#!/bin/bash # version_greater A B returns whether A > B version_greater() { [ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ] } # return true if specified directory is empty directory_empty() { [ -z "$(ls -A "$1/")" ] } echo "Configuring Redis as session handler..." cat << REDIS_CONF > /usr/local/etc/php/conf.d/redis-session.ini session.save_handler = redis session.save_path = "tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}" redis.session.locking_enabled = 1 redis.session.lock_retries = -1 # redis.session.lock_wait_time is specified in microseconds. # Wait 10ms before retrying the lock rather than the default 2ms. redis.session.lock_wait_time = 10000 REDIS_CONF echo "Setting php max children..." MEMORY=$(mawk '/MemTotal/ {printf "%d", $2/1024}' /proc/meminfo) PHP_MAX_CHILDREN=$((MEMORY/50)) if [ -n "$PHP_MAX_CHILDREN" ]; then sed -i "s/^pm.max_children =.*/pm.max_children = $PHP_MAX_CHILDREN/" /usr/local/etc/php-fpm.d/www.conf fi # Check permissions in ncdata touch "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" &>/dev/null if ! [ -f "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" ]; then echo "The www-data user doesn't seem to have access rights in the datadir. Most likely are the files located on a drive that does not follow linux permissions. Please adjust the permissions like mentioned below. The found permissions are: $(stat -c "%u:%g %a" "$NEXTCLOUD_DATA_DIR") (userID:groupID permissions) but they should be: 33:0 750 (userID:groupID permissions)" exit 1 fi rm "$NEXTCLOUD_DATA_DIR/this-is-a-test-file" if [ -f /var/www/html/version.php ]; then # shellcheck disable=SC2016 installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')" else installed_version="0.0.0.0" fi if [ -f "/usr/src/nextcloud/version.php" ]; then # shellcheck disable=SC2016 image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')" else image_version="$installed_version" fi # unset admin password if [ "$installed_version" != "0.0.0.0" ]; then unset ADMIN_PASSWORD fi # Don't start the container if Nextcloud is not compatible with the PHP version if [ -f "/var/www/html/lib/versioncheck.php" ] && ! php /var/www/html/lib/versioncheck.php; then echo "It seems like your installed Nextcloud is not compatible with the by the container provided PHP version." echo "This most likely happened because you tried to restore an old Nextcloud version from backup that is not compatible with the PHP version that comes with the container." echo "Please try to restore a more recent backup which contains a Nextcloud version that is compatible with the PHP version that comes with the container." echo "If you do not have a more recent backup, feel free to have a look at this documentation: https://github.com/nextcloud/all-in-one/blob/main/manual-upgrade.md" exit 1 fi # Do not start the container if the last update failed if [ -f "$NEXTCLOUD_DATA_DIR/update.failed" ]; then echo "The last Nextcloud update failed." echo "Please restore from backup and try again!" echo "If you do not have a backup in place, you can simply delete the update.failed file in the datadir which will allow the container to start again." exit 1 fi # Do not start the container if the install failed if [ -f "$NEXTCLOUD_DATA_DIR/install.failed" ]; then echo "The initial Nextcloud installation failed." echo "Please reset AIO properly and try again. For further clues what went wrong, check the logs above." echo "See https://github.com/nextcloud/all-in-one#how-to-properly-reset-the-instance" exit 1 fi # Skip any update if Nextcloud was just restored if ! [ -f "$NEXTCLOUD_DATA_DIR/skip.update" ]; then if version_greater "$image_version" "$installed_version"; then # Check if it skips a major version INSTALLED_MAJOR="${installed_version%%.