Commit 84140d05 authored by Alain Takoudjou's avatar Alain Takoudjou

Add Nextcloud software Release

parent 3d473964
<VirtualHost *:{{ parameter_dict['port'] }}>
ServerAdmin admin@example.com
DocumentRoot {{ parameter_dict['document-root'] }}
SetEnvIf Origin "^http(s)?://(.+\.)?(app\.officejs\.com)$" ORIGIN_DOMAIN=$0
Header always set Access-Control-Allow-Origin "%{ORIGIN_DOMAIN}e" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Credentials "true" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST" env=ORIGIN_DOMAIN
Header always set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization" env=ORIGIN_DOMAIN
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
<Directory {{ parameter_dict['document-root'] }}>
Options +FollowSymlinks
AllowOverride All
Require all granted
SetEnv HOME {{ parameter_dict['document-root'] }}
SetEnv HTTP_HOME {{ parameter_dict['document-root'] }}
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
</VirtualHost>
\ No newline at end of file
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "Parameters to instantiate Grafana",
"additionalProperties": false,
"properties": {
"domain": {
"title": "Authorized domain on nextcloud",
"description": "Trusted domain used to connect to Nextcloud instance.",
"type": "string"
},
"monitor-interface-url": {
"title": "Monitor Web Interface URL",
"description": "Give Url of HTML web interface that will be used to render this monitor instance.",
"type": "string",
"format": "uri",
"default": "https://monitor.app.officejs.com"
},
"monitor-cors-domains": {
"title": "Monitor CORS domains",
"description": "List of cors domains separated with space. Needed for ajax query on this monitor instance from a different domain.",
"type": "string",
"default": "monitor.app.officejs.com"
},
"innodb-file-per-table": {
"title": "Enable/disable innodb_file_per_table",
"description": "See MariaDB documentation on innodb_file_per_table",
"minimum": 0,
"maximum": 1,
"default": 0,
"type": "integer"
},
"apache-computer-guid": {
"title": "Computer ID for Apache Instance.",
"description": "Unique identifier of the computer, like \"COMP-1234\". By default, let Master choose a computer.",
"type": "string"
},
"mariadb-computer-guid": {
"title": "Computer ID for Mariadb Instance.",
"description": "Unique identifier of the computer, like \"COMP-1234\". By default, let Master choose a computer.",
"type": "string"
},
"instance.mail-from": {
"title": "Mail from",
"description": "From",
"type": "string"
},
"instance.mail-domain": {
"title": "Mail domain name",
"description": "Domain name",
"type": "string"
},
"instance.mail-smtpauthtype": {
"title": "SMTP Auth type",
"description": "Mail SMTP auth type. Default: LOGIN",
"type": "string",
"default": "LOGIN"
},
"instance.mail-smtpauth": {
"title": "SMTP auth required",
"description": "Verify SSL certificate of SMTP server. Default: Yes",
"minimum": 0,
"maximum": 1,
"default": 0,
"type": "integer"
},
"instance.mail-smtpport": {
"title": "SMTP port",
"description": "Mail SMTP Port. Default: 587",
"type": "integer",
"default": 587
},
"instance.mail-smtphost": {
"title": "SMTP host",
"description": "Mail SMTP host",
"type": "string"
},
"instance.mail-smtpname": {
"title": "SMTP name",
"description": "Mail SMTP server name.",
"type": "string"
},
"instance.mail-smtppassword": {
"title": "SMTP password",
"description": "Password to connect to SMTP server.",
"type": "string"
},
"instance.collabora-url": {
"title": "Collabora URL",
"description": "Collabora server URL",
"type": "string",
"format": "uri",
"default": "https://collabora.host.vifib.net"
},
"instance.stun-server": {
"title": "Stun server address",
"description": "Hostname of stun server. Default: turn.vifib.com:5349",
"type": "string",
"default": "turn.vifib.com:5349"
},
"instance.turn-server": {
"title": "Turn server address",
"description": "Hostname of turn server.",
"default": "",
"type": "string"
},
"instance.turn-secret": {
"title": "Turn server secret",
"description": "Turn secret to use for authentification.",
"type": "string"
},
"instance.cli-url": {
"title": "Nextcloud cli URL",
"description": "Nextcloud cli URL, the default will be Nextcloud url.",
"type": "string",
"format": "uri"
},
"instance.trusted-domain-1": {
"title": "Authorized domain on nextcloud",
"description": "Trusted domain used to connect to Nextcloud instance.",
"type": "string"
},
"instance.trusted-domain-2": {
"title": "Second authorized domain on nextcloud",
"description": "Trusted domain used to connect to Nextcloud instance.",
"type": "string"
}
}
}
\ No newline at end of file
#!/bin/bash
set -e
set -x
php_cmd () {
{{ parameter_dict['php-bin'] }} -c {{ parameter_dict['php-ini'] }} $@
}
status=$(php_cmd {{ parameter_dict['nextcloud'] }}/occ status | grep 'installed: true' || true)
if [ ! -z "$status" ]; then
echo "Nextcloud is installed!"
exit 1;
fi
if [ ! -f "{{ parameter_dict['nextcloud'] }}/config/CAN_INSTALL" ]; then
echo "CAN_INSTALL no exists in config, cannot make a new install, Nextcloud is already installed."
exit 1
fi
php_cmd {{ parameter_dict['nextcloud'] }}/occ maintenance:install \
--database "mysql" --database-name "{{ parameter_dict['db-name'] }}" --database-user "{{ parameter_dict['db-user'] }}" \
--database-pass "{{ parameter_dict['db-password'] }}" --admin-user "{{ parameter_dict['admin-user'] }}" \
--database-host "{{ parameter_dict['db-host'] }}:{{ parameter_dict['db-port'] }}" \
--admin-pass "{{ parameter_dict['admin-password'] }}" --data-dir "{{ parameter_dict['data-dir'] }}"
{% for trusted_domain in parameter_dict['trusted-domain-list'].split() -%}
{% if trusted_domain.strip() -%}
php_cmd {{ parameter_dict['nextcloud'] }}/occ config:system:set trusted_domains {{ loop.index - 1 }} --value={{ trusted_domain.strip() }}
{% endif -%}
{% endfor -%}
php_cmd {{ parameter_dict['nextcloud'] }}/occ config:system:set overwrite.cli.url --value={{ parameter_dict['cli-url'] }}
php_cmd {{ parameter_dict['nextcloud'] }}/occ background:cron
sed -i 's/^[ ]*//' {{ parameter_dict['nextcloud'] }}/config/config.php
sed -i '/);/d' {{ parameter_dict['nextcloud'] }}/config/config.php
cat <<EOF >> {{ parameter_dict['nextcloud'] }}/config/config.php
'mysql.utf8mb4' => true,
'mail_smtpmode' => 'smtp',
'mail_smtpsecure' => 'tls',
'mail_sendmailmode' => 'smtp',
'mail_from_address' => '{{ parameter_dict["mail.from"] }}',
'mail_domain' => '{{ parameter_dict["mail.domain"] }}',
'mail_smtpauthtype' => '{{ parameter_dict["mail.smtpauthtype"] }}',
'mail_smtpauth' => {{ parameter_dict["mail.smtpauth"] }},
'mail_smtpport' => '{{ parameter_dict["mail.smtpport"] }}',
'mail_smtphost' => '{{ parameter_dict["mail.smtphost"] }}',
'mail_smtpname' => '{{ parameter_dict["mail.smtpname"] }}',
'mail_smtppassword' => '{{ parameter_dict["mail.smtppassword"] }}',
'activity_expire_days' => 14,
'auth.bruteforce.protection.enabled' => true,
'forwarded_for_headers' =>
array (
0 => 'HTTP_X_FORWARDED',
),
{% set trusted_proxy_list = parameter_dict['trusted-proxy-list'].strip().split(' ') -%}
{% if len(trusted_proxy_list) > 0 -%}
'trusted_proxies' =>
array (
{% for proxy in trusted_proxy_list -%}
{% if proxy -%}
{{ ' ' ~ (loop.index - 1) }} => '{{ proxy }}',
{% endif -%}
{% endfor -%}
),
{% endif -%}
'blacklisted_files' =>
array (
0 => '.htaccess',
1 => 'Thumbs.db',
2 => 'thumbs.db',
),
'csrf.optout' =>
array (
0 => '/^WebDAVFS/',
1 => '/^Microsoft-WebDAV-MiniRedir/',
2 => '/^\\.jio_documents/',
),
'cron_log' => true,
'enable_previews' => true,
'enabledPreviewProviders' =>
array (
0 => 'OC\\Preview\\PNG',
1 => 'OC\\Preview\\JPEG',
2 => 'OC\\Preview\\GIF',
3 => 'OC\\Preview\\BMP',
4 => 'OC\\Preview\\XBitmap',
5 => 'OC\\Preview\\Movie',
6 => 'OC\\Preview\\PDF',
7 => 'OC\\Preview\\MP3',
8 => 'OC\\Preview\\TXT',
9 => 'OC\\Preview\\MarkDown',
),
'filesystem_check_changes' => 0,
'filelocking.enabled' => 'true',
'htaccess.RewriteBase' => '/',
'integrity.check.disabled' => false,
'knowledgebaseenabled' => false,
'logfile' => '{{ parameter_dict["data-dir"] }}/nextcloud.log',
