diff --git a/install_nextcloud.sh b/install_nextcloud.sh index a4bd369..8501b9a 100755 --- a/install_nextcloud.sh +++ b/install_nextcloud.sh @@ -22,19 +22,25 @@ clean_up() { if [[ -f "$_backup_crontab_file" ]]; then - echo "" >> $log_file - echo "# - (Re)Install previously saved crontab from '$_backup_crontab_file'" >> $log_file - echo "# -" >> $log_file echononl "(Re)Install previously saved crontab from '$_backup_crontab_file'.." + if [[ -n "$log_file" ]] ; then + echo "" >> $log_file + echo "# - (Re)Install previously saved crontab from '$_backup_crontab_file'" >> $log_file + echo "# -" >> $log_file + echo "crontab $_backup_crontab_file" >> $log_file + crontab $_backup_crontab_file >> $log_file 2>&1 + else + crontab $_backup_crontab_file >> $err_log 2>&1 + fi - echo "crontab $_backup_crontab_file" >> $log_file - crontab $_backup_crontab_file >> $log_file 2>&1 if [[ $? -eq 0 ]]; then echo_ok else echo_failed - error "For more informations see log output at '$log_file'." + if [[ -n "$log_file" ]] ; then + error "For more informations see log output at '$log_file'." + fi fi fi @@ -110,7 +116,6 @@ fatal (){ echo "fatal: $*" echo "Script will be interrupted.." fi - echo "" clean_up 1 } @@ -196,7 +201,6 @@ blank_line() { - # ---------- # - Jobhandling # ---------- @@ -1412,7 +1416,7 @@ if ! $INSTALL_COLABORA_SERVICE ; then if $COLABORA_SERVICE_INSTALLED ; then info "ColaboraOnline Service (loolwsd) is already installed." else - warn "ColaboraOnline Service is not installed!" + warn "ColaboraOnline Service is not requested for installation!" fi else @@ -1428,9 +1432,9 @@ else #apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0C54D189F4BA284D >> $log_file 2>&1 echo "wget -O /tmp/co-apt.key \\ - https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/repodata/repomd.xml.key" >> $log_file + https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg" >> $log_file wget -O /tmp/co-apt.key \ - https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/repodata/repomd.xml.key >> $log_file 2>&1 + https://collaboraoffice.com/downloads/gpg/collaboraonline-release-keyring.gpg >> $log_file 2>&1 if [[ "$?" -gt 0 ]]; then _failed=true @@ -1539,7 +1543,7 @@ EOF done if $_failed ; then - error "Something went wrong with installing debian packages .." + error "Something went wrong with installing debian packages (ColaboraOnline).." echononl "continue anyway [yes/no]: " read OK @@ -1705,17 +1709,24 @@ EOF blank_line - if $apache2_installed ; then - - # - Create Apache2 vhost configuration for ColaboraOnline service - # - - if [[ -e "/var/lib/dehydrated/certs/${HOSTNAME_CO}/fullchain.pem" ]]; then - server_cert="/var/lib/dehydrated/certs/${HOSTNAME_CO}/fullchain.pem" - server_key="/var/lib/dehydrated/certs/${HOSTNAME_CO}/privkey.pem" - else + # - Check if regular certificates for ${HOSTNAME_CO} already present + # - + if [[ -e "/var/lib/dehydrated/certs/${HOSTNAME_CO}/fullchain.pem" ]]; then + server_cert="/var/lib/dehydrated/certs/${HOSTNAME_CO}/fullchain.pem" + server_key="/var/lib/dehydrated/certs/${HOSTNAME_CO}/privkey.pem" + else + if $apache2_installed && [[ -f "/usr/local/apache2/conf/server-bundle.crt" ]] \ + && [[ -f "/usr/local/apache2/conf/server.key" ]] ; then server_cert="/usr/local/apache2/conf/server-bundle.crt" server_key="/usr/local/apache2/conf/server.key" + else + server_key="/etc/ssl/private//etc/ssl/private" + server_cert="/etc/ssl/certs/ssl-cert-snakeoil.pem" fi + fi + + if $apache2_installed ; then + if [[ -d "$apache_vhost_dir" ]] ; then @@ -1871,9 +1882,200 @@ EOF COLABORA_SERVICE_INSTALLED=true fi - else - warn "ColaboraOnline for webserver 'Nginx' not yet implemented" + elif $nginx_installed ; then + + if [[ -d "$nginx_vhost_dir" ]]; then + + # - Remove symlink for nginx vhost file (if exists) + # - + if [[ -h "${nginx_vhost_enabled_dir}/${HOSTNAME_CO}.conf" ]]; then + + echo "" >> $log_file + echo "# - Remove existing Symlink '${nginx_vhost_enabled_dir}/${HOSTNAME_CO}.conf'" >> $log_file + echo "# -" >> $log_file + echononl "Remove existing Symlink '${nginx_vhost_enabled_dir}/${HOSTNAME_CO}.conf'" >> $log_file + + echo "rm -f \"${nginx_vhost_enabled_dir}/${HOSTNAME_CO}.conf\"" >> $log_file + rm -f "${nginx_vhost_enabled_dir}/${HOSTNAME_CO}.conf" >> $log_file 2>&1 + + if [ "$?" = 0 ]; then + echo_ok + else + echo_failed + error "For more informations see log output at '$log_file'." + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted ny user." + fi + + fi # if [[ -h "${nginx_vhost_enabled_dir}/${HOSTNAME_CO}.conf" ]]; then + + # - Backup nginx vhost file if exists + # - + if [[ -f "${nginx_vhost_dir}/${HOSTNAME_CO}.conf" ]]; then + + echo "" >> $log_file + echo "# - Backup existing file '${nginx_vhost_dir}/${HOSTNAME_CO}.conf'" >> $log_file + echo "# -" >> $log_file + echononl "Backup existing file '${nginx_vhost_dir}/${HOSTNAME_CO}.conf'" >> $log_file + + echo "mv \"${nginx_vhost_dir}/${HOSTNAME_CO}.conf\" \"${nginx_vhost_dir}/${HOSTNAME_CO}.conf.$backup_date\"" >> $log_file + mv "${nginx_vhost_dir}/${HOSTNAME_CO}.conf" "${nginx_vhost_dir}/${HOSTNAME_CO}.conf.$backup_date" >> $log_file 2>&1 + + if [ "$?" = 0 ]; then + echo_ok + else + echo_failed + error "For more informations see log output at '$log_file'." + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted ny user." + + fi + + fi # if [[ -f "${nginx_vhost_dir}/${HOSTNAME_CO}.conf" ]] + + echo "" >> $log_file + echo "# - Create nginx vhost entry for '$HOSTNAME_CO'" >> $log_file + echo "# -" >> $log_file + echononl "Create nginx vhost entry for '$HOSTNAME_CO'" + + cat< "${nginx_vhost_dir}/${HOSTNAME_CO}.conf" 2>> $log_file + # --- $HOSTNAME_CO + + # --- + # see: https://www.collaboraoffice.com/code/nginx-reverse-proxy/ + # --- + + server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name ${HOSTNAME_CO}; + + ssl_certificate ${server_cert}; + ssl_certificate_key ${server_key}; + + # static files + location ^~ /loleaflet { + proxy_pass https://localhost:9980; + proxy_set_header Host \$http_host; + } + + # WOPI discovery URL + location ^~ /hosting/discovery { + proxy_pass https://localhost:9980; + proxy_set_header Host \$http_host; + } + + # Capabilities + location ^~ /hosting/capabilities { + proxy_pass https://localhost:9980; + proxy_set_header Host \$http_host; + } + + # main websocket + location ~ ^/lool/(.*)/ws$ { + proxy_pass https://localhost:9980; + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host \$http_host; + proxy_read_timeout 36000s; + } + + # download, presentation and image upload + location ~ ^/lool { + proxy_pass https://localhost:9980; + proxy_set_header Host \$http_host; + } + + # Admin Console websocket + location ^~ /lool/adminws { + proxy_pass https://localhost:9980; + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host \$http_host; + proxy_read_timeout 36000s; + } + } +EOF + if [ "$?" = 0 ]; then + echo_ok + else + echo_failed + error "For more informations see log output at '$log_file'." + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted ny user." + fi + + # - Symlimk Nginx VHost file + # - + # - '${nginx_vhost_enabled_dir}/${HOSTNAME_CO}.conf' --> '${nginx_vhost_dir}/${HOSTNAME_CO}.conf' + # - + _symlink_src="${nginx_vhost_dir}/${HOSTNAME_CO}.conf" + _symlink_dst="${nginx_vhost_enabled_dir}/${HOSTNAME_CO}.conf" + echo "" >> $log_file + echo "# - Symlink '${_symlink_dst}' --> ${_symlink_src}" >> $log_file + echo "# -" >> $log_file + echononl "Symlink '${_symlink_dst}' --> ${_symlink_src}" + + ln -s "$_symlink_src" "$_symlink_dst" >> $log_file 2>&1 + if [ "$?" = 0 ]; then + echo_ok + else + echo_failed + error "For more informations see log output at '$log_file'." + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted ny user." + + fi + + else + + error "Cant find nginx's vhost directory!" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/no]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Interrupted ny user." + + + fi # if [[ -d "$nginx_vhost_dir" ]] + + + fi # if $apache2_installed + fi @@ -4175,9 +4377,9 @@ elif $nginx_installed ; then fi echo "" >> $log_file - echo "# - Create apache vhost entry for '$WEBSITE'" >> $log_file + echo "# - Create nginx vhost entry for '$WEBSITE'" >> $log_file echo "# -" >> $log_file - echononl "Create apache vhost entry for '$WEBSITE'" + echononl "Create nginx vhost entry for '$WEBSITE'" cat< "${nginx_vhost_dir}/${WEBSITE}.conf" 2>> $log_file # --- $WEBSITE