forksand-it-manual/source/resources/apps/nextcloud/forksand-nextcloud-setup

#!/bin/bash
# forksand-nextcloud-setup

exit 0

# On cloud.forksand.com, the main nextcloud webserver, as root:
apt-get update
apt-get -y install apache2
cd /etc ; git add . ; git commit -a -m 'install apache2'

apt-get -y install mariadb-client libapache2-mod-php7.0 php7.0-xml php7.0 php7.0-cgi php7.0-cli php7.0-gd php7.0-curl php7.0-zip php7.0-mysql php7.0-mbstring wget unzip
cd /etc ; git add . ; git commit -a -m 'install php'

apt-get -y install php7.0-bz2 php7.0-intl php7.0-mcrypt php-imagick php-apcu
cd /etc ; git add . ; git commit -a -m 'install php optional modules'

apt-get -y install -t stretch-backports libreoffice ffmpeg
cd /etc ; git add . ; git commit -a -m 'install optional nextcloud tools from backports'

# Install Nextcloud...
wget https://download.nextcloud.com/server/releases/nextcloud-13.0.4.tar.bz2
wget https://download.nextcloud.com/server/releases/nextcloud-13.0.4.tar.bz2.sha256
sha256sum  -c nextcloud-13.0.4.tar.bz2.sha256 < nextcloud-13.0.4.tar.bz2
wget https://download.nextcloud.com/server/releases/nextcloud-13.0.4.tar.bz2.asc
wget https://nextcloud.com/nextcloud.asc
gpg --import nextcloud.asc
gpg --verify nextcloud-13.0.4.tar.bz2.asc nextcloud-13.0.4.tar.bz2

tar xf nextcloud-13.0.4.tar.bz2

echo cloud.forksand.com > /var/www/html/index.html
mv nextcloud /var/www/html/
chown -R www-data:www-data /var/www/html/nextcloud

# XXX just temporary
chown www-data:www-data /var/www/html/nextcloud/config/config.php
sudo -u www-data php /var/www/html/nextcloud/occ maintenance:update:htaccess


cat >> /etc/apache2/sites-available/nextcloud.conf <<EOF
# Add:
<VirtualHost *:80>
ServerAdmin webmaster@forksand.com
DocumentRoot "/var/www/html/nextcloud"
ServerName cloud.forksand.com
<Directory "/var/www/html/nextcloud/">
Options MultiViews FollowSymlinks

AllowOverride All
Order allow,deny
Allow from all
</Directory>
TransferLog /var/log/apache2/nextcloud_access.log
ErrorLog /var/log/apache2/nextcloud_error.log
</VirtualHost>
EOF

a2dissite 000-default
a2enmod rewrite
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime

# Set up Nextcloud config.php from config.sample.php
mkdir -p /srv/nextcloud/data
chown -R www-data:www-data /srv/nextcloud

mkdir /srv/nextcloud/tmp
chown www-data:www-data /srv/nextcloud/tmp
#chmod o-rwx /srv/nextcloud/tmp

touch /var/log/nextcloud.log
chown www-data:www-data /var/log/nextcloud.log

cd /etc/apache2/sites-enabled
ln -s ../sites-available/nextcloud.conf .

systemctl enable apache2
systemctl restart apache2

# XXX optional module for performance, use 1 of php- module: apcu memcached redis


# Run Nextcloud installer
cd /var/www/html/nextcloud/
sudo -u www-data php occ  maintenance:install --database "mysql" --database-name "nextcloud"  --database-user "nextcloud" --database-pass "password" --database-host "10.42.1.171" --admin-user "admin" --admin-pass "password"

sudo -u www-data php /var/www/html/nextcloud/occ maintenance:update:htaccess

a2enmod ssl
a2ensite default-ssl
service apache2 reload

############
# Database #
############
# Set up on all sql1 sql2 sql3 sql4:
cd /etc/mysql
vim my.conf

# add:
# Under: [mysqld]
# XXX MAYBE NOT WITH GALERA ?
#innodb_large_prefix=on
#innodb_file_format=barracuda
# XXX not used

# On sql1
mysql -u root -p

# In database:
CREATE DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
CREATE USER 'nextcloud'@'10.42.1.130' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'10.42.1.130';
FLUSH PRIVILEGES;

# Set up firewall

# XXX set up postfix, or mail relay
apt-get install postfix
# Internet Site, cloud.forksand.com

# XXX add everywhere
apt install haveged

# Letsencrypt
apt-get install letsencrypt python-certbot-apache

certbot --authenticator standalone --installer apache   -d cloud.forksand.com --email certbot@forksand.com --pre-hook "service apache2 stop" --post-hook "service apache2 start"

rm /etc/apache2/sites-enabled/default-ssl.conf 

service apache2 restart


#########################
apt-get -y install pbzip2

# Backup DB: