[WIP] Change to PostreSQL

README.md

@@ -1,4 +1,4 @@
-# Nextcloud VM
+# Nextcloud VM PostgreSQL
 [![irc](https://img.shields.io/badge/irc%20channel-%23techandme%20on%20freenode-blue.svg)](https://webchat.freenode.net/?channels=techandme) [![Build Status](https://travis-ci.org/nextcloud/vm.svg?branch=master)](https://travis-ci.org/nextcloud/vm) [![stable](http://badges.github.io/stability-badges/dist/stable.svg)](http://github.com/badges/stability-badges)
 
 ## Support the development
@@ -22,7 +22,7 @@ DigitalOcean example: https://youtu.be/LlqY5Y6P9Oc
 * A clean Ubuntu Server 16.04.X
 * OpenSSH (preferred)
 * 20 GB HDD
-* At least 1 vCPU and 2 GB RAM
+* At least 1 vCPU and 2 GB RAM (4 GB minimum of you are running OnlyOffice)
 * A working internet connection (the script needs it to download files and variables)
 
 #### Recommended

apps/calendar.sh

@@ -5,7 +5,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-CALENDAR_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+CALENDAR_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset CALENDAR_INSTALL
 
 # Check for errors + debug code and abort if something isn't right

apps/collabora.sh

@@ -2,7 +2,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-COLLABORA_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+COLLABORA_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset COLLABORA_INSTALL
 
 # Tech and Me © - 2017, https://www.techandme.se/

apps/contacts.sh

@@ -5,7 +5,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-CONTACTS_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+CONTACTS_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset CONTACTS_INSTALL
 
 # Check for errors + debug code and abort if something isn't right

apps/fail2ban.sh

@@ -5,7 +5,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 
 # Check for errors + debug code and abort if something isn't right
 # 1 = ON

apps/nextant.sh

@@ -5,7 +5,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-NEXTANT_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+NEXTANT_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset NEXTANT_INSTALL
 
 # Check for errors + debug code and abort if something isn't right

apps/onlyoffice.sh

@@ -2,7 +2,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-OO_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+OO_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset OO_INSTALL
 
 # Tech and Me © - 2017, https://www.techandme.se/

apps/passman.sh

@@ -2,7 +2,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-PASSMAN_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+PASSMAN_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset PASSMAN_INSTALL
 
 # Tech and Me © - 2017, https://www.techandme.se/

apps/phpmyadmin_install_ubuntu16.sh

@@ -5,7 +5,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-MYCNFPW=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+MYCNFPW=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset MYCNFPW
 
 # Check for errors + debug code and abort if something isn't right

apps/phppgadmin_install_ubuntu16.sh

@@ -0,0 +1,68 @@
+#!/bin/bash
+
+# Tech and Me © - 2017, https://www.techandme.se/
+
+# shellcheck disable=2034,2059
+true
+# shellcheck source=lib.sh
+. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
+
+# Check for errors + debug code and abort if something isn't right
+# 1 = ON
+# 0 = OFF
+DEBUG=0
+debug_mode
+
+# Check if root
+if ! is_root
+then
+    printf "\n${Red}Sorry, you are not root.\n${Color_Off}You must type: ${Cyan}sudo ${Color_Off}bash %s/phppgadmin_install_ubuntu16.sh\n" "$SCRIPTS"
+    sleep 3
+    exit 1
+fi
+
+# Check that the script can see the external IP (apache fails otherwise)
+if [ -z "$WANIP4" ]
+then
+    echo "WANIP4 is an emtpy value, Apache will fail on reboot due to this. Please check your network and try again"
+    sleep 3
+    exit 1
+fi
+
+# Check Ubuntu version
+if [ "$OS" != 1 ]
+then
+    echo "Ubuntu Server is required to run this script."
+    echo "Please install that distro and try again."
+    sleep 3
+    exit 1
+fi
+
+
+if ! version 16.04 "$DISTRO" 16.04.4; then
+    echo "Ubuntu version seems to be $DISTRO"
+    echo "It must be between 16.04 - 16.04.4"
+    echo "Please install that version and try again."
+    exit 1
+fi
+
+echo
+echo "Installing and securing phpPGadmin..."
+echo "This may take a while, please don't abort."
+echo
+
+# Install phpPGadmin
+apt update -q4 & spinner_loading
+apt install -y -q \
+    php-gettext \
+    phppgadmin
+
+# Allow local access
+sed -i "s|Require local|Require ip $GATEWAY/24|g" /etc/apache2/conf-available/phppgadmin.conf
+
+if ! service apache2 restart
+then
+    echo "Apache2 could not restart..."
+    echo "The script will exit."
+    exit 1
+fi

apps/previewgenerator.sh

@@ -5,7 +5,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-PREVIEW_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+PREVIEW_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset PREVIEW_INSTALL
 
