bashclub/zamba-lxc-toolbox
2
0
Fork 1
mirror of https://github.com/bashclub/zamba-lxc-toolbox.git synced 2024-11-07 19:31:58 +01:00
Code Issues Projects Releases Wiki Activity

Migrate Nextcloud to debian bookworm

Browse Source
This commit is contained in:
Danny Nakielski 2023-06-25 01:43:55 +02:00
parent 60366677d4
commit 788b09c391
2 changed files with 20 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/nextcloud/constants-service.conf
View File

@ -8,7 +8,7 @@
# This file contains the project constants on service level
# Debian Version, which will be installed
LXC_TEMPLATE_VERSION="debian-11-standard"
LXC_TEMPLATE_VERSION="debian-12-standard"
# Create sharefs mountpoint
LXC_MP="1"
@ -23,7 +23,7 @@ LXC_NESTING="1"
NEXTCLOUD_VERSION="latest"
# Defines the php version to install
NEXTCLOUD_PHP_VERSION="8.1"
NEXTCLOUD_PHP_VERSION="8.2"
# Defines the IP from the SQL server
NEXTCLOUD_DB_IP="127.0.0.1"

24
src/nextcloud/install-service.sh
View File

@ -14,13 +14,13 @@ source /root/constants-service.conf
HOSTNAME=$(hostname -f)
wget -q -O - https://packages.sury.org/php/apt.gpg | apt-key add -
wget -q -O - https://packages.sury.org/php/apt.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/sury-php.gpg >/dev/null
echo "deb https://packages.sury.org/php/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/php.list
wget -q -O - https://nginx.org/keys/nginx_signing.key | apt-key add -
wget -q -O - https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/nginx.gpg >/dev/null
echo "deb http://nginx.org/packages/debian $(lsb_release -cs) nginx" | tee /etc/apt/sources.list.d/nginx.list
wget -q -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
wget -q -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/postgresql.gpg >/dev/null
echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list
apt update
@ -76,7 +76,7 @@ sed -i "s/;session.cookie_secure.*/session.cookie_secure = True/" /etc/php/$NEXT
sed -i "s/;opcache.enable=.*/opcache.enable=1/" /etc/php/$NEXTCLOUD_PHP_VERSION/fpm/php.ini
sed -i "s/;opcache.enable_cli=.*/opcache.enable_cli=1/" /etc/php/$NEXTCLOUD_PHP_VERSION/fpm/php.ini
sed -i "s/;opcache.memory_consumption=.*/opcache.memory_consumption=128/" /etc/php/$NEXTCLOUD_PHP_VERSION/fpm/php.ini
sed -i "s/;opcache.interned_strings_buffer=.*/opcache.interned_strings_buffer=8/" /etc/php/$NEXTCLOUD_PHP_VERSION/fpm/php.ini
sed -i "s/;opcache.interned_strings_buffer=.*/opcache.interned_strings_buffer=16/" /etc/php/$NEXTCLOUD_PHP_VERSION/fpm/php.ini
sed -i "s/;opcache.max_accelerated_files=.*/opcache.max_accelerated_files=10000/" /etc/php/$NEXTCLOUD_PHP_VERSION/fpm/php.ini
sed -i "s/;opcache.revalidate_freq=.*/opcache.revalidate_freq=1/" /etc/php/$NEXTCLOUD_PHP_VERSION/fpm/php.ini
sed -i "s/;opcache.save_comments=.*/opcache.save_comments=1/" /etc/php/$NEXTCLOUD_PHP_VERSION/fpm/php.ini
@ -113,6 +113,9 @@ set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
include /etc/nginx/mime.types;
types {
text/javascript mjs;
}
default_type application/octet-stream;
sendfile on;
send_timeout 3600;
@ -136,6 +139,10 @@ cat > /etc/nginx/conf.d/http.conf << EOF
upstream php-handler {
server unix:/run/php/php$NEXTCLOUD_PHP_VERSION-fpm.sock;
}
map \$arg_v \$asset_immutable {
"" "";
default "immutable";
}
server {
listen 80 default_server;
listen [::]:80 default_server;
@ -171,13 +178,15 @@ ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
client_max_body_size 5120M;
client_body_timeout 300s;
client_body_buffer_size 512k;
fastcgi_buffers 64 4K;
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
gzip_types application/atom+xml text/javascript application/wasm application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
add_header Permissions-Policy "interest-cohort=()";
add_header Referrer-Policy "no-referrer" always;
@ -230,10 +239,13 @@ fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ \.(?:css|js|svg|gif)\$ {
location ~ \.(?:css|js|mjs|svg|gif|ico|wasm|tflite|map)\$ {
try_files \$uri /index.php\$request_uri;
expires 6M;
access_log off;
location ~ \.wasm$ {
default_type application/wasm;
}
}
location ~ \.woff2?\$ {
try_files \$uri /index.php\$request_uri;