Initial Nextcloud Docker setup for nxt.bhatfamily.in

2026-04-17 08:16:15 +05:30
commit 249bed66e2
10 changed files with 358 additions and 0 deletions
--- a/scripts/install.sh
+++ b/scripts/install.sh
@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+# scripts/install.sh
+set -euo pipefail
+
+REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+SSL_DIR="${REPO_DIR}/nginx/ssl"
+DOMAIN="nxt.bhatfamily.in"
+
+echo "==> Ensuring required packages are installed (docker, docker-compose, ufw, openssl)..."
+if ! command -v docker >/dev/null 2>&1; then
+  echo "Docker is not installed. Install Docker and rerun this script."
+  exit 1
+fi
+
+if ! command -v docker compose >/dev/null 2>&1 && ! command -v docker-compose >/dev/null 2>&1; then
+  echo "docker compose / docker-compose is not installed. Install Docker Compose and rerun."
+  exit 1
+fi
+
+if ! command -v ufw >/dev/null 2>&1; then
+  echo "ufw not found. Installing ufw requires root and internet access."
+fi
+
+mkdir -p "${SSL_DIR}"
+
+echo "==> Generating self-signed TLS certificate for ${DOMAIN} (valid 365 days)..."
+if [ ! -f "${SSL_DIR}/${DOMAIN}.crt" ] || [ ! -f "${SSL_DIR}/${DOMAIN}.key" ]; then
+  openssl req -x509 -nodes -newkey rsa:4096 \
+    -keyout "${SSL_DIR}/${DOMAIN}.key" \
+    -out "${SSL_DIR}/${DOMAIN}.crt" \
+    -days 365 \
+    -subj "/CN=${DOMAIN}"
+else
+  echo "Certificate already exists, skipping generation."
+fi
+
+if [ ! -f "${SSL_DIR}/dhparam.pem" ]; then
+  echo "==> Generating dhparam (this may take a while)..."
+  openssl dhparam -out "${SSL_DIR}/dhparam.pem" 2048
+fi
+
+echo "==> Configuring UFW firewall rules (allow 8082/tcp and 8446/tcp)..."
+if command -v ufw >/dev/null 2>&1; then
+  sudo ufw allow 8082/tcp comment "Nextcloud HTTP"
+  sudo ufw allow 8446/tcp comment "Nextcloud HTTPS"
+else
+  echo "ufw not installed; ensure ports 8082 and 8446 are open in your firewall/router."
+fi
+
+echo "==> Starting Nextcloud stack via Docker Compose..."
+cd "${REPO_DIR}"
+
+if command -v docker compose >/dev/null 2>&1; then
+  docker compose pull
+  docker compose up -d
+else
+  docker-compose pull
+  docker-compose up -d
+fi
+
+echo "==> Nextcloud should now be reachable at:"
+echo "    http://${DOMAIN}:8082  (redirects to HTTPS)"
+echo "    https://${DOMAIN}:8446"
+echo ""
+echo "NOTE: Browser will warn about self-signed certificate. Replace with a valid cert for production."
--- a/scripts/test.sh
+++ b/scripts/test.sh
@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+# scripts/test.sh
+set -euo pipefail
+
+DOMAIN="nxt.bhatfamily.in"
+HTTP_PORT=8082
+HTTPS_PORT=8446
+
+echo "==> Testing HTTP redirect..."
+curl -I "http://${DOMAIN}:${HTTP_PORT}" || {
+  echo "HTTP test failed."
+  exit 1
+}
+
+echo "==> Testing HTTPS endpoint (ignoring self-signed cert errors)..."
+curl -k -I "https://${DOMAIN}:${HTTPS_PORT}" || {
+  echo "HTTPS test failed."
+  exit 1
+}
+
+echo "==> Quick application-level check (Nextcloud status.php)..."
+curl -k "https://${DOMAIN}:${HTTPS_PORT}/status.php" || {
+  echo "status.php test failed."
+  exit 1
+}
+
+echo "All tests passed."
--- a/scripts/uninstall.sh
+++ b/scripts/uninstall.sh
@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+# scripts/uninstall.sh
+set -euo pipefail
+
+REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+
+echo "==> Stopping and removing Docker containers/volumes..."
+
+cd "${REPO_DIR}"
+
+if command -v docker compose >/dev/null 2>&1; then
+  docker compose down -v
+else
+  docker-compose down -v
+fi
+
+echo "==> (Optional) Remove persistent data volumes manually if desired:"
+echo "    docker volume ls | grep nextcloud"
+echo "    docker volume rm <volume_name>   # if you want to fully wipe data"
+
+echo "Uninstall complete."