Delete optimizations.sh

2026-03-08 05:31:52 +00:00 · 2018-04-24 12:27:45 +02:00
parent 1bfe0de388
commit 74675bf02a
1 changed files with 0 additions and 139 deletions
--- a/optimizations.sh
+++ b/optimizations.sh
@@ -1,139 +0,0 @@
 #######################################################
 # Carsten Rieger IT-Services
 # OPTIMIZATIONS.SH
 # Version 1.2
 # April 23rd, 2018
 # version 1.2: remove whitespaces from config.php
 # version 1.1: added functions
 # Version 1.0: initial script
 #######################################################
 #!/bin/bash
 ###global function to update and cleanup the environment
 function update_and_clean() {
 apt update
 apt upgrade -y
 apt autoclean -y
 apt autoremove -y
 }
 ###global function to restart all cloud services
 function restart_all_services() {
 /usr/sbin/service nginx restart
 /usr/sbin/service mysql restart
 /usr/sbin/service redis-server restart
 /usr/sbin/service php7.2-fpm restart
 }
 ###global function to scan Nextcloud data and generate an overview for fail2ban & ufw
 function nextcloud_scan_data() {
 sudo -u www-data php /var/www/nextcloud/occ files:scan --all
 sudo -u www-data php /var/www/nextcloud/occ files:scan-app-data
 fail2ban-client status nextcloud
 ufw status verbose
 }
 ###backup of the effected file
 cp /var/www/nextcloud/.user.ini /var/www/nextcloud/.user.ini.bak
 ###apply optimizations
 sudo -u www-data sed -i "s/upload_max_filesize=.*/upload_max_filesize=10240M/" /var/www/nextcloud/.user.ini
 sudo -u www-data sed -i "s/post_max_size=.*/post_max_size=10240M/" /var/www/nextcloud/.user.ini
 sudo -u www-data sed -i "s/output_buffering=.*/output_buffering='Off'/" /var/www/nextcloud/.user.ini
 sudo -u www-data cp /var/www/nextcloud/config/config.php /var/www/nextcloud/config/config.php.bak
 sudo -u www-data php /var/www/nextcloud/occ background:cron
 ###apply optimizations to Nextclouds config.php
 sed -i '/);/d' /var/www/nextcloud/config/config.php
 cat <<EOF >>/var/www/nextcloud/config/config.php
 'activity_expire_days' => 14,
 'auth.bruteforce.protection.enabled' => true,
 'blacklisted_files' =>
 array (
 0 => '.htaccess',
 1 => 'Thumbs.db',
 2 => 'thumbs.db',
 ),
 'cron_log' => true,
 'enable_previews' => true,
 'enabledPreviewProviders' =>
 array (
 0 => 'OC\\Preview\\PNG',
 1 => 'OC\\Preview\\JPEG',
 2 => 'OC\\Preview\\GIF',
 3 => 'OC\\Preview\\BMP',
 4 => 'OC\\Preview\\XBitmap',
 5 => 'OC\\Preview\\Movie',
 6 => 'OC\\Preview\\PDF',
 7 => 'OC\\Preview\\MP3',
 8 => 'OC\\Preview\\TXT',
 9 => 'OC\\Preview\\MarkDown',
 ),
 'filesystem_check_changes' => 0,
 'filelocking.enabled' => 'true',
 'htaccess.RewriteBase' => '/',
 'integrity.check.disabled' => false,
 'knowledgebaseenabled' => false,
 'logtimezone' => 'Europe/Berlin',
 'log_rotate_size' => 104857600,
 'memcache.local' => '\\OC\\Memcache\\APCu',
 'memcache.locking' => '\\OC\\Memcache\\Redis',
 'preview_max_x' => 1024,
 'preview_max_y' => 768,
 'preview_max_scale_factor' => 1,
 'redis' =>
 array (
 'host' => '/var/run/redis/redis.sock',
 'port' => 0,
 'timeout' => 0.0,
 ),
 'quota_include_external_storage' => false,
 'share_folder' => '/Shares',
 'skeletondirectory' => '',
 'trashbin_retention_obligation' => 'auto, 7',
 );
 EOF
 ###remove leading whitespaces
 sed -i 's/^[ ]*//' /var/www/nextcloud/config/config.php
 restart_all_services
 update_and_clean
 ###installfail2ban
 apt install fail2ban -y
 ###create a fail2ban Nextcloud filter 
 touch /etc/fail2ban/filter.d/nextcloud.conf
 cat <<EOF >/etc/fail2ban/filter.d/nextcloud.conf
 [Definition]
 failregex=^{"reqId":".*","remoteAddr":".*","app":"core","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)","level":2,"time":".*"}\$
 ^{"reqId":".*","level":2,"time":".*","remoteAddr":".*","app":"core".*","message":"Login failed: '.*' \(Remote IP: '<HOST>'\)".*}\$
 ^.*\"remoteAddr\":\"<HOST>\".*Trusted domain error.*\$
 EOF
 ###create a fail2ban Nextcloud jail
 touch /etc/fail2ban/jail.d/nextcloud.local
 cat <<EOF >/etc/fail2ban/jail.d/nextcloud.local
 [nextcloud]
 backend = auto
 enabled = true
 port = 80,443
 protocol = tcp
 filter = nextcloud
 maxretry = 3
 bantime = 36000
 findtime = 36000
 logpath = /var/nc_data/nextcloud.log
 EOF
 update_and_clean
 ###install ufw
 apt install ufw -y
 ###open firewall ports 80+443 for http(s)
 ufw allow 80/tcp
 ufw allow 443/tcp
 ###open firewall port 22 for SSH
 ufw allow 22/tcp
 ###enable UFW (autostart)
 ufw enable
 ###restart fail2ban, ufw and redis-server services
 /usr/sbin/service ufw restart
 /usr/sbin/service fail2ban restart
 /usr/sbin/service redis-server restart
 ###clean up redis-server
 redis-cli -s /var/run/redis/redis.sock <<EOF
 FLUSHALL
 quit
 EOF
 restart_all_services
 nextcloud_scan_data
 exit 0