<?=$_SERVER['SERVER_NAME'];?>/phppgadmin">http://<?=$_SERVER['SERVER_NAME'];?></a> (HTTP)</li>
<li><a href="https://<?=$_SERVER['SERVER_NAME'];?>/phppgadmin">https://<?=$_SERVER['SERVER_NAME'];?></a> (HTTPS)</li>
</ul>
</h3>
<p>Note: Please accept the warning in the browser if you connect via HTTPS.</p>
<h3>
<a href="https://www.techandme.se/user-and-password-nextcloud/" target="_blank">Login details</a>
</h3>
<p>Note: Your external IP is set as approved in /etc/apache2/conf-available/phpmyadmin.conf, all other access is forbidden.</p>
<p>Note: Your LAN IP is set as approved in /etc/apache2/conf-available/phppgadmin.conf, all other access is forbidden.</p>
</div>
</body>
</html>

Просмотреть файл

@ -15,68 +15,44 @@ DEBUG=0
debug_mode
# Copy old interfaces file
msg_box "Copying old interfaces file to:
msg_box "Copying old netplan.io config file file to:
/tmp/interfaces.backup"
check_command cp -v /etc/network/interfaces /tmp/interfaces.backup
/tmp/01-netcfg.yaml_backup"
check_command cp -v /etc/netplan/01-netcfg.yaml /tmp/01-netcfg.yaml_backup
# Check if this is VMware:
install_if_not virt-what
if [ "$(virt-what)" == "vmware" ]
then
cat <<-IPCONFIG > "$INTERFACES"
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo $IFACE
iface lo inet loopback
# The primary network interface
iface $IFACE inet static
pre-up /sbin/ethtool -K $IFACE tso off
pre-up /sbin/ethtool -K $IFACE gso off
# Fixes https://github.com/nextcloud/vm/issues/92:
pre-up ip link set dev $IFACE mtu 1430
# Best practice is to change the static address
# to something outside your DHCP range.
address $ADDRESS
netmask $NETMASK
gateway $GATEWAY
# This is an autoconfigured IPv6 interface
# iface $IFACE inet6 auto
# Exit and save: [CTRL+X] + [Y] + [ENTER]
# Exit without saving: [CTRL+X]
network:
version: 2
renderer: networkd
ethernets:
$IFACE: #object name
dhcp4: no # dhcp v4 disable
dhcp6: no # dhcp v6 disable
addresses: [$ADDRESS/24] # client IP address
gateway4: $GATEWAY # gateway address
nameservers:
addresses: [$DNS1,$DNS2] #name servers
IPCONFIG
netplan apply
else
cat <<-IPCONFIGnonvmware > "$INTERFACES"
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo $IFACE
iface lo inet loopback
# The primary network interface
iface $IFACE inet static
# Fixes https://github.com/nextcloud/vm/issues/92:
pre-up ip link set dev $IFACE mtu 1430
# Best practice is to change the static address
# to something outside your DHCP range.
address $ADDRESS
netmask $NETMASK
gateway $GATEWAY
# This is an autoconfigured IPv6 interface
# iface $IFACE inet6 auto
# Exit and save: [CTRL+X] + [Y] + [ENTER]
# Exit without saving: [CTRL+X]
network:
version: 2
renderer: networkd
ethernets:
$IFACE: #object name
dhcp4: no # dhcp v4 disable
dhcp6: no # dhcp v6 disable
addresses: [$ADDRESS/24] # client IP address
gateway4: $GATEWAY # gateway address
nameservers:
addresses: [$DNS1,$DNS2] #name servers
IPCONFIGnonvmware
netplan apply
fi
exit 0

