2021-11-30 18:20:42 +08:00
#!/bin/bash
# Function to show text in green
print_green( ) {
local TEXT = " $1 "
printf "%b%s%b\n" "\e[0;92m" " $TEXT " "\e[0m"
}
2021-12-09 01:12:56 +08:00
# Function to check if number was provided
check_if_number( ) {
case " ${ 1 } " in
'' | *[ !0-9] *) return 1 ; ;
*) return 0 ; ;
esac
}
2021-11-30 18:20:42 +08:00
# Check if socket is available and readable
if ! [ -a "/var/run/docker.sock" ] ; then
echo "Docker socket is not available. Cannot continue."
exit 1
2021-12-04 18:01:38 +08:00
elif ! mountpoint -q "/mnt/docker-aio-config" ; then
echo "/mnt/docker-aio-config is not a mountpoint. Cannot proceed!"
exit 1
2021-12-03 20:13:51 +08:00
elif ! sudo -u www-data test -r /var/run/docker.sock; then
2021-12-03 19:14:39 +08:00
echo "Trying to fix docker.sock permissions internally..."
2021-12-06 20:18:09 +08:00
DOCKER_GROUP = $( stat -c '%G' /var/run/docker.sock)
DOCKER_GROUP_ID = $( stat -c '%g' /var/run/docker.sock)
2021-12-06 23:38:19 +08:00
# Check if a group with the same group id of /var/run/docker.socket already exists in the container
2021-12-06 20:18:09 +08:00
if grep -q " ^ $DOCKER_GROUP : " /etc/group; then
2021-12-06 23:38:19 +08:00
# If yes, add www-data to that group
echo " Adding internal www-data to group $DOCKER_GROUP "
usermod -aG " $DOCKER_GROUP " www-data
else
# If the group doesn't exist, create it
echo " Creating docker group internally with id $DOCKER_GROUP_ID "
groupadd -g " $DOCKER_GROUP_ID " docker
usermod -aG docker www-data
2021-12-06 20:18:09 +08:00
fi
2021-12-03 20:13:51 +08:00
if ! sudo -u www-data test -r /var/run/docker.sock; then
echo "Docker socket is not readable by the www-data user. Cannot continue."
2021-12-01 19:40:51 +08:00
exit 1
fi
2021-11-30 18:20:42 +08:00
fi
# Check if api version is supported
2022-03-17 17:51:34 +08:00
if ! sudo -u www-data docker info & >/dev/null; then
2022-01-21 21:02:35 +08:00
echo "Cannot connect to the docker socket. Cannot proceed."
exit 1
fi
2021-11-30 18:20:42 +08:00
API_VERSION_FILE = " $( find ./ -name DockerActionManager.php | head -1) "
2022-02-11 18:37:05 +08:00
API_VERSION = " $( grep -oP 'const API_VERSION.*\;' " $API_VERSION_FILE " | grep -oP '[0-9]+.[0-9]+' | head -1) "
# shellcheck disable=SC2001
2021-11-30 18:20:42 +08:00
API_VERSION_NUMB = " $( echo " $API_VERSION " | sed 's/\.//' ) "
2022-03-17 17:51:34 +08:00
LOCAL_API_VERSION_NUMB = " $( sudo -u www-data docker version | grep -i "api version" | grep -oP '[0-9]+.[0-9]+' | head -1 | sed 's/\.//' ) "
2021-11-30 18:20:42 +08:00
if [ -n " $LOCAL_API_VERSION_NUMB " ] && [ -n " $API_VERSION_NUMB " ] ; then
if ! [ " $LOCAL_API_VERSION_NUMB " -ge " $API_VERSION_NUMB " ] ; then
2022-04-24 04:16:46 +08:00
echo " Docker API v $API_VERSION is not supported by your docker engine. Cannot proceed. Please upgrade your docker engine if you want to run Nextcloud AIO! "
2021-11-30 18:20:42 +08:00
exit 1
fi
else
echo "LOCAL_API_VERSION_NUMB or API_VERSION_NUMB are not set correctly. Cannot check if the API version is supported."
sleep 10
fi
2022-03-09 01:36:08 +08:00
# Check if startup command was executed correctly
2022-03-17 17:51:34 +08:00
if ! sudo -u www-data docker ps | grep -q "nextcloud-aio-mastercontainer" ; then
2022-03-09 01:36:08 +08:00
echo "It seems like you did not give the mastercontainer the correct name?"
exit 1
2022-03-17 17:51:34 +08:00
elif ! sudo -u www-data docker volume ls | grep -q "nextcloud_aio_mastercontainer" ; then
2022-03-09 01:36:08 +08:00
echo "It seems like you did not give the mastercontainer volume the correct name?"
exit 1
fi
2022-02-22 00:31:05 +08:00
# Check for other options
2022-03-08 23:49:13 +08:00
if [ -n " $NEXTCLOUD_DATADIR " ] ; then
if ! echo " $NEXTCLOUD_DATADIR " | grep -q "^/mnt/" \
2022-03-18 18:00:17 +08:00
&& ! echo " $NEXTCLOUD_DATADIR " | grep -q "^/media/" \
&& ! echo " $NEXTCLOUD_DATADIR " | grep -q "^/host_mnt/"
2022-03-08 23:49:13 +08:00
then
echo " You've set NEXTCLOUD_DATADIR but not to an allowed value.
2022-03-18 18:00:17 +08:00
The string must start with '/mnt/' , '/media/' or '/host_mnt/' . E.g. '/mnt/ncdata' "
2022-03-08 23:49:13 +08:00
exit 1
2022-03-18 18:00:17 +08:00
elif [ " $NEXTCLOUD_DATADIR " = "/mnt/" ] || [ " $NEXTCLOUD_DATADIR " = "/media/" ] || [ " $NEXTCLOUD_DATADIR " = "/host_mnt/" ] ; then
2022-03-08 23:49:13 +08:00
echo " You've set NEXTCLOUD_DATADIR but not to an allowed value.