'loglevel' => 2,
'log_rotate_size' => 104857600,
'maintenance' => false,
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'overwriteprotocol' => 'https',
'preview_max_x' => 1024,
'preview_max_y' => 768,
'preview_max_scale_factor' => 1,
'redis' =>
array (
'host' => '{{ parameter_dict["redis-socket"] }}',
'port' => 0,
'timeout' => 0.0,
),
'quota_include_external_storage' => false,
'share_folder' => '/Shares',
'skeletondirectory' => '',
'theme' => '',
'trashbin_retention_obligation' => 'auto, 7',
'updater.release.channel' => 'stable',
);
EOF
# Install some nextcloud app
php_cmd {{ parameter_dict['nextcloud'] }}/occ app:install spreed
php_cmd {{ parameter_dict['nextcloud'] }}/occ app:install richdocuments
php_cmd {{ parameter_dict['nextcloud'] }}/occ app:install calendar
php_cmd {{ parameter_dict['nextcloud'] }}/occ app:install rainloop
php_cmd {{ parameter_dict['nextcloud'] }}/occ app:install news
php_cmd {{ parameter_dict['nextcloud'] }}/occ config:app:set richdocuments wopi_url --value="{{ parameter_dict.get('collabora-url', '') }}"
php_cmd {{ parameter_dict['nextcloud'] }}/occ config:app:set spreed stun_servers --value="[\"{{ parameter_dict['stun-server'] }}\"]"
php_cmd {{ parameter_dict['nextcloud'] }}/occ config:app:set spreed turn_servers --value="[{\"server\":\"{{ parameter_dict['turn-server'] }}\",\"secret\":\"{{ parameter_dict['turn-secret'] }}\",\"protocols\":\"udp,tcp\"}]"
sed -i 's#useCronUpdates\s*=.*#useCronUpdates = false#g' {{ parameter_dict['data-dir'] }}/news/config/config.ini
if [ -f "{{ parameter_dict['nextcloud'] }}/config/CAN_INSTALL" ]; then
rm {{ parameter_dict['nextcloud'] }}/config/CAN_INSTALL
fi
\ No newline at end of file
#############
# Redis #
#############
[nc-directory]
recipe = slapos.cookbook:mkdirectory
redis = ${directory:srv}/redis
redis-log = ${directory:log}/redis
data = ${directory:srv}/data
backup = ${directory:backup}/nextcloud
[service-redis]
recipe = slapos.cookbook:redis.server
wrapper = ${directory:services}/redis
promise_wrapper = ${directory:promises}/redis
server_dir = ${nc-directory:redis}
config_file = ${directory:etc}/redis.conf
log_file = ${nc-directory:redis-log}/redis.log
pid_file = ${directory:run}/redis.pid
use_passwd = false
unixsocket = ${:server_dir}/redis.socket
# port = 0 means "don't listen on TCP at all" - listen only on unix socket
ipv6 = ::1
port = 0
server_bin = {{ redis_bin }}
depend =
${logrotate-entry-redis:recipe}
[logrotate-entry-redis]
<= logrotate-entry-base
name = redis
log = ${nc-directory:redis-log}/*.log
frequency = daily
rotate-num = 30
[instance-parameter]
nextcloud = ${:document-root}
admin-user = admin
admin-password = admin
trusted-domain-list =
[${apache-php-configuration:ip}]:${apache-php-configuration:port}
${slap-parameter:instance.trusted-domain-1}
${slap-parameter:instance.trusted-domain-2}
trusted-proxy-list = ${slap-parameter:instance.trusted-proxy-list}
cli-url = ${slap-parameter:instance.cli-url}
data-dir = ${nc-directory:data}
redis-socket = ${service-redis:unixsocket}
#php.ini parameters
php.memory_limit = 512M
php.date.timezone = Europe/Paris
php.upload_max_filesize = 10240M
php.post_max_size = 10240M
php.session.cookie_secure = True
php.max_execution_time = 1800
php.max_input_time = 3600
php.output_buffering = 'Off'
php.max_file_uploads = 100
#SMTP settings
mail.from = ${slap-parameter:instance.mail-from}
mail.domain = ${slap-parameter:instance.mail-domain}
mail.smtpauthtype = ${slap-parameter:instance.mail-smtpauthtype}
mail.smtpauth = ${slap-parameter:instance.mail-smtpauth}
mail.smtpport = ${slap-parameter:instance.mail-smtpport}
mail.smtphost = ${slap-parameter:instance.mail-smtphost}
mail.smtpname = ${slap-parameter:instance.mail-smtpname}
mail.smtppassword = ${slap-parameter:instance.mail-smtppassword}
# Instance configuration
collabora-url = ${slap-parameter:instance.collabora-url}
stun-server = ${slap-parameter:instance.stun-server}
turn-server = ${slap-parameter:instance.turn-server}
turn-secret = ${slap-parameter:instance.turn-secret}
[nextcloud-install.sh]
recipe = slapos.recipe.template:jinja2
template = {{ nextcloud_install_sh }}
rendered = ${directory:scripts}/nextcloud-install
context =
section parameter_dict instance-parameter
mode = 744
depends =
${service-redis:recipe}
${nextcloud-cron:recipe}
${nextcloud-optimize:recipe}
${nextcloud-apache-httpd:recipe}
${nextcloud-backup-cron:recipe}
${nextcloud-news-updater:recipe}
[nextcloud-apache-httpd]
recipe = slapos.recipe.template:jinja2
template = {{ nextcloud_apache_httpd }}
rendered = ${directory:apache.d}/nextcloud.conf
context =
section parameter_dict apache-php-configuration
mode = 744
[nextcloud-cron]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = nextcloud
frequency = */5 * * * *
command = ${php-bin:wrapper-path} -f ${instance-parameter:nextcloud}/cron.php
[nextcloud-optimize-bin]
recipe = collective.recipe.template
input = inline:#!/bin/bash
{{ redis_cli }} -s ${instance-parameter:redis-socket} <<EOF
FLUSHALL
quit
EOF
${php-bin:wrapper-path} ${instance-parameter:nextcloud}/occ files:scan --all
${php-bin:wrapper-path} ${instance-parameter:nextcloud}/occ files:scan-app-data
exit 0
output = ${directory:bin}/nextcloud-optimize
mode = 744
[nextcloud-backup]
recipe = collective.recipe.template
input = inline:#!/bin/bash
${php-bin:wrapper-path} ${instance-parameter:nextcloud}/occ app:list --output json > ${nc-directory:backup}/app-list.json
cp -r ${instance-parameter:nextcloud}/config ${nc-directory:backup}
exit 0
output = ${directory:bin}/nextcloud-backup
mode = 744
[nextcloud-backup-cron]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = nextcloud-backup
frequency = 0 0 * * * *
command = ${nextcloud-backup:output}
[nextcloud-optimize]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = nextcloud-optimize
frequency = 5 1 * * *
command = ${nextcloud-optimize-bin:output}
[nextcloud-news-updater]
recipe = collective.recipe.template
input = inline:#!/bin/sh
cd {{ news_updater_location }}
export PATH={{ php_location }}/bin:$PATH
{{ python3_location}}/bin/python3 -m nextcloud_news_updater --phpini ${php.ini-conf:rendered} \
--interval 300 --mode endless --loglevel info ${instance-parameter:nextcloud}
output = ${directory:scripts}/nextcloud-news-updater
mode = 744
[php-bin]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:bin}/php
