#!/bin/bash echo "For the following, please only use digits, UPPERCASE and lowercase." echo -n "Please provide a root password for your MariaDB: " read sqlrootpass echo -n "Please provide a name for the Nextcloud database: " read dbname echo -n "Please provide a user for the Nextcloud database: " read dbuser echo -n "Please provide a password for the Nextcloud database: " read dbpass echo -n "Please provide a name for the Nextcloud admin user: " read adminuser echo -n "Please provide a password for the Nextcloud admin user: " read adminpass ## First we update the server apt update && apt -y upgrade ## Now install some basic tools: ## curl - Tool for doing advanced http calls etc. Useful for working with APIs. ## wget - Tool for doing http downloads. ## apache2 - Web Server ## extrepo - Tool for automatic configuration of external repos for Debian ## unzip - Needed to extract the Nextcloud zip file apt -y install wget apache2 unzip sudo ## Now we enable Sury for installing the very latest PHP files curl -sSL https://packages.sury.org/php/README.txt | bash -x && apt update ## Now we install PHP 8.3 and required modules apt -y install php8.3-{ctype,curl,dom,gd,common,mysql,mbstring,opcache,posix,simplexml,xmlreader,xmlwriter,xmlrpc,xml,cli,zip,bz2,fpm,intl,ldap,smbclient,ftp,imap,bcmath,gmp,exif,apcu,memcached,redis,imagick} libapache2-mod-php8.3 libapache2-mod-fcgid libxml2 ## Configure Apache2 and PHP8.3 systemctl stop apache2 a2dismod php8.3 a2dismod mpm_prefork a2enmod mpm_event proxy proxy_fcgi setenvif rewrite a2enconf php8.3-fpm systemctl restart apache2 ## Set optimal settings for PHP to make Nextcloud happy... echo "max_execution_time = 240" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "memory_limit = 512M" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "post_max_size = 512M" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "upload_max_filesize = 2048M" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "[opcache]" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "opcache.enable=1" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "opcache.memory_consumption=1024" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "opcache.interned_strings_buffer=128" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "opcache.max_accelerated_files=50000" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "opcache.validate_timestamps=0" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "opcache.revalidate_freq=60" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini echo "opcache.save_comments=1" >> /etc/php/8.3/fpm/conf.d/99-nextcloud.ini systemctl restart php8.3-fpm.service ## Let's install MariaDB apt -y install mariadb-server mariadb-client ## Time to harden MariaDB systemctl enable mariadb systemctl start mariadb echo "UPDATE mysql.global_priv SET priv=json_set(priv, '$.password_last_changed', UNIX_TIMESTAMP(), '$.plugin', 'mysql_native_password', '$.authentication_string', 'invalid', '$.auth_or', json_array(json_object(), json_object('plugin', 'unix_socket'))) WHERE User='root';" | mysql echo "FLUSH PRIVILEGES;" | mysql echo "UPDATE mysql.global_priv SET priv=json_set(priv, '$.plugin', 'mysql_native_password', '$.authentication_string', PASSWORD('basic_single_escape \"$sqlrootpass\"')) WHERE User='root';" | mysql echo "DELETE FROM mysql.global_priv WHERE User='';" | mysql echo "DELETE FROM mysql.global_priv WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" | mysql echo "DROP DATABASE IF EXISTS test;" | mysql echo "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" | mysql echo "FLUSH PRIVILEGES;" | mysql ## Let's setup the database for Nextcloud echo "CREATE DATABASE $dbname; CREATE USER $dbuser@localhost IDENTIFIED BY '$dbpass'; GRANT ALL PRIVILEGES ON $dbname.* TO $dbuser@localhost; FLUSH PRIVILEGES;" | mysql ## Let's add support for SVG files... apt -y install librsvg2-bin sed -i 's|| \n|' /etc/ImageMagick-6/policy.xml apt -y install libmagickcore-6.q16-6-extra systemctl restart apache2 ## Time to download the latest copy of Nextcloud wget https://download.nextcloud.com/server/releases/latest.zip ## Unzip files to /var/www/html unzip latest.zip -d /var/www/ rm -R /var/www/html mv /var/www/nextcloud /var/www/html chown -R www-data:www-data /var/www/html ## Let's create a safe place for your files mkdir /home/nextcloudfiles chown -R www-data:www-data /home/nextcloudfiles ## Let's do the web install without a browser cd /var/www/html sudo -u www-data php occ maintenance:install --database="mysql" --database-host="localhost" --database-name="$dbname" --database-user="$dbuser" --database-pass="$dbpass" --admin-user="$adminuser" --admin-pass="$adminpass" --data-dir="/home/nextcloudfiles" ## Configuring Nextcloud cp /var/www/html/config/config.php /var/www/html/config/config.php.original sudo -u www-data php occ config:system:set trusted_domains 0 --value="*" sudo -u www-data php occ config:system:set maintenance_window_start --type=integer --value=1 ( crontab -u www-data -l 2>/dev/null; echo '*/5 * * * * php -f /var/www/html/cron.php' ) | crontab -u www-data - sudo -u www-data php occ maintenance:repair --include-expensive sudo -u www-data php occ config:system:set debug --type=boolean --value=false sudo -u www-data php occ config:system:set memcache.local --type=string --value=\OC\Memcache\APCu ## Let's make a script so you can use the occ CLI tool from anywhere on your server echo -e '#!/bin/bash\n\ncd /var/www/nextcloud\nsudo -u www-data php occ $@' > /usr/bin/occ && chmod +x /usr/bin/occ ## Clean up time... apt -y autoremove ## DONE echo "You can now configure your networking for static IP, but what I do," echo "is assign a static IP by using DHCP reservation in my Router." echo "You can forward port 80. This is because it's a selfsigned certificate." echo "If you have any issues, DM me on Reddit u/thisiszeev"