2021-11-30 18:20:42 +08:00
#!/bin/bash
# Function to show text in green
print_green( ) {
local TEXT = " $1 "
printf "%b%s%b\n" "\e[0;92m" " $TEXT " "\e[0m"
}
2021-12-09 01:12:56 +08:00
# Function to check if number was provided
check_if_number( ) {
case " ${ 1 } " in
'' | *[ !0-9] *) return 1 ; ;
*) return 0 ; ;
esac
}
2021-11-30 18:20:42 +08:00
# Check if socket is available and readable
if ! [ -a "/var/run/docker.sock" ] ; then
echo "Docker socket is not available. Cannot continue."
exit 1
2021-12-04 18:01:38 +08:00
elif ! mountpoint -q "/mnt/docker-aio-config" ; then
echo "/mnt/docker-aio-config is not a mountpoint. Cannot proceed!"
exit 1
2021-12-03 20:13:51 +08:00
elif ! sudo -u www-data test -r /var/run/docker.sock; then
2021-12-03 19:14:39 +08:00
echo "Trying to fix docker.sock permissions internally..."
2021-12-06 20:18:09 +08:00
DOCKER_GROUP = $( stat -c '%G' /var/run/docker.sock)
DOCKER_GROUP_ID = $( stat -c '%g' /var/run/docker.sock)
2021-12-06 23:38:19 +08:00
# Check if a group with the same group id of /var/run/docker.socket already exists in the container
2021-12-06 20:18:09 +08:00
if grep -q " ^ $DOCKER_GROUP : " /etc/group; then
2021-12-06 23:38:19 +08:00
# If yes, add www-data to that group
echo " Adding internal www-data to group $DOCKER_GROUP "
usermod -aG " $DOCKER_GROUP " www-data
else
2022-04-27 19:52:03 +08:00
# Delete the docker group for cases when the docker socket permissions changed between restarts
groupdel docker & >/dev/null
2021-12-06 23:38:19 +08:00
# If the group doesn't exist, create it
echo " Creating docker group internally with id $DOCKER_GROUP_ID "
groupadd -g " $DOCKER_GROUP_ID " docker
usermod -aG docker www-data
2021-12-06 20:18:09 +08:00
fi
2021-12-03 20:13:51 +08:00
if ! sudo -u www-data test -r /var/run/docker.sock; then
echo "Docker socket is not readable by the www-data user. Cannot continue."
2021-12-01 19:40:51 +08:00
exit 1
fi
2021-11-30 18:20:42 +08:00
fi
# Check if api version is supported
2022-03-17 17:51:34 +08:00
if ! sudo -u www-data docker info & >/dev/null; then
2022-01-21 21:02:35 +08:00
echo "Cannot connect to the docker socket. Cannot proceed."
exit 1
fi
2021-11-30 18:20:42 +08:00
API_VERSION_FILE = " $( find ./ -name DockerActionManager.php | head -1) "
2022-02-11 18:37:05 +08:00
API_VERSION = " $( grep -oP 'const API_VERSION.*\;' " $API_VERSION_FILE " | grep -oP '[0-9]+.[0-9]+' | head -1) "
# shellcheck disable=SC2001
2021-11-30 18:20:42 +08:00
API_VERSION_NUMB = " $( echo " $API_VERSION " | sed 's/\.//' ) "
2022-03-17 17:51:34 +08:00
LOCAL_API_VERSION_NUMB = " $( sudo -u www-data docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//' ) "
2021-11-30 18:20:42 +08:00
if [ -n " $LOCAL_API_VERSION_NUMB " ] && [ -n " $API_VERSION_NUMB " ] ; then
if ! [ " $LOCAL_API_VERSION_NUMB " -ge " $API_VERSION_NUMB " ] ; then
2022-04-24 04:16:46 +08:00
echo " Docker API v $API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO! "
2021-11-30 18:20:42 +08:00
exit 1
fi
else
echo "LOCAL_API_VERSION_NUMB or API_VERSION_NUMB are not set correctly. Cannot check if the API version is supported."
sleep 10
fi
2022-12-01 23:20:00 +08:00
# Check Storage drivers
STORAGE_DRIVER = " $( docker info | grep "Storage Driver" ) "
# Check if vfs is used: https://github.com/nextcloud/all-in-one/discussions/1467
if echo " $STORAGE_DRIVER " | grep -q vfs; then
echo " $STORAGE_DRIVER "
echo "Warning: It seems like the storage driver vfs is used. This will lead to problems with disk space and performance and is disrecommended!"
elif echo " $STORAGE_DRIVER " | grep -q fuse-overlayfs; then
echo " $STORAGE_DRIVER "
echo "Warning: It seems like the storage driver fuse-overlayfs is used. Please check if you can switch to overlay2 instead."
fi
2022-03-09 01:36:08 +08:00
# Check if startup command was executed correctly
2022-03-17 17:51:34 +08:00
if ! sudo -u www-data docker ps | grep -q "nextcloud-aio-mastercontainer" ; then
2022-05-08 23:42:10 +08:00
echo " It seems like you did not give the mastercontainer the correct name?