command-line = ${instance-parameter:php-bin} -c ${php.ini-conf:rendered}
[publish-connection-information]
admin-user = ${instance-parameter:admin-user}
admin-password = ${instance-parameter:admin-password}
[slap-parameter]
instance.mail-from = Nextcloud
instance.mail-domain = nextcloud@example.com
instance.mail-smtpauthtype = LOGIN
instance.mail-smtpauth = 1
instance.mail-smtpport = 587
instance.mail-smtphost =
instance.mail-smtpname =
instance.mail-smtppassword =
instance.collabora-url = https://collabora.host.vifib.net/
instance.stun-server = turn.vifib.com:5349
instance.turn-server =
instance.turn-secret =
instance.cli-url = ${apache-php-configuration:url}
instance.trusted-domain-1 =
instance.trusted-domain-2 =
instance.trusted-proxy-list =
\ No newline at end of file
{
"name": "Output Parameters",
"properties": {
"backend-url": {
"title": "Backend URL",
"description": "URL used to connect directly to backend without frontend. Requires IPv6.",
"type": "string",
"format": "uri",
"require": true
},
"url": {
"title": "URL",
"description": "URL used to connect to the service.",
"type": "string",
"format": "uri",
"require": false
}
}
}
[buildout]
extends =
../../component/redis/buildout.cfg
../../component/python3/buildout.cfg
../../stack/lamp/buildout.cfg
[nc-download-base]
recipe = hexagonit.recipe.download
ignore-existing = true
download-only = true
url = ${:_profile_base_location_}/${:filename}
mode = 0644
[application]
url = https://download.nextcloud.com/server/releases/nextcloud-16.0.3.tar.bz2
md5sum = d81902d2dec5d547779bec6336a438be
[template-nextcloud-install.sh]
<= nc-download-base
filename = nextcloud-install.sh.in
md5sum = a2281f86f6a26a8ff40a57a495505977
[template-apache-httpd]
<= nc-download-base
filename = apache-httpd.conf.in
md5sum = f3bca64bf991526fd8221035a86aacbf
[template-nextcloud-instance]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/nextcloud-instance.cfg.in
rendered = ${buildout:directory}/instance-nextcloud.cfg
extensions = jinja2.ext.do
md5sum = 0dd3eea61be79135810b0c2286c520b5
context =
key gzip_location gzip:location
key python3_location python3.6.6:location
key news_updater_location news-updater:location
key php_location apache-php:location
raw redis_bin ${redis:location}/bin/redis-server
raw redis_cli ${redis:location}/bin/redis-cli
raw nextcloud_install_sh ${template-nextcloud-install.sh:location}/${template-nextcloud-install.sh:filename}
raw nextcloud_apache_httpd ${template-apache-httpd:location}/${template-apache-httpd:filename}
[custom-application-deployment]
path = ${template-nextcloud-instance:rendered}
part-list = nextcloud-install.sh
[news-updater]
recipe = hexagonit.recipe.download
url = https://github.com/nextcloud/news-updater/archive/10.0.1.tar.gz
md5sum = 37387199c0482e08d01e9294cd95eaad
strip-top-level-dir = true
\ No newline at end of file
{
"name": "Nextcloud",
"description": "Nextcloud",
"serialisation": "xml",
"software-type": {
"default": {
"title": "Default",
"description": "Instance Nextcloud",
"request": "nextcloud-input-schema.json",
"response": "nextcloud-output-schema.json",
"index": 0
}
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment