Nextcloud install, setup scriptlets

source/resources/apps/mariadb-cluster/forksand-mysql-backup

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -x
+
+NOW=$( date +%Y%m%d%H%M )
+mkdir -p /BACKUPS/$NOW
+
+mysqldump								\
+	--host=10.42.1.171						\
+	--user=nextcloud						\
+	--all-databases							\
+	--password=`grep dbpass /var/www/html/nextcloud/config/config.php |cut -f 4 -d "'"`	|
+	pbzip2 > /BACKUPS/$NOW/mysql-`hostname`-$NOW.sql.bz2
+

source/resources/apps/nextcloud/config.php

@@ -0,0 +1,108 @@
+<?php
+$CONFIG = array (
+
+'trusted_domains' =>
+  array (
+    'localhost',
+    'cloud.forksand.com',
+    'cloud.forksand.com:443',
+  ),
+  'datadirectory' => '/srv/nextcloud/data',
+  'dbtype' => 'mysql',
+  'dbhost' => '10.42.1.171',
+  'dbname' => 'nextcloud',
+  'dbuser' => 'nextcloud',
+  'dbpassword' => 'password',
+  'dbtableprefix' => 'oc_',
+  'default_language' => 'en',
+  'defaultapp' => 'files',
+  'knowledgebaseenabled' => true,
+  'allow_user_to_change_display_name' => true,
+  'remember_login_cookie_lifetime' => 1296000,
+  'session_lifetime' => 86400,
+  'session_keepalive' => true,
+  'token_auth_enforced' => false,
+  'auth.bruteforce.protection.enabled' => true,
+  'skeletondirectory' => '',
+  'mail_domain' => 'cloud.forksand.com',
+  'mail_from_address' => 'cloud',
+  'mail_smtpdebug' => false,
+  'mail_smtpmode' => 'smtp',
+  'mail_smtphost' => '127.0.0.1',
+  'mail_smtpport' => 25,
+  'mail_smtptimeout' => 10,
+  'mail_smtpsecure' => '',
+  'mail_smtpauth' => false,
+  'mail_template_class' => '\\OC\\Mail\\EMailTemplate',
+  'mail_send_plaintext_only' => false,
+#  'overwrite.cli.url' => 'https://cloud.forksand.com/nextcloud',
+#  'htaccess.RewriteBase' => '/nextcloud',
+  'overwrite.cli.url' => 'https://cloud.forksand.com/',
+  'htaccess.RewriteBase' => '/',
+  'appcodechecker' => true,
+  'updatechecker' => true,
+  'updater.release.channel' => 'stable',
+  'check_for_working_wellknown_setup' => true,
+  'check_for_working_htaccess' => true,
+  'check_data_directory_permissions' => true,
+  'config_is_read_only' => false,
+  'log_type' => 'file',
+  'logfile' => '/var/log/nextcloud.log',
+  'loglevel' => 9,
+  'logtimezone' => 'America/Denver',
+  'log_query' => false,
+  'log_rotate_size' => 104857600,
+  'appstoreenabled' => true,
+  'apps_paths' => 
+  array (
+    0 => 
+    array (
+      'path' => '/var/www/html/nextcloud/apps',
+      'url' => '/apps',
+      'writable' => true,
+    ),
+  ),
+  'enable_previews' => true,
+  'preview_max_x' => 4096,
+  'preview_max_y' => 4096,
+  'preview_max_filesize_image' => 50,
+  'preview_libreoffice_path' => '/usr/bin/libreoffice',
+  'enabledPreviewProviders' => 
+  array (
+    0 => 'OC\\Preview\\Movie',
+    1 => 'OC\\Preview\\OpenDocument',
+    2 => 'OC\\Preview\\PDF',
+    3 => 'OC\\Preview\\Postscript',
+    4 => 'OC\\Preview\\SVG',
+    5 => 'OC\\Preview\\TIFF',
+    6 => 'OC\\Preview\\Font',
+    7 => 'OC\\Preview\\PNG',
+    8 => 'OC\\Preview\\JPEG',
+    9 => 'OC\\Preview\\GIF',
+    10 => 'OC\\Preview\\BMP',
+    11 => 'OC\\Preview\\XBitmap',
+    12 => 'OC\\Preview\\MP3',
+    13 => 'OC\\Preview\\TXT',
+    14 => 'OC\\Preview\\MarkDown',
+  ),
+  'memcache.local' => '\\OC\\Memcache\\APCu',
+  'cache_chunk_gc_ttl' => 86400,
+  'mysql.utf8mb4' => true,
+  'tempdirectory' => '/srv/nextcloud/tmp',
+  'hashingCost' => 10,
+  'blacklisted_files' => 
+  array (
+    0 => '.htaccess',
+  ),
+  'share_folder' => '/',
+  'cipher' => 'AES-256-CFB',
+  'filesystem_check_changes' => 1,
+  'filelocking.enabled' => true,
+  'filelocking.ttl' => 3600,
+  'passwordsalt' => '',
+  'secret' => '',
+  'version' => '13.0.4.0',
+  'dbport' => '',
+  'installed' => true,
+  'instanceid' => '',
+);

