git/nextcloud-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c79a25e34def18219cbef63a1177b8c9c5617b92
nextcloud-docker/scripts/install.sh
Raghav 08990f6420 Add automated TLS renewal and deployment documentation 
Co-Authored-By: Oz <oz-agent@warp.dev>
2026-04-17 08:44:28 +05:30

74 lines
2.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# scripts/install.sh
set -euo pipefail
REPO_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
SSL_DIR="${REPO_DIR}/nginx/ssl"
DOMAIN="nxt.bhatfamily.in"
if ! command -v docker >/dev/null 2>&1; then
echo "ERROR: Docker is not installed. Install Docker and rerun this script."
exit 1
fi
if ! docker compose version >/dev/null 2>&1 && ! command -v docker-compose >/dev/null 2>&1; then
echo "ERROR: docker compose / docker-compose is not installed."
exit 1
fi
if ! command -v openssl >/dev/null 2>&1; then
echo "ERROR: openssl is not installed."
exit 1
fi
if ! command -v ufw >/dev/null 2>&1; then
echo "INFO: ufw not found. Ensure ports 8082 and 8446 are open in your firewall/router."
fi
compose() {
if docker compose version >/dev/null 2>&1; then
docker compose "$@"
else
docker-compose "$@"
fi
}
mkdir -p "${SSL_DIR}"
echo "==> Ensuring TLS files exist for nginx startup..."
if [ ! -f "${SSL_DIR}/${DOMAIN}.crt" ] || [ ! -f "${SSL_DIR}/${DOMAIN}.key" ]; then
echo "==> Generating bootstrap self-signed certificate for ${DOMAIN} (valid 365 days)..."
openssl req -x509 -nodes -newkey rsa:4096 \
-keyout "${SSL_DIR}/${DOMAIN}.key" \
-out "${SSL_DIR}/${DOMAIN}.crt" \
-days 365 \
-subj "/CN=${DOMAIN}"
else
echo "==> Existing certificate/key found; skipping bootstrap certificate generation."
fi
if [ ! -f "${SSL_DIR}/dhparam.pem" ]; then
echo "==> Generating dhparam (one-time, may take a while)..."
openssl dhparam -out "${SSL_DIR}/dhparam.pem" 2048
fi
if command -v ufw >/dev/null 2>&1; then
echo "==> Configuring UFW firewall rules (8082/tcp, 8446/tcp)..."
sudo ufw allow 8082/tcp comment "Nextcloud HTTP"
sudo ufw allow 8446/tcp comment "Nextcloud HTTPS"
fi
echo "==> Pulling and starting containers..."
compose -f "${REPO_DIR}/docker-compose.yml" pull
compose -f "${REPO_DIR}/docker-compose.yml" up -d
echo "==> Stack started"
echo " http://${DOMAIN}:8082 (redirects to HTTPS)"
echo " https://${DOMAIN}:8446"
echo
echo "For production TLS with Let's Encrypt DNS-01 (Cloudflare):"
echo " 1) export CF_DNS_API_TOKEN=<token>"
echo " 2) export LETSENCRYPT_EMAIL=<email>"
echo " 3) ./scripts/provision-production-tls.sh"
echo " 4) docker compose restart web"
Reference in New Issue View Git Blame Copy Permalink