2022-03-18 18:00:17 +08:00
The string must start with '/mnt/' , '/media/' or '/host_mnt/' and not be equal to these."
2022-03-08 23:49:13 +08:00
exit 1
fi
fi
2022-02-22 00:31:05 +08:00
if [ -n " $NEXTCLOUD_MOUNT " ] ; then
if ! echo " $NEXTCLOUD_MOUNT " | grep -q "^/mnt/" \
&& ! echo " $NEXTCLOUD_MOUNT " | grep -q "^/media/" \
2022-03-18 18:00:17 +08:00
&& ! echo " $NEXTCLOUD_MOUNT " | grep -q "^/host_mnt/" \
2022-02-22 00:31:05 +08:00
&& ! echo " $NEXTCLOUD_MOUNT " | grep -q " ^/var/backups $"
then
echo " You've set NEXCLOUD_MOUNT but not to an allowed value.
2022-03-18 18:00:17 +08:00
The string must be equal to/start with '/mnt/' , '/media/' or '/host_mnt/' or be equal to '/var/backups' ."
2022-02-22 00:31:05 +08:00
exit 1
elif [ " $NEXTCLOUD_MOUNT " = "/mnt/ncdata" ] || echo " $NEXTCLOUD_MOUNT " | grep -q "^/mnt/ncdata/" ; then
echo "/mnt/ncdata and /mnt/ncdata/ are not allowed for NEXTCLOUD_MOUNT."
exit 1
fi
fi
2022-03-08 23:56:25 +08:00
if [ -n " $NEXTCLOUD_DATADIR " ] && [ -n " $NEXTCLOUD_MOUNT " ] ; then
if [ " $NEXTCLOUD_DATADIR " = " $NEXTCLOUD_MOUNT " ] ; then
echo "NEXTCLOUD_DATADIR and NEXTCLOUD_MOUNT are not allowed to be equal."
exit 1
fi
fi
2021-12-09 01:12:56 +08:00
if [ -n " $APACHE_PORT " ] ; then
if ! check_if_number " $APACHE_PORT " ; then
echo "You provided an Apache port but did not only use numbers"
exit 1
elif ! [ " $APACHE_PORT " -le 65535 ] || ! [ " $APACHE_PORT " -ge 1 ] ; then
echo "The provided Apache port is invalid. It must be between 1 and 65535"
exit 1
fi
fi
2022-02-22 00:31:05 +08:00
2021-12-03 19:14:39 +08:00
# Add important folders
2021-11-30 18:20:42 +08:00
mkdir -p /mnt/docker-aio-config/data/
mkdir -p /mnt/docker-aio-config/session/
mkdir -p /mnt/docker-aio-config/caddy/
2021-12-03 20:13:51 +08:00
mkdir -p /mnt/docker-aio-config/certs/
# Adjust permissions for all instances
chmod 770 -R /mnt/docker-aio-config
2021-12-03 22:23:55 +08:00
chmod 777 /mnt/docker-aio-config
2021-12-03 20:13:51 +08:00
chown www-data:www-data -R /mnt/docker-aio-config/data/
chown www-data:www-data -R /mnt/docker-aio-config/session/
2022-04-20 23:00:51 +08:00
chown www-data:www-data -R /mnt/docker-aio-config/caddy/
2021-12-03 20:13:51 +08:00
chown root:root -R /mnt/docker-aio-config/certs/
2021-11-30 18:20:42 +08:00
2022-04-29 03:57:19 +08:00
# Don't allow access to the AIO interface directly from the Nextcloud container
# Probably more cosmetic than anything but at least an attempt
if ! grep -q '# nextcloud-aio-block' /etc/apache2/apache2.conf; then
cat << APA CHE_CONF >> /etc/apache2/apache2.conf
# nextcloud-aio-block-start
<Location />
order allow,deny
deny from nextcloud-aio-nextcloud.nextcloud-aio
allow from all
</Location>
# nextcloud-aio-block-end
APACHE_CONF
fi
2021-11-30 18:20:42 +08:00
# Adjust certs
GENERATED_CERTS = "/mnt/docker-aio-config/certs"
TMP_CERTS = "/etc/apache2/certs"
mkdir -p " $GENERATED_CERTS "
2022-02-11 18:37:05 +08:00
cd " $GENERATED_CERTS " || exit 1
2021-11-30 18:20:42 +08:00
if ! [ -f ./ssl.crt ] && ! [ -f ./ssl.key ] ; then
openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=DE/ST=BE/L=Local/O=Dev/CN=nextcloud.local" -keyout ./ssl.key -out ./ssl.crt
fi
if [ -f ./ssl.crt ] && [ -f ./ssl.key ] ; then
2022-02-11 18:37:05 +08:00
cd " $TMP_CERTS " || exit 1
2021-11-30 18:20:42 +08:00
rm ./ssl.crt
rm ./ssl.key
cp " $GENERATED_CERTS /ssl.crt " ./
cp " $GENERATED_CERTS /ssl.key " ./
fi
2021-12-03 19:14:39 +08:00
2021-11-30 18:20:42 +08:00
print_green " Initial startup of Nextcloud All In One complete!
You should be able to open the Nextcloud AIO Interface now on port 8080 of this server!
E.g. https://internal.ip.of.this.server:8080
If your server has port 80 and 8443 open and you point a domain to your server, you can get a valid certificate automatially by opening the Nextcloud AIO Interface via:
https://your-domain-that-points-to-this-server.tld:8443"
2021-12-03 22:23:55 +08:00
exec " $@ "