Using a different name is not supported!"
2022-03-09 01:36:08 +08:00
exit 1
2022-03-17 17:51:34 +08:00
elif ! sudo -u www-data docker volume ls | grep -q "nextcloud_aio_mastercontainer" ; then
2022-05-08 23:42:10 +08:00
echo " It seems like you did not give the mastercontainer volume the correct name?
Using a different name is not supported!"
2022-03-09 01:36:08 +08:00
exit 1
fi
2022-02-22 00:31:05 +08:00
# Check for other options
2022-03-08 23:49:13 +08:00
if [ -n " $NEXTCLOUD_DATADIR " ] ; then
2022-05-23 23:19:23 +08:00
if [ " $NEXTCLOUD_DATADIR " = "nextcloud_aio_nextcloud_datadir" ] ; then
echo " NEXTCLOUD_DATADIR is set to $NEXTCLOUD_DATADIR "
elif ! echo " $NEXTCLOUD_DATADIR " | grep -q "^/" || [ " $NEXTCLOUD_DATADIR " = "/" ] ; then
2022-03-08 23:49:13 +08:00
echo " You've set NEXTCLOUD_DATADIR but not to an allowed value.
2022-05-06 18:17:56 +08:00
The string must start with '/' and must not be equal to '/' .
2022-05-04 15:16:16 +08:00
It is set to '$NEXTCLOUD_DATADIR' ."
2022-03-08 23:49:13 +08:00
exit 1
fi
fi
2022-02-22 00:31:05 +08:00
if [ -n " $NEXTCLOUD_MOUNT " ] ; then
2022-05-06 18:17:56 +08:00
if ! echo " $NEXTCLOUD_MOUNT " | grep -q "^/" || [ " $NEXTCLOUD_MOUNT " = "/" ] ; then
2022-02-22 00:31:05 +08:00
echo " You've set NEXCLOUD_MOUNT but not to an allowed value.
2022-05-06 18:17:56 +08:00
The string must start with '/' and must not be equal to '/' .
It is set to '$NEXTCLOUD_MOUNT' ."
2022-02-22 00:31:05 +08:00
exit 1
elif [ " $NEXTCLOUD_MOUNT " = "/mnt/ncdata" ] || echo " $NEXTCLOUD_MOUNT " | grep -q "^/mnt/ncdata/" ; then
2022-05-06 18:17:56 +08:00
echo "'/mnt/ncdata' and '/mnt/ncdata/' are not allowed as values for NEXTCLOUD_MOUNT."
2022-02-22 00:31:05 +08:00
exit 1
fi
fi
2022-03-08 23:56:25 +08:00
if [ -n " $NEXTCLOUD_DATADIR " ] && [ -n " $NEXTCLOUD_MOUNT " ] ; then
if [ " $NEXTCLOUD_DATADIR " = " $NEXTCLOUD_MOUNT " ] ; then
echo "NEXTCLOUD_DATADIR and NEXTCLOUD_MOUNT are not allowed to be equal."
exit 1
fi
fi
2022-08-18 00:34:02 +08:00
if [ -n " $NEXTCLOUD_UPLOAD_LIMIT " ] ; then
if ! echo " $NEXTCLOUD_UPLOAD_LIMIT " | grep -q '^[0-9]\+G$' ; then
echo " You've set NEXTCLOUD_UPLOAD_LIMIT but not to an allowed value.
The string must start with a number and end with 'G' .
It is set to '$NEXTCLOUD_UPLOAD_LIMIT' ."
exit 1
fi
fi
2022-08-18 01:43:05 +08:00
if [ -n " $NEXTCLOUD_MAX_TIME " ] ; then
if ! echo " $NEXTCLOUD_MAX_TIME " | grep -q '^[0-9]\+$' ; then
echo " You've set NEXTCLOUD_MAX_TIME but not to an allowed value.
The string must be a number. E.g. '3600' .
It is set to '$NEXTCLOUD_MAX_TIME' ."
exit 1
fi
fi
2022-11-10 04:25:10 +08:00
if [ -n " $NEXTCLOUD_MEMORY_LIMIT " ] ; then
if ! echo " $NEXTCLOUD_MEMORY_LIMIT " | grep -q '^[0-9]\+M$' ; then
echo " You've set NEXTCLOUD_MEMORY_LIMIT but not to an allowed value.
The string must start with a number and end with 'M' .
It is set to '$NEXTCLOUD_MEMORY_LIMIT' ."
exit 1
fi
fi
2021-12-09 01:12:56 +08:00
if [ -n " $APACHE_PORT " ] ; then
if ! check_if_number " $APACHE_PORT " ; then
2022-05-04 15:16:16 +08:00
echo " You provided an Apache port but did not only use numbers.
It is set to '$APACHE_PORT' ."
2021-12-09 01:12:56 +08:00
exit 1
elif ! [ " $APACHE_PORT " -le 65535 ] || ! [ " $APACHE_PORT " -ge 1 ] ; then
echo "The provided Apache port is invalid. It must be between 1 and 65535"
exit 1
fi
fi
2022-07-08 23:11:49 +08:00
if [ -n " $APACHE_IP_BINDING " ] ; then
if ! echo " $APACHE_IP_BINDING " | grep -q '^[0-9.]\+$' ; then
echo " You provided an ip-address for the apache container's ip-binding but it was not a valid ip-address.
It is set to '$APACHE_IP_BINDING' ."
exit 1
fi
fi
2022-06-07 06:43:48 +08:00
if [ -n " $TALK_PORT " ] ; then
if ! check_if_number " $TALK_PORT " ; then
echo " You provided an Talk port but did not only use numbers.
It is set to '$TALK_PORT' ."
exit 1
elif ! [ " $TALK_PORT " -le 65535 ] || ! [ " $TALK_PORT " -ge 1 ] ; then
echo "The provided Talk port is invalid. It must be between 1 and 65535"
exit 1
fi
fi
if [ -n " $APACHE_PORT " ] && [ -n " $TALK_PORT " ] ; then
if [ " $APACHE_PORT " = " $TALK_PORT " ] ; then
echo "APACHE_PORT and TALK_PORT are not allowed to be equal."
exit 1
fi
fi
2022-05-14 00:46:34 +08:00
if [ -n " $DOCKER_SOCKET_PATH " ] ; then
if ! echo " $DOCKER_SOCKET_PATH " | grep -q "^/" || echo " $DOCKER_SOCKET_PATH " | grep -q " / $" ; then
echo " You've set DOCKER_SOCKET_PATH but not to an allowed value.
The string must start with '/' and must not end with '/' .
It is set to '$DOCKER_SOCKET_PATH' ."
exit 1
fi
fi
2022-11-10 03:28:50 +08:00
if [ -n " $NEXTCLOUD_TRUSTED_CACERTS_DIR " ] ; then
if ! echo " $NEXTCLOUD_TRUSTED_CACERTS_DIR " | grep -q "^/" || echo " $NEXTCLOUD_TRUSTED_CACERTS_DIR " | grep -q " / $" ; then
echo " You've set NEXTCLOUD_TRUSTED_CACERTS_DIR but not to an allowed value.
2022-09-01 04:50:19 +08:00
It should be an absolute path to a directory that starts with '/' but not end with '/' .
2022-11-10 03:28:50 +08:00
It is set to '$NEXTCLOUD_TRUSTED_CACERTS_DIR ' ."
2022-09-27 02:27:35 +08:00
exit 1
fi
fi
if [ -n " $NEXTCLOUD_STARTUP_APPS " ] ; then
if ! echo " $NEXTCLOUD_STARTUP_APPS " | grep -q " ^[a-z _-]\+ $" ; then
echo " You've set NEXTCLOUD_STARTUP_APPS but not to an allowed value.
It needs to be a string. Allowed are small letters a-z, spaces, hyphens and '_' .
It is set to '$NEXTCLOUD_STARTUP_APPS' ."
2022-09-01 04:50:19 +08:00
exit 1
fi
fi
2022-11-09 04:38:31 +08:00
if [ -n " $NEXTCLOUD_ADDITIONAL_APKS " ] ; then
2022-11-11 03:40:22 +08:00
if ! echo " $NEXTCLOUD_ADDITIONAL_APKS " | grep -q " ^[a-z0-9 ._-]\+ $" ; then
2022-11-09 04:38:31 +08:00
echo " You've set NEXTCLOUD_ADDITIONAL_APKS but not to an allowed value.
2022-11-11 03:25:10 +08:00
It needs to be a string. Allowed are small letters a-z, digits 0-9, spaces, hyphens, dots and '_' .
2022-11-09 04:38:31 +08:00
It is set to '$NEXTCLOUD_ADDITIONAL_APKS' ."
exit 1
fi
fi
if [ -n " $NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS " ] ; then
2022-11-11 03:40:22 +08:00
if ! echo " $NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS " | grep -q " ^[a-z0-9 ._-]\+ $" ; then
2022-11-09 04:38:31 +08:00
echo " You've set NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS but not to an allowed value.
2022-11-11 03:25:10 +08:00
It needs to be a string. Allowed are small letters a-z, digits 0-9, spaces, hyphens, dots and '_' .
2022-11-09 04:38:31 +08:00
It is set to '$NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS' ."
exit 1
fi
fi
2022-02-22 00:31:05 +08:00
2022-05-06 00:36:02 +08:00
# Check DNS resolution
# Prevents issues like https://github.com/nextcloud/all-in-one/discussions/565
curl https://nextcloud.com & >/dev/null
if [ " $? " = 6 ] ; then
echo "Could not resolve the host nextcloud.com."
echo "Most likely the DNS resolving does not work."
echo "You should be able to fix this by adding the '--dns=\"ip.address.of.dns.server\"' option to the docker run command."
exit 1
fi
2021-12-03 19:14:39 +08:00
# Add important folders
2021-11-30 18:20:42 +08:00
mkdir -p /mnt/docker-aio-config/data/
mkdir -p /mnt/docker-aio-config/session/
mkdir -p /mnt/docker-aio-config/caddy/
2021-12-03 20:13:51 +08:00
mkdir -p /mnt/docker-aio-config/certs/
# Adjust permissions for all instances
chmod 770 -R /mnt/docker-aio-config
2021-12-03 22:23:55 +08:00
chmod 777 /mnt/docker-aio-config
2021-12-03 20:13:51 +08:00
chown www-data:www-data -R /mnt/docker-aio-config/data/
chown www-data:www-data -R /mnt/docker-aio-config/session/
2022-04-20 23:00:51 +08:00
chown www-data:www-data -R /mnt/docker-aio-config/caddy/
2021-12-03 20:13:51 +08:00
chown root:root -R /mnt/docker-aio-config/certs/
2021-11-30 18:20:42 +08:00
2022-05-07 02:24:12 +08:00
# Don't allow access to the AIO interface from the Nextcloud container
2022-04-29 03:57:19 +08:00
# Probably more cosmetic than anything but at least an attempt
if ! grep -q '# nextcloud-aio-block' /etc/apache2/apache2.conf; then
cat << APA CHE_CONF >> /etc/apache2/apache2.conf
# nextcloud-aio-block-start
<Location />
order allow,deny
deny from nextcloud-aio-nextcloud.nextcloud-aio
allow from all
</Location>
# nextcloud-aio-block-end
APACHE_CONF
fi
2021-11-30 18:20:42 +08:00
# Adjust certs
GENERATED_CERTS = "/mnt/docker-aio-config/certs"
TMP_CERTS = "/etc/apache2/certs"
mkdir -p " $GENERATED_CERTS "
2022-02-11 18:37:05 +08:00
cd " $GENERATED_CERTS " || exit 1
2021-11-30 18:20:42 +08:00
if ! [ -f ./ssl.crt ] && ! [ -f ./ssl.key ] ; then
openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout ./ssl.key -out ./ssl.crt
fi
if [ -f ./ssl.crt ] && [ -f ./ssl.key ] ; then
2022-02-11 18:37:05 +08:00
cd " $TMP_CERTS " || exit 1
2021-11-30 18:20:42 +08:00
rm ./ssl.crt
rm ./ssl.key
cp " $GENERATED_CERTS /ssl.crt " ./
cp " $GENERATED_CERTS /ssl.key " ./
fi
2021-12-03 19:14:39 +08:00
2021-11-30 18:20:42 +08:00
print_green " Initial startup of Nextcloud All In One complete!
You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
E.g. https://internal.ip.of.this.server:8080
2022-09-05 16:01:43 +08:00
If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatically by opening the Nextcloud AIO Interface via:
2021-11-30 18:20:42 +08:00
https://your-domain-that-points-to-this-server.tld:8443"
2022-06-27 18:12:07 +08:00
# Set the timezone to UTC
export TZ = UTC
2021-12-03 22:23:55 +08:00
exec " $@ "