source/resources/apps/nextcloud/forksand-nextcloud-setup

@@ -0,0 +1,141 @@
+#!/bin/bash
+# forksand-nextcloud-setup
+
+exit 0
+
+# On cloud.forksand.com, the main nextcloud webserver, as root:
+apt-get update
+apt-get -y install apache2
+cd /etc ; git add . ; git commit -a -m 'install apache2'
+
+apt-get -y install mariadb-client libapache2-mod-php7.0 php7.0-xml php7.0 php7.0-cgi php7.0-cli php7.0-gd php7.0-curl php7.0-zip php7.0-mysql php7.0-mbstring wget unzip
+cd /etc ; git add . ; git commit -a -m 'install php'
+
+apt-get -y install php7.0-bz2 php7.0-intl php7.0-mcrypt php-imagick php-apcu
+cd /etc ; git add . ; git commit -a -m 'install php optional modules'
+
+apt-get -y install -t stretch-backports libreoffice ffmpeg
+cd /etc ; git add . ; git commit -a -m 'install optional nextcloud tools from backports'
+
+# Install Nextcloud...
+wget https://download.nextcloud.com/server/releases/nextcloud-13.0.4.tar.bz2
+wget https://download.nextcloud.com/server/releases/nextcloud-13.0.4.tar.bz2.sha256
+sha256sum  -c nextcloud-13.0.4.tar.bz2.sha256 < nextcloud-13.0.4.tar.bz2
+wget https://download.nextcloud.com/server/releases/nextcloud-13.0.4.tar.bz2.asc
+wget https://nextcloud.com/nextcloud.asc
+gpg --import nextcloud.asc
+gpg --verify nextcloud-13.0.4.tar.bz2.asc nextcloud-13.0.4.tar.bz2
+
+tar xf nextcloud-13.0.4.tar.bz2
+
+echo cloud.forksand.com > /var/www/html/index.html
+mv nextcloud /var/www/html/
+chown -R www-data:www-data /var/www/html/nextcloud
+
+# XXX just temporary
+chown www-data:www-data /var/www/html/nextcloud/config/config.php
+sudo -u www-data php /var/www/html/nextcloud/occ maintenance:update:htaccess
+
+
+cat >> /etc/apache2/sites-available/nextcloud.conf <<EOF
+# Add:
+<VirtualHost *:80>
+ServerAdmin webmaster@forksand.com
+DocumentRoot "/var/www/html/nextcloud"
+ServerName cloud.forksand.com
+<Directory "/var/www/html/nextcloud/">
+Options MultiViews FollowSymlinks
+
+AllowOverride All
+Order allow,deny
+Allow from all
+</Directory>
+TransferLog /var/log/apache2/nextcloud_access.log
+ErrorLog /var/log/apache2/nextcloud_error.log
+</VirtualHost>
+EOF
+
+a2dissite 000-default
+a2enmod rewrite
+a2enmod headers
+a2enmod env
+a2enmod dir
+a2enmod mime
+
+# Set up Nextcloud config.php from config.sample.php
+mkdir -p /srv/nextcloud/data
+chown -R www-data:www-data /srv/nextcloud
+
+mkdir /srv/nextcloud/tmp
+chown www-data:www-data /srv/nextcloud/tmp
+#chmod o-rwx /srv/nextcloud/tmp
+
+touch /var/log/nextcloud.log
+chown www-data:www-data /var/log/nextcloud.log
+
+cd /etc/apache2/sites-enabled
+ln -s ../sites-available/nextcloud.conf .
+
+systemctl enable apache2
+systemctl restart apache2
+
+# XXX optional module for performance, use 1 of php- module: apcu memcached redis
+
+
+# Run Nextcloud installer
+cd /var/www/html/nextcloud/
+sudo -u www-data php occ  maintenance:install --database "mysql" --database-name "nextcloud"  --database-user "nextcloud" --database-pass "password" --database-host "10.42.1.171" --admin-user "admin" --admin-pass "password"
+
+sudo -u www-data php /var/www/html/nextcloud/occ maintenance:update:htaccess
+
+a2enmod ssl
+a2ensite default-ssl
+service apache2 reload
+
+############
+# Database #
+############
+# Set up on all sql1 sql2 sql3 sql4:
+cd /etc/mysql
+vim my.conf
+
+# add:
+# Under: [mysqld]
+# XXX MAYBE NOT WITH GALERA ?
+#innodb_large_prefix=on
+#innodb_file_format=barracuda
+# XXX not used
+
+# On sql1
+mysql -u root -p
+
+# In database:
+CREATE DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
+CREATE USER 'nextcloud'@'10.42.1.130' IDENTIFIED BY 'password';
+GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'10.42.1.130';
+FLUSH PRIVILEGES;
+
+# Set up firewall
+
+# XXX set up postfix, or mail relay
+apt-get install postfix
+# Internet Site, cloud.forksand.com
+
+# XXX add everywhere
+apt install haveged
+
+# Letsencrypt
+apt-get install letsencrypt python-certbot-apache
+
+certbot --authenticator standalone --installer apache   -d cloud.forksand.com --email certbot@forksand.com --pre-hook "service apache2 stop" --post-hook "service apache2 start"
+
+rm /etc/apache2/sites-enabled/default-ssl.conf 
+
+service apache2 restart
+
+
+#########################
+apt-get -y install pbzip2
+
+# Backup DB:
+