 # Check for errors + debug code and abort if something isn't right

apps/spreedme.sh

@@ -5,7 +5,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 
 # Check for errors + debug code and abort if something isn't right
 # 1 = ON

apps/webmin.sh

@@ -5,7 +5,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 
 # Check for errors + debug code and abort if something isn't right
 # 1 = ON

lets-encrypt/activate-ssl.sh

@@ -2,7 +2,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 
 # Tech and Me © - 2017, https://www.techandme.se/
 

lets-encrypt/test-new-config.sh

@@ -2,7 +2,7 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+. <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 
 # Tech and Me © - 2017, https://www.techandme.se/
 

lib.sh

@@ -30,7 +30,7 @@ INTERFACES="/etc/network/interfaces"
 NETMASK=$($IFCONFIG | grep -w inet |grep -v 127.0.0.1| awk '{print $4}' | cut -d ":" -f 2)
 GATEWAY=$(route -n|grep "UG"|grep -v "UGH"|cut -f 10 -d " ")
 # Repo
-GITHUB_REPO="https://raw.githubusercontent.com/nextcloud/vm/master"
+GITHUB_REPO="https://raw.githubusercontent.com/nextcloud/vm/postgresql"
 STATIC="$GITHUB_REPO/static"
 LETS_ENC="$GITHUB_REPO/lets-encrypt"
 APP="$GITHUB_REPO/apps"
@@ -42,15 +42,19 @@ NCUSER=ncadmin
 UNIXUSER=$SUDO_USER
 UNIXUSER_PROFILE="/home/$UNIXUSER/.bash_profile"
 ROOT_PROFILE="/root/.bash_profile"
-# MARIADB
+# Database
 SHUF=$(shuf -i 25-29 -n 1)
 MARIADB_PASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
 NEWMARIADBPASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
+PGDB_PASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
+NEWPGPASS=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$SHUF" | head -n 1)
 [ ! -z "$NCDB" ] && NCCONFIGDB=$(grep "dbname" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g")
+[ ! -z "$NCDBPASS" ] && NCCONFIGDBPASS=$(grep "dbpassword" $NCPATH/config/config.php | awk '{print $3}' | sed "s/[',]//g")
 MYCNF=/root/.my.cnf
 [ ! -z "$MYCNFPW" ] && MARIADBMYCNFPASS=$(grep "password" $MYCNF | sed -n "/password/s/^password='\(.*\)'$/\1/p")
 # Path to specific files
 PHPMYADMIN_CONF="/etc/apache2/conf-available/phpmyadmin.conf"
+PHPMPGDMIN_CONF="/etc/apache2/conf-available/phppgadmin.conf"
 SECURE="$SCRIPTS/setup_secure_permissions_nextcloud.sh"
 SSL_CONF="/etc/apache2/sites-available/nextcloud_ssl_domain_self_signed.conf"
 HTTP_CONF="/etc/apache2/sites-available/nextcloud_http_domain_self_signed.conf"
@@ -175,6 +179,15 @@ sed -i 's/  php_value post_max_size.*/# php_value post_max_size 511M/g' "$NCPATH
 sed -i 's/  php_value memory_limit.*/# php_value memory_limit 512M/g' "$NCPATH"/.htaccess
 }
 
+# Check if program is installed (is_this_installed apache2)
+is_this_installed() {
+if [ "$(dpkg-query -W -f='${Status}' "${1}" 2>/dev/null | grep -c "ok installed")" == "1" ]
+then
+    echo "${1} is installed, it must be a clean server."
+    exit 1
+fi
+}
+
 # Test RAM size 
 # Call it like this: ram_check [amount of min RAM in GB] [for which program]
 # Example: ram_check 2 Nextcloud

nextcloud-startup-script.sh

@@ -2,10 +2,9 @@
 # shellcheck disable=2034,2059
 true
 # shellcheck source=lib.sh
-NCDB=1 && MYCNFPW=1 && FIRST_IFACE=1 && CHECK_CURRENT_REPO=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+NCDB=1 && FIRST_IFACE=1 && CHECK_CURRENT_REPO=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
 unset FIRST_IFACE
 unset CHECK_CURRENT_REPO
-unset MYCNFPW
 unset NCDB
 
 # Tech and Me © - 2017, https://www.techandme.se/
@@ -54,7 +53,7 @@ else
     mv /etc/network/interfaces.new /etc/network/interfaces
     service networking restart
     # shellcheck source=lib.sh
-    CHECK_CURRENT_REPO=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh)
+    CHECK_CURRENT_REPO=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/postgresql/lib.sh)
     unset CHECK_CURRENT_REPO
 fi
 
