API tools faq
paste
hjaltiatlason

Automated Nextcloud install - Ubuntu

hjaltiatlason
May 14th, 2020
170
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 6.19 KB | None | 0 0
raw download clone embed print report
  1. #Automated Nextcloud install - Ubuntu  nginx+PHP7.4 (need to connect to a external DB)
  2.  
  3. #!/bin/bash
  4. sudo apt update -y && sudo apt upgrade -y
  5.  
  6. #Install nginx
  7. sudo apt install nginx -y
  8. sudo systemctl start nginx
  9. sudo systemctl enable nginx
  10. sudo chown www-data:www-data /usr/share/nginx/html -R
  11.  
  12.  
  13. #install Install PHP7.4 (might need to change version from 7.4 in the future)
  14. sudo apt install php7.4 php7.4-fpm php7.4-mysql php-common php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-readline php7.4-mbstring php7.4-xml php7.4-gd php7.4-curl -y
  15. sudo systemctl start php7.4-fpm
  16. sudo systemctl enable php7.4-fpm
  17.  
  18. #Create a Nginx Server Block and remove the default sites enabled one (might need to change version from 7.4 in the future)
  19.  
  20. sudo touch /etc/nginx/conf.d/default.conf
  21.  
  22. var="server {
  23.  listen 80;
  24.  listen [::]:80;
  25.  server_name _;
  26.  root /usr/share/nginx/html/;
  27.  index index.php index.html index.htm index.nginx-debian.html;
  28.  
  29.  location / {
  30.    try_files $uri $uri/ /index.php;
  31.  }
  32.  
  33.  location ~ \.php$ {
  34.    fastcgi_pass unix:/run/php/php7.4-fpm.sock;
  35.    fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
  36.    include fastcgi_params;
  37.    include snippets/fastcgi-php.conf;
  38.  }
  39.  
  40.  
  41. # A long browser cache lifetime can speed up repeat visits to your page
  42.  location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
  43.       access_log        off;
  44.       log_not_found     off;
  45.       expires           360d;
  46.  }
  47.  
  48.  # disable access to hidden files
  49.  location ~ /\.ht {
  50.      access_log off;
  51.      log_not_found off;
  52.      deny all;
  53.  }
  54. }";
  55.  
  56. destdir=/etc/nginx/conf.d/default.conf
  57.  
  58. if [ -f "$destdir" ]
  59. then
  60.     echo "$var" > "$destdir"
  61. fi
  62.  
  63. #reload nginx
  64. sudo systemctl reload nginx
  65.  
  66. #Download Nextcloud
  67. wget https://download.nextcloud.com/server/releases/latest.zip
  68. sudo apt install unzip -y
  69. sudo unzip latest.zip -d /usr/share/nginx/
  70. sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R
  71.  
  72.  
  73. #Create a Nginx Config File for Nextcloud (change to correct domain name in the future)
  74. sudo touch /etc/nginx/conf.d/nextcloud.conf
  75.  
  76.  
  77. var="server {
  78.    listen 80;
  79.    listen [::]:80;
  80.    server_name nextcloud.home;
  81.  
  82.    # Add headers to serve security related headers
  83.    add_header X-Content-Type-Options nosniff;
  84.    add_header X-XSS-Protection \"1; mode=block\";
  85.    add_header X-Robots-Tag none;
  86.    add_header X-Download-Options noopen;
  87.    add_header X-Permitted-Cross-Domain-Policies none;
  88.    add_header Referrer-Policy no-referrer;
  89.  
  90.    #I found this header is needed on Ubuntu, but not on Arch Linux.
  91.    add_header X-Frame-Options \"SAMEORIGIN\";
  92.  
  93.    # Path to the root of your installation
  94.    root /usr/share/nginx/nextcloud/;
  95.  
  96.    access_log /var/log/nginx/nextcloud.access;
  97.    error_log /var/log/nginx/nextcloud.error;
  98.  
  99.    location = /robots.txt {
  100.        allow all;
  101.        log_not_found off;
  102.        access_log off;
  103.    }
  104.  
  105.    # The following 2 rules are only needed for the user_webfinger app.
  106.    # Uncomment it if you're planning to use this app.
  107.    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
  108.    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
  109.    # last;
  110.  
  111.    location = /.well-known/carddav {
  112.        return 301 \$scheme://\$host/remote.php/dav;
  113.    }
  114.    location = /.well-known/caldav {
  115.       return 301 \$scheme://\$host/remote.php/dav;
  116.    }
  117.  
  118.    location ~ /.well-known/acme-challenge {
  119.      allow all;
  120.    }
  121.  
  122.    # set max upload size
  123.    client_max_body_size 512M;
  124.    fastcgi_buffers 64 4K;
  125.  
  126.    # Disable gzip to avoid the removal of the ETag header
  127.    gzip off;
  128.  
  129.    # Uncomment if your server is build with the ngx_pagespeed module
  130.    # This module is currently not supported.
  131.    #pagespeed off;
  132.  
  133.    error_page 403 /core/templates/403.php;
  134.    error_page 404 /core/templates/404.php;
  135.  
  136.    location / {
  137.       rewrite ^ /index.php;
  138.    }
  139.  
  140.    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
  141.       deny all;
  142.    }
  143.    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
  144.       deny all;
  145.     }
  146.  
  147.    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
  148.       include fastcgi_params;
  149.       fastcgi_split_path_info ^(.+\.php)(/.*)$;
  150.       try_files \$fastcgi_script_name =404;
  151.       fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
  152.       fastcgi_param PATH_INFO \$fastcgi_path_info;
  153.       #Avoid sending the security headers twice
  154.       fastcgi_param modHeadersAvailable true;
  155.       fastcgi_param front_controller_active true;
  156.       fastcgi_pass unix:/run/php/php7.4-fpm.sock;
  157.       fastcgi_intercept_errors on;
  158.       fastcgi_request_buffering off;
  159.    }
  160.  
  161.    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
  162.       try_files \$uri/ =404;
  163.       index index.php;
  164.    }
  165.  
  166.    # Adding the cache control header for js and css files
  167.    # Make sure it is BELOW the PHP block
  168.    location ~* \.(?:css|js)$ {
  169.        try_files \$uri /index.php\$uri\$is_args\$args;
  170.        add_header Cache-Control \"public, max-age=7200\";
  171.        # Add headers to serve security related headers (It is intended to
  172.        # have those duplicated to the ones above)
  173.        add_header X-Content-Type-Options nosniff;
  174.        add_header X-XSS-Protection \"1; mode=block\";
  175.        add_header X-Robots-Tag none;
  176.        add_header X-Download-Options noopen;
  177.        add_header X-Permitted-Cross-Domain-Policies none;
  178.        add_header Referrer-Policy no-referrer;
  179.        # Optional: Don't log access to assets
  180.        access_log off;
  181.   }
  182.  
  183.   location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
  184.        try_files \$uri /index.php\$uri\$is_args\$args;
  185.        # Optional: Don't log access to other assets
  186.        access_log off;
  187.   }
  188. }";
  189.  
  190. destdir=/etc/nginx/conf.d/nextcloud.conf
  191.  
  192. if [ -f "$destdir" ]
  193. then
  194.     echo "$var" > "$destdir"
  195. fi
  196.  
  197.  
  198. #Reload nginx
  199. sudo systemctl reload nginx
  200.  
  201. # Install and Enable PHP Modules
  202. sudo apt install php-imagick php7.4-common php7.4-mysql php7.4-fpm php7.4-gd php7.4-json php7.4-curl  php7.4-zip php7.4-xml php7.4-mbstring php7.4-bz2 php7.4-intl
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!