Просмотреть файл

@ -5,7 +5,8 @@
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
FIRST_IFACE=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset FIRST_IFACE
# Check for errors + debug code and abort if something isn't right
# 1 = ON
@ -14,68 +15,44 @@ DEBUG=0
debug_mode
# Copy old interfaces file
msg_box "Copying old interfaces file to:
msg_box "Copying old netplan.io config file file to:
/tmp/interfaces.backup2"
check_command cp -v /etc/network/interfaces /tmp/interfaces.backup2
/tmp/01-netcfg.yaml_backup2"
check_command cp -v /etc/netplan/01-netcfg.yaml /tmp/01-netcfg.yaml_backup2
# Check if this is VMware:
install_if_not virt-what
if [ "$(virt-what)" == "vmware" ]
then
cat <<-IPCONFIG > "$INTERFACES"
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo $IFACE2
iface lo inet loopback
# The primary network interface
iface $IFACE2 inet static
pre-up /sbin/ethtool -K $IFACE2 tso off
pre-up /sbin/ethtool -K $IFACE2 gso off
# Fixes https://github.com/nextcloud/vm/issues/92:
pre-up ip link set dev $IFACE2 mtu 1430
# Best practice is to change the static address
# to something outside your DHCP range.
address $ADDRESS
netmask $NETMASK
gateway $GATEWAY
# This is an autoconfigured IPv6 interface
# iface $IFACE2 inet6 auto
# Exit and save: [CTRL+X] + [Y] + [ENTER]
# Exit without saving: [CTRL+X]
network:
version: 2
renderer: networkd
ethernets:
$IFACE2: #object name
dhcp4: no # dhcp v4 disable
dhcp6: no # dhcp v6 disable
addresses: [$ADDRESS/24] # client IP address
gateway4: $GATEWAY # gateway address
nameservers:
addresses: [$DNS1,$DNS2] #name servers
IPCONFIG
netplan apply
else
cat <<-IPCONFIGnonvmware > "$INTERFACES"
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo $IFACE2
iface lo inet loopback
# The primary network interface
iface $IFACE2 inet static
# Fixes https://github.com/nextcloud/vm/issues/92:
pre-up ip link set dev $IFACE2 mtu 1430
# Best practice is to change the static address
# to something outside your DHCP range.
address $ADDRESS
netmask $NETMASK
gateway $GATEWAY
# This is an autoconfigured IPv6 interface
# iface $IFACE2 inet6 auto
# Exit and save: [CTRL+X] + [Y] + [ENTER]
# Exit without saving: [CTRL+X]
network:
version: 2
renderer: networkd
ethernets:
$IFACE2: #object name
dhcp4: no # dhcp v4 disable
dhcp6: no # dhcp v6 disable
addresses: [$ADDRESS/24] # client IP address
gateway4: $GATEWAY # gateway address
nameservers:
addresses: [$DNS1,$DNS2] #name servers
IPCONFIGnonvmware
netplan apply
fi
exit 0

Просмотреть файл

@ -1,238 +0,0 @@
#!/bin/bash
# shellcheck disable=2034,2059
true
# shellcheck source=lib.sh
MYCNFPW=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
unset MYCNFPW
# Check for errors + debug code and abort if something isn't right
# 1 = ON
# 0 = OFF
DEBUG=0
debug_mode
# Check if root
if ! is_root
then
printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash %s/nextcloud_install_production.sh\n" "$SCRIPTS"
exit 1
fi
/bin/cat <<WRITENEW >"$ETCMYCNF"
# MariaDB database server configuration file.
#
# You can copy this file to one of:
# - "/etc/mysql/my.cnf" to set global options,
# - "~/.my.cnf" to set user-specific options.
#
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.
#
# For explanations see
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
# This will be passed to all mysql clients
# It has been reported that passwords should be enclosed with ticks/quotes
# escpecially if they contain "#" chars...
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
# Here is entries for some specific programs
# The following values assume you have at least 32M ram
# This was formally known as [safe_mysqld]. Both versions are currently parsed.
[mysqld_safe]
socket = /var/run/mysqld/mysqld.sock
nice = 0
[mysqld]
#
# * Basic Settings
#
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc_messages_dir = /usr/share/mysql
lc_messages = en_US
skip-external-locking
transaction-isolation = READ-COMMITTED
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address = 127.0.0.1
#
# * Fine Tuning
#
max_connections = 100
connect_timeout = 5
wait_timeout = 600
max_allowed_packet = 16M
thread_cache_size = 128
sort_buffer_size = 4M
bulk_insert_buffer_size = 16M
tmp_table_size = 32M
max_heap_table_size = 32M
#
# * MyISAM
#
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched. On error, make copy and try a repair.
myisam_recover_options = BACKUP
key_buffer_size = 128M
#open-files-limit = 2000
table_open_cache = 400
myisam_sort_buffer_size = 512M
concurrent_insert = 2
read_buffer_size = 2M
read_rnd_buffer_size = 1M
#
# * Query Cache Configuration
#
# Cache only tiny result sets, so we can fit more in the query cache.
query_cache_limit = 128K
query_cache_size = 64M
# for more write intensive setups, set to DEMAND or OFF
#query_cache_type = DEMAND
#
# * Logging and Replication
#
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
# As of 5.1 you can enable the log at runtime!
#general_log_file = /var/log/mysql/mysql.log
#general_log = 1
#
# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.
#
# we do want to know about network errors and such
log_warnings = 2
#
# Enable the slow query log to see queries with especially long duration
#slow_query_log[={0|1}]
slow_query_log_file = /var/log/mysql/mariadb-slow.log
long_query_time = 10
#log_slow_rate_limit = 1000
log_slow_verbosity = query_plan
#log-queries-not-using-indexes
#log_slow_admin_statements
#
# The following can be used as easy to replay backup logs or for replication.
# note: if you are setting up a replication slave, see README.Debian about
# other settings you may need to change.
#server-id = 1
#report_host = master1
#auto_increment_increment = 2
#auto_increment_offset = 1
log_bin = /var/log/mysql/mariadb-bin
log_bin_index = /var/log/mysql/mariadb-bin.index
# not fab for performance, but safer
#sync_binlog = 1
expire_logs_days = 10
max_binlog_size = 100M
# slaves
#relay_log = /var/log/mysql/relay-bin
#relay_log_index = /var/log/mysql/relay-bin.index
#relay_log_info_file = /var/log/mysql/relay-bin.info
#log_slave_updates
#read_only
#
# If applications support it, this stricter sql_mode prevents some
# mistakes like inserting invalid dates etc.
#sql_mode = NO_ENGINE_SUBSTITUTION,TRADITIONAL
#
# * InnoDB
#
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
# Read the manual for more InnoDB related options. There are many!
default_storage_engine = InnoDB
# you can't just change log file size, requires special procedure
#innodb_log_file_size = 50M
innodb_buffer_pool_size = 256M
innodb_log_buffer_size = 8M
innodb_file_per_table = 1
innodb_open_files = 400
innodb_io_capacity = 400
innodb_flush_method = O_DIRECT
innodb_flush_neighbors = 0
innodb_adaptive_flushing = 1
innodb_max_dirty_pages_pct = 0
innodb_fast_shutdown = 1
innodb_large_prefix=on
innodb_file_format = barracuda
innodb_doublewrite = 0
init-connect='SET NAMES utf8mb4'
collation_server=utf8mb4_unicode_ci
character_set_server = utf8mb4
skip-character-set-client-handshake
innodb_use_native_aio = 1
#
# * Security Features
#
# Read the manual, too, if you want chroot!
# chroot = /var/lib/mysql/
#
# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
#
# ssl-ca=/etc/mysql/cacert.pem
# ssl-cert=/etc/mysql/server-cert.pem
# ssl-key=/etc/mysql/server-key.pem
#
# * Galera-related settings
#
[galera]
# Mandatory settings
#wsrep_on=ON
#wsrep_provider=
#wsrep_cluster_address=
#binlog_format=row
#default_storage_engine=InnoDB
#innodb_autoinc_lock_mode=2
#
# Allow server to accept connections on all interfaces.
#
#bind-address=0.0.0.0
#
# Optional setting
#wsrep_slave_threads=1
innodb_flush_log_at_trx_commit=1
[mysqldump]
quick
quote-names
max_allowed_packet = 16M
[mysql]
default-character-set = utf8mb4
#no-auto-rehash # faster start of mysql but no tab completion
[mariadb]
innodb_use_fallocate = 1
innodb_use_atomic_writes = 1
innodb_use_trim = 1
[isamchk]
key_buffer = 16M
#
# * IMPORTANT: Additional settings that can override those from this file!
# The files must end with '.cnf', otherwise they'll be ignored.
#
!includedir /etc/mysql/conf.d/
WRITENEW
# Restart MariaDB
mysqladmin -u root -p"$MARIADBMYCNFPASS" shutdown --force & spinner_loading
wait
check_command systemctl restart mariadb & spinner_loading
exit

Просмотреть файл

@ -16,19 +16,7 @@ debug_mode
root_check
# Check Ubuntu version
echo "Checking server OS and version..."
if [ "$OS" != 1 ]
then
echo "Ubuntu Server is required to run this script."
echo "Please install that distro and try again."
exit 1
fi
if ! version 16.04 "$DISTRO" 16.04.4; then
echo "Ubuntu version $DISTRO must be between 16.04 - 16.04.4"
exit
fi
check_distro_version
# Check if dir exists
if [ ! -d $SCRIPTS ]
@ -36,40 +24,18 @@ then
mkdir -p $SCRIPTS
fi
# Get packages to be able to install Redis
apt update -q4 & spinner_loading
sudo apt install -q -y \
build-essential \
tcl8.5 \
php7.0-dev \
php-pear
# Install Redis
install_if_not php-redis
install_if_not redis-server
# Install PHPmodule
if ! yes '' | pecl install -Z redis
then
msg_box "PHP module installation failed"
exit 1
else
printf "${Green}\nPHP module installation OK!${Color_Off}\n"
fi
# Set globally doesn't work for some reason
# touch /etc/php/7.0/mods-available/redis.ini
# echo 'extension=redis.so' > /etc/php/7.0/mods-available/redis.ini
# phpenmod redis
# Setting direct to apache2 works if 'libapache2-mod-php7.0' is installed
echo 'extension=redis.so' >> /etc/php/7.0/apache2/php.ini
echo 'extension=redis.so' >> /etc/php/7.2/apache2/php.ini
service apache2 restart
# Install Redis
if ! apt -y install redis-server
then
msg_box "Installation failed."
exit 1
else
printf "${Green}\nRedis installation OK!${Color_Off}\n"
fi
# Prepare for adding redis configuration
sed -i "s|);||g" $NCPATH/config/config.php
@ -83,7 +49,7 @@ cat <<ADD_TO_CONFIG >> $NCPATH/config/config.php
array (
'host' => '$REDIS_SOCK',
'port' => 0,
'timeout' => 0,
'timeout' => 0.5,
'dbindex' => 0,
'password' => '$REDIS_PASS',
),
@ -120,11 +86,6 @@ redis-cli SHUTDOWN
chown redis:root /etc/redis/redis.conf
chmod 600 /etc/redis/redis.conf
# Cleanup
apt purge -y \
git \
build-essential*
apt update -q4 & spinner_loading
apt autoremove -y
apt autoclean

Просмотреть файл

@ -26,10 +26,7 @@ Write this down, you will need it to set static IP
in your router later. It's included in this guide:
https://www.techandme.se/open-port-80-443/ (step 1 - 5)"
ifdown "$IFACE"
wait
ifup "$IFACE"
wait
test_connection
bash "$SCRIPTS/ip.sh"
if [ -z "$IFACE" ]
then
@ -38,40 +35,31 @@ https://www.techandme.se/open-port-80-443/ (step 1 - 5)"
bash "$SCRIPTS/ip2.sh"
rm -f "$SCRIPTS/ip2.sh"
fi
ifdown "$IFACE"
wait
ifup "$IFACE"
wait
echo
echo "Testing if network is OK..."
echo
CONTEST=$(bash $SCRIPTS/test_connection.sh)
if [ "$CONTEST" == "Connected!" ]
if network_ok
then
# Connected!
printf "${Green}Connected!${Color_Off}\n"
sleep 1
msg_box "We have now set $ADDRESS as your static IP.
If you want to change it later then just edit the interfaces file:
sudo nano /etc/network/interfaces
If you want to change it later then just edit the netplan.io YAML file:
sudo nano /etc/netplan/01-netcfg.yaml
If you experience any bugs, please report it here:
$ISSUES"
else
# Not connected!
printf "${Red}Not Connected${Color_Off}\nYou should change your settings manually in the next step.\n"
any_key "Press any key to open /etc/network/interfaces..."
nano /etc/network/interfaces
service networking restart
clear
echo "Testing if network is OK..."
ifdown "$IFACE"
wait
ifup "$IFACE"
wait
bash "$SCRIPTS/test_connection.sh"
wait
msg_box "Not Connected!
You should change your settings manually in the next step.
Check this site for instructions on how to do it:
https://netplan.io/examples
We will put a example config for you when you hit OK, but please check the site to change it to your own values."
any_key "Press any key to open /etc/netplan/01-netcfg.yaml..."
nano /etc/netplan/01-netcfg.yaml
netplan apply
test_connection
fi
else
echo "OK, then we will not set a static IP as your VPS provider already have setup the network for you..."