@@ -110,7 +109,7 @@ download_static_script trusted
 download_static_script ip
 download_static_script test_connection
 download_static_script setup_secure_permissions_nextcloud
-download_static_script change_mysql_pass
+download_static_script change_db_pass
 download_static_script nextcloud
 download_static_script update-config
 download_static_script index
@@ -135,9 +134,8 @@ echo "| This script will configure your Nextcloud and activate SSL.        |"
 echo "| It will also do the following:                                     |"
 echo "|                                                                    |"
 echo "| - Generate new SSH keys for the server                             |"
-echo "| - Generate new MARIADB password                                    |"
-echo "| - Configure UTF8mb4 (4-byte support for MARIADB)                   |"
-echo "| - Install phpMyadmin and make it secure                            |"
+echo "| - Generate new PostgreSQL password                                 |"
+echo "| - Install phpPGadmin and make it secure                            |"
 echo "| - Install selected apps and automatically configure them           |"
 echo "| - Detect and set hostname                                          |"
 echo "| - Upgrade your system and Nextcloud to latest version              |"
@@ -242,44 +240,9 @@ rm -v /etc/ssh/ssh_host_*
 dpkg-reconfigure openssh-server
 
 # Generate new MARIADB password
-echo "Generating new MARIADB password..."
-if bash "$SCRIPTS/change_mysql_pass.sh" && wait
-then
-   rm "$SCRIPTS/change_mysql_pass.sh"
-   {
-   echo
-   echo "[mysqld]"
-   echo "innodb_large_prefix=on"
-   echo "innodb_file_format=barracuda"
-   echo "innodb_flush_neighbors=0"
-   echo "innodb_adaptive_flushing=1"
-   echo "innodb_flush_method = O_DIRECT"
-   echo "innodb_doublewrite = 0"
-   echo "innodb_file_per_table = 1"
-   echo "innodb_flush_log_at_trx_commit=1"
-   echo "init-connect='SET NAMES utf8mb4'"
-   echo "collation_server=utf8mb4_unicode_ci"
-   echo "character_set_server=utf8mb4"
-   echo "skip-character-set-client-handshake"
-
-   echo "[mariadb]"
-   echo "innodb_use_fallocate = 1"
-   echo "innodb_use_atomic_writes = 1"
-   echo "innodb_use_trim = 1"
-   } >> /root/.my.cnf
-fi
-
-# Enable UTF8mb4 (4-byte support)
-printf "\nEnabling UTF8mb4 support on $NCCONFIGDB....\n"
-echo "Please be patient, it may take a while."
-sudo /etc/init.d/mysql restart & spinner_loading
-RESULT="mysqlshow --user=root --password=$MARIADBMYCNFPASS $NCCONFIGDB| grep -v Wildcard | grep -o $NCCONFIGDB"
-if [ "$RESULT" == "$NCCONFIGDB" ]; then
-    check_command mysql -u root -e "ALTER DATABASE $NCCONFIGDB CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
-    wait
-fi
-check_command sudo -u www-data $NCPATH/occ config:system:set mysql.utf8mb4 --type boolean --value="true"
-check_command sudo -u www-data $NCPATH/occ maintenance:repair
+echo "Generating new PostgreSQL password..."
+check_command bash "$SCRIPTS/change_db_pass.sh"
+sleep 3
 clear
 
 cat << LETSENC
@@ -310,7 +273,7 @@ clear
 
 whiptail --title "Which apps do you want to install?" --checklist --separate-output "Automatically configure and install selected apps\nSelect by pressing the spacebar" "$WT_HEIGHT" "$WT_WIDTH" 4 \
 "Fail2ban" "(Extra Bruteforce protection)   " OFF \
-"phpMyadmin" "(*SQL GUI)       " OFF \
+"phpPGadmin" "(PostgreSQL GUI)       " OFF \
 "Collabora" "(Online editing 2GB RAM)   " OFF \
 "OnlyOffice" "(Online editing 4GB RAM)   " OFF \
 "Nextant" "(Full text search)   " OFF \
@@ -324,8 +287,8 @@ do
             run_app_script fail2ban
 
         ;;
-        phpMyadmin)
-            run_app_script phpmyadmin_install_ubuntu16
+        phpPGadmin)
+            run_app_script phppgadmin_install_ubuntu16
         ;;
 
         OnlyOffice)
@@ -467,7 +430,7 @@ printf "|         ${Color_Off}Login to Nextcloud in your browser: ${Cyan}\"$ADDR
 echo    "|                                                                    |"
 printf "|         ${Color_Off}Publish your server online! ${Cyan}https://goo.gl/iUGE2U${Green}          |\n"
 echo    "|                                                                    |"
-printf "|         ${Color_Off}To login to MARIADB just type: ${Cyan}'mysql -u root'${Green}             |\n"
+printf "|         ${Color_Off}To login to PostgreSQL just type: ${Cyan}'sudo -u postgres psql'${Green}             |\n"
 echo    "|                                                                    |"
 printf "|   ${Color_Off}To update this VM just type: ${Cyan}'sudo bash /var/scripts/update.sh'${Green}  |\n"
 echo    "|                                                                    |"