*}" IMAGE_MAJOR="${image_version%%.*}" if [ "$installed_version" != "0.0.0.0" ]; then # Write output to logfile. exec > >(tee -i "/var/www/html/data/update.log") exec 2>&1 fi if [ "$installed_version" != "0.0.0.0" ] && [ "$((IMAGE_MAJOR - INSTALLED_MAJOR))" -gt 1 ]; then set -ex NEXT_MAJOR="$((INSTALLED_MAJOR + 1))" curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/latest-${NEXT_MAJOR}.tar.bz2" curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/latest-${NEXT_MAJOR}.tar.bz2.asc" GNUPGHOME="$(mktemp -d)" export GNUPGHOME # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2 mkdir -p /usr/src/tmp tar -xjf nextcloud.tar.bz2 -C /usr/src/tmp/ gpgconf --kill all rm nextcloud.tar.bz2.asc nextcloud.tar.bz2 mkdir -p /usr/src/tmp/nextcloud/data mkdir -p /usr/src/tmp/nextcloud/custom_apps chmod +x /usr/src/tmp/nextcloud/occ cp -r /usr/src/nextcloud/config/* /usr/src/tmp/nextcloud/config/ mkdir -p /usr/src/tmp/nextcloud/apps/nextcloud-aio cp -r /usr/src/nextcloud/apps/nextcloud-aio/* /usr/src/tmp/nextcloud/apps/nextcloud-aio/ mv /usr/src/nextcloud /usr/src/temp-nextcloud mv /usr/src/tmp/nextcloud /usr/src/nextcloud rm -r /usr/src/tmp rm -r /usr/src/temp-nextcloud # shellcheck disable=SC2016 image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')" IMAGE_MAJOR="${image_version%%.*}" set +ex fi if [ "$installed_version" != "0.0.0.0" ]; then while true; do echo -e "Checking connection to appstore" CURL_STATUS="$(curl -LI "https://apps.nextcloud.com/" -o /dev/null -w '%{http_code}\n' -s)" if [[ "$CURL_STATUS" = "200" ]] then echo "Appstore is reachable" break else echo "Curl didn't produce a 200 status, is appstore reachable?" sleep 5 fi done php /var/www/html/occ maintenance:mode --off echo "Getting and backing up the status of apps for later, this might take a while..." NC_APPS="$(find /var/www/html/custom_apps/ -type d -maxdepth 1 -mindepth 1 | sed 's|/var/www/html/custom_apps/||g')" if [ -z "$NC_APPS" ]; then echo "No apps detected, aborting export of app status..." APPSTORAGE="no-export-done" else mapfile -t NC_APPS_ARRAY <<< "$NC_APPS" declare -Ag APPSTORAGE echo "Disabling apps before the update in order to make the update procedure more safe. This can take a while..." for app in "${NC_APPS_ARRAY[@]}"; do APPSTORAGE[$app]=$(php /var/www/html/occ config:app:get "$app" enabled) php /var/www/html/occ app:disable "$app" done fi if [ "$((IMAGE_MAJOR - INSTALLED_MAJOR))" -eq 1 ]; then php /var/www/html/occ config:system:delete app_install_overwrite fi php /var/www/html/occ app:update --all # Fix removing the updatenotification for old instances UPDATENOTIFICATION_STATUS="$(php /var/www/html/occ config:app:get updatenotification enabled)" if [ -d "/var/www/html/apps/updatenotification" ]; then php /var/www/html/occ app:disable updatenotification elif [ "$UPDATENOTIFICATION_STATUS" != "no" ] && [ -n "$UPDATENOTIFICATION_STATUS" ]; then php /var/www/html/occ config:app:set updatenotification enabled --value="no" fi fi echo "Initializing nextcloud $image_version ..." rsync -rlD --delete --exclude-from=/upgrade.exclude /usr/src/nextcloud/ /var/www/html/ for dir in config data custom_apps themes; do if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then rsync -rlD --include "/$dir/" --exclude '/*' /usr/src/nextcloud/ /var/www/html/ fi done rsync -rlD --delete --include '/config/' --exclude '/*' --exclude '/config/CAN_INSTALL' --exclude '/config/config.sample.php' --exclude '/config/config.php' /usr/src/nextcloud/ /var/www/html/ rsync -rlD --include '/version.php' --exclude '/*' /usr/src/nextcloud/ /var/www/html/ echo "Initializing finished" #install if [ "$installed_version" = "0.0.0.0" ]; then echo "New Nextcloud instance." # Write output to logfile. mkdir -p /var/www/html/data exec > >(tee -i "/var/www/html/data/install.log") exec 2>&1 INSTALL_OPTIONS=(-n --admin-user "$ADMIN_USER" --admin-pass "$ADMIN_PASSWORD") if [ -n "${NEXTCLOUD_DATA_DIR}" ]; then INSTALL_OPTIONS+=(--data-dir "$NEXTCLOUD_DATA_DIR") fi echo "Installing with PostgreSQL database" INSTALL_OPTIONS+=(--database pgsql --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST") echo "Starting Nextcloud installation..." if ! php /var/www/html/occ maintenance:install "${INSTALL_OPTIONS[@]}"; then echo "Installation of Nextcloud failed!" touch "$NEXTCLOUD_DATA_DIR/install.failed" exit 1 fi # Try to force generation of appdata dir: php /var/www/html/occ maintenance:repair if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then max_retries=10 try=0 while [ -z "$(find "$NEXTCLOUD_DATA_DIR/" -maxdepth 1 -mindepth 1 -type d -name "appdata_*")" ] && [ "$try" -lt "$max_retries" ]; do echo "Waiting for appdata to become available..." try=$((try+1)) sleep 10s done if [ "$try" -ge "$max_retries" ]; then echo "Installation of Nextcloud failed!" echo "Install errors: $(cat /var/www/html/data/nextcloud.log)" touch "$NEXTCLOUD_DATA_DIR/install.failed" exit 1 fi fi # unset admin password unset ADMIN_PASSWORD # Apply log settings echo "Applying default settings..." mkdir -p /var/www/html/data php /var/www/html/occ config:system:set loglevel --value=2 php /var/www/html/occ config:system:set log_type --value=file php /var/www/html/occ config:system:set logfile --value="/var/www/html/data/nextcloud.log" php /var/www/html/occ config:system:set log_rotate_size --value="10485760" php /var/www/html/occ app:enable admin_audit php /var/www/html/occ config:app:set admin_audit logfile --value="/var/www/html/data/audit.log" php /var/www/html/occ config:system:set log.condition apps 0 --value="admin_audit" # Apply preview settings echo "Applying preview settings..." php /var/www/html/occ config:system:set preview_max_x --value="2048" php /var/www/html/occ config:system:set preview_max_y --value="2048" php /var/www/html/occ config:system:set jpeg_quality --value="60" php /var/www/html/occ config:app:set preview jpeg_quality --value="60" php /var/www/html/occ config:system:delete enabledPreviewProviders php /var/www/html/occ config:system:set enabledPreviewProviders 1 --value="OC\\Preview\\Image" php /var/www/html/occ config:system:set enabledPreviewProviders 2 --value="OC\\Preview\\MarkDown" php /var/www/html/occ config:system:set enabledPreviewProviders 3 --value="OC\\Preview\\MP3" php /var/www/html/occ config:system:set enabledPreviewProviders 4 --value="OC\\Preview\\TXT" php /var/www/html/occ config:system:set enabledPreviewProviders 5 --value="OC\\Preview\\OpenDocument" php /var/www/html/occ config:system:set enabledPreviewProviders 6 --value="OC\\Preview\\Movie" php /var/www/html/occ config:system:set enable_previews --value=true --type=boolean # Apply other settings echo "Applying other settings..." php /var/www/html/occ config:system:set upgrade.disable-web --type=bool --value=true php /var/www/html/occ config:system:set mail_smtpmode --value="smtp" php /var/www/html/occ config:system:set trashbin_retention_obligation --value="auto, 30" php /var/www/html/occ config:system:set versions_retention_obligation --value="auto, 30" php /var/www/html/occ config:system:set activity_expire_days --value="30" php /var/www/html/occ config:system:set simpleSignUpLink.shown --type=bool --value=false php /var/www/html/occ config:system:set share_folder --value="/Shared" # Not needed anymore with the removal of the updatenotification app: # php /var/www/html/occ config:app:set updatenotification notify_groups --value="[]" # Install some apps by default if [ -n "$STARTUP_APPS" ]; then read -ra STARTUP_APPS_ARRAY <<< "$STARTUP_APPS" for app in "${STARTUP_APPS_ARRAY[@]}"; do if ! echo "$app" | grep -q '^-'; then if [ -z "$(find /var/www/html/apps -type d -maxdepth 1 -mindepth 1 -name "$app" )" ]; then # If not shipped, install and enable the app php /var/www/html/occ app:install "$app" else # If shipped, enable the app php /var/www/html/occ app:enable "$app" fi else app="${app#-}" # Disable the app if '-' was provided in front of the appid php /var/www/html/occ app:disable "$app" fi done fi #upgrade else touch "$NEXTCLOUD_DATA_DIR/update.failed" echo "Upgrading nextcloud from $installed_version to $image_version..." if ! php /var/www/html/occ upgrade || ! php /var/www/html/occ -V; then echo "Upgrade failed. Please restore from backup." bash /notify.sh "Nextcloud update to $image_version failed!" "Please restore from backup!" exit 1 fi rm "$NEXTCLOUD_DATA_DIR/update.failed" bash /notify.sh "Nextcloud update to $image_version successful!" "Feel free to inspect the Nextcloud container logs for more info." php /var/www/html/occ app:update --all # Restore app status if [ "${APPSTORAGE[0]}" != "no-export-done" ]; then echo "Restoring the status of apps. This can take a while..." for app in "${!APPSTORAGE[@]}"; do if [ -n "${APPSTORAGE[$app]}" ]; then if [ "${APPSTORAGE[$app]}" != "no" ]; then echo "Enabling $app..." if ! php /var/www/html/occ app:enable "$app" >/dev/null; then echo "The $app app could not get enabled. Probably because it is not compatible with the new Nextcloud version." if [ "$app" = apporder ]; then CUSTOM_HINT="The apporder app was deprecated. A possible replacement is the side_menu app, aka 'Custom menu'." else CUSTOM_HINT="Most likely because it is not compatible with the new Nextcloud version." fi bash /notify.sh "Could not enable the $app app after the Nextcloud update!" "$CUSTOM_HINT Feel free to look at the Nextcloud update logs and force-enable the app again from the app-store UI." continue fi # Only restore the group settings, if the app was enabled (and is thus compatible with the new NC version) if [ "${APPSTORAGE[$app]}" != "yes" ]; then php /var/www/html/occ config:app:set "$app" enabled --value="${APPSTORAGE[$app]}" fi fi fi done fi php /var/www/html/occ app:update --all # Apply optimization echo "Doing some optimizations..." php /var/www/html/occ maintenance:repair php /var/www/html/occ db:add-missing-indices php /var/www/html/occ db:add-missing-columns php /var/www/html/occ db:add-missing-primary-keys yes | php /var/www/html/occ db:convert-filecache-bigint php /var/www/html/occ maintenance:mimetype:update-js php /var/www/html/occ maintenance:mimetype:update-db fi fi # Performing update of all apps if daily backups are enabled, running and successful and if it is saturday if [ "$UPDATE_NEXTCLOUD_APPS" = 'yes' ] && [ "$(date +%u)" = 6 ]; then UPDATED_APPS="$(php /var/www/html/occ app:update --all)" if [ -n "$UPDATED_APPS" ]; then bash /notify.sh "Your apps just got updated!" "$UPDATED_APPS" fi fi else SKIP_UPDATE=1 fi if [ -z "$OBJECTSTORE_S3_BUCKET" ] && [ -z "$OBJECTSTORE_SWIFT_URL" ]; then # Check if appdata is present # If not, something broke (e.g. changing ncdatadir after aio was first started) if [ -z "$(find "$NEXTCLOUD_DATA_DIR/" -maxdepth 1 -mindepth 1 -type d -name "appdata_*")" ]; then echo "Appdata is not present. Did you maybe change the datadir after aio was first started?" echo "See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir" echo "In the datadir was found:" ls -la "$NEXTCLOUD_DATA_DIR/" exit 1 fi # Configure tempdirectory mkdir -p "$NEXTCLOUD_DATA_DIR/tmp/" if ! grep -q upload_tmp_dir /usr/local/etc/php/conf.d/nextcloud.ini; then echo "upload_tmp_dir = $NEXTCLOUD_DATA_DIR/tmp/" >> /usr/local/etc/php/conf.d/nextcloud.ini fi php /var/www/html/occ config:system:set tempdirectory --value="$NEXTCLOUD_DATA_DIR/tmp/" fi # Perform fingerprint update if instance was restored if [ -f "$NEXTCLOUD_DATA_DIR/fingerprint.update" ]; then php /var/www/html/occ maintenance:data-fingerprint rm "$NEXTCLOUD_DATA_DIR/fingerprint.update" fi # Apply one-click-instance settings echo "Applying one-click-instance settings..." php /var/www/html/occ config:system:set one-click-instance --value=true --type=bool php /var/www/html/occ config:system:set one-click-instance.user-limit --value=100 --type=int php /var/www/html/occ config:system:set one-click-instance.link --value="https://nextcloud.com/all-in-one/" php /var/www/html/occ app:enable support # Adjusting log files to be stored on a volume echo "Adjusting log files..." php /var/www/html/occ config:system:set logfile --value="/var/www/html/data/nextcloud.log" php /var/www/html/occ config:app:set admin_audit logfile --value="/var/www/html/data/audit.log" # Apply network settings echo "Applying network settings..." php /var/www/html/occ config:system:set trusted_domains 1 --value="$NC_DOMAIN" php /var/www/html/occ config:system:set overwrite.cli.url --value="https://$NC_DOMAIN/" php /var/www/html/occ config:system:set htaccess.RewriteBase --value="/" php /var/www/html/occ maintenance:update:htaccess # Disallow creating local external storages when nothing was mounted if [ -z "$NEXTCLOUD_MOUNT" ]; then php /var/www/html/occ config:system:set files_external_allow_create_new_local --type=bool --value=false else php /var/www/html/occ config:system:set files_external_allow_create_new_local --type=bool --value=true fi # AIO app if [ "$(php /var/www/html/occ config:app:get nextcloud-aio enabled)" != "yes" ]; then php /var/www/html/occ app:enable nextcloud-aio fi # Notify push if ! [ -d "/var/www/html/custom_apps/notify_push" ]; then php /var/www/html/occ app:install notify_push elif [ "$(php /var/www/html/occ config:app:get notify_push enabled)" != "yes" ]; then php /var/www/html/occ app:enable notify_push elif [ "$SKIP_UPDATE" != 1 ]; then php /var/www/html/occ app:update notify_push fi php /var/www/html/occ config:system:set trusted_proxies 0 --value="127.0.0.1" php /var/www/html/occ config:system:set trusted_proxies 1 --value="::1" php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push" # Collabora if [ "$COLLABORA_ENABLED" = 'yes' ]; then if ! [ -d "/var/www/html/custom_apps/richdocuments" ]; then php /var/www/html/occ app:install richdocuments elif [ "$(php /var/www/html/occ config:app:get richdocuments enabled)" != "yes" ]; then php /var/www/html/occ app:enable richdocuments elif [ "$SKIP_UPDATE" != 1 ]; then php /var/www/html/occ app:update richdocuments fi php /var/www/html/occ config:app:set richdocuments wopi_url --value="https://$NC_DOMAIN/" # Fix https://github.com/nextcloud/all-in-one/issues/188: php /var/www/html/occ config:system:set allow_local_remote_servers --type=bool --value=true # Make collabora more save COLLABORA_IPv4_ADDRESS="$(echo "