#!/bin/env fish begin set -l dir (status dirname) set -l turn turn set -l domain cloud "" set -l service web set -l office collabora set -l officeDomain office "" set -l server $service $domain set -l services \ $server \ $office $officeDomain source "$dir/../service.fish" function installSW -V dir -V domain -V service -V turn -V office -V officeDomain set -l genPW __generatePW function $genPW -a length if [ -z "$length" ] set length 32 end nix-shell -p keepassxc --run "keepassxc-cli generate --length $length" end set -l file (mktemp) set -l root (getServiceRoot $argv) set -l source "$dir/docker-compose.core.yml" set -l core "$root/$(basename "$source")" set -l domain (getServiceDomain $domain) set -l overrides (getServiceOverrides $argv) set -l overridesSource "$dir/$(basename "$overrides")" set -l turnKey "$(getServiceKey "$turn")" set -l portKey "$turnKey.ports[1]" set -l officeEnv "$(getServiceKey "$office").environment" set -l dbPW ($genPW) set -l turnPW ($genPW) set -l turnPort set -l redisPW ($genPW) set -l nextcloudPW ($genPW 64) initializeServiceInstallation $argv sudo cp -r "$dir"/{cache.Dockerfile,cloud.Dockerfile,docker-compose.{base,core}.yml,.dockerignore,fpm,nginx,php.ini} "$root" begin printf "%s\n" \ "MYSQL_DATABASE=Nextcloud" \ "MYSQL_USER=nextcloud" \ "MYSQL_PASSWORD=$dbPW" end | sudo tee "$root/db.env" >/dev/null echo "REDIS_HOST_PASSWORD=$redisPW" | sudo tee "$root/cache.env" >/dev/null begin printf "%s\n" \ "NEXTCLOUD_ADMIN_USER=admin" \ "NEXTCLOUD_ADMIN_PASSWORD=$nextcloudPW" \ "NEXTCLOUD_TRUSTED_DOMAINS=$domain" \ "OVERWRITEPROTOCOL=https" \ "OVERWRITEHOST=$domain" \ "OVERWRITECLIURL=https://$domain" end | sudo tee "$root/nextcloud.env" >/dev/null PROTO="https" DOMAIN="$domain" begin set -l key "$turnKey.command" PW="--static-auth-secret=$turnPW" \ DOMAIN="--realm=$domain" \ yq "$key |= . + [env(PW), env(DOMAIN)]" "$overridesSource" | DOMAIN=(getServiceDomain $officeDomain) yq "$officeEnv.server_name = env(DOMAIN)" | URL="https://$(string escape --style regex "$DOMAIN"):443" yq "$officeEnv.aliasgroup1 = env(URL)" | sudo tee "$overrides" >/dev/null end installDockerService $argv set turnPort (yq (getServicePortKey "$turn") "$overrides" | extractPort) set turnPort (yq "$portKey" "$overrides" | mutatePort "$turnPort") cp "$overrides" "$file" PORT="$turnPort" yq "$portKey = env(PORT)" "$file" | sudo tee "$overrides" >/dev/null rm "$file" end function configureSW -V dir configureDockerService $argv end function getServiceServers -V services for i in (seq 1 3 (count $services)) printf "%s\0" $services[(math $i + 1)] $services[(math $i + 2)] end end function getServiceLocations -V services -V office -a index set -l i (math (math (math $index - 1) / 2 "*" 3) + 1) set -l name $services[$i] if [ "$name" != "$office" ] printf "%s\0" "$name" / "" else printf "%s\0" \ "$name" "^~ /browser" "static files" \ "$name" "^~ /hosting/discovery" "WOPI discovery URL" \ "$name" "^~ /hosting/capabilities" Capabilities \ "$name" "~ ^/cool/(.*)/ws\$" "main websocket" \ "$name" "~ ^/(c|l)ool" "download, presentation and image upload" \ "$name" "^~ /cool/adminws" "Admin Console websocket" end end function getServiceLocationConfig -a domain s location -V service -V office -V flood if [ "$s" = "$office" ] set -l argv $argv[4..] getServiceDefaultProxy $domain $s "$location" --scheme https $argv else getServiceDefaultProxy $argv if [ "$s" = "$service" ] printf "%s\n" \ "server_tokens off;" \ "" \ "client_max_body_size 512M;" \ "client_body_timeout 300s;" \ "fastcgi_buffers 64 4K;" \ "" \ "# enable gzip but do not remove ETag headers" \ "gzip on;" \ "gzip_vary on;" \ "gzip_comp_level 4;" \ "gzip_min_length 256;" \ "gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;" \ "gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;" \ "" \ "# Pagespeed is not supported by Nextcloud, so if your server is built" \ "# with the `ngx_pagespeed` module, uncomment this line to disable it." \ "#pagespeed off;" \ "" \ "# The settings allows you to optimize the HTTP2 bandwidth." \ "# See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/" \ "# for tuning hints" \ "client_body_buffer_size 512k;" end end end function getExtraLocationSettings -a domain s location -V service if string match --regex '^(~ \^|\^~ )/cool/(.*)ws\$?$' "$location" >/dev/null printf "%s\n" \ '# Websocket' \ "proxy_http_version 1.1;" \ 'proxy_set_header Upgrade $http_upgrade;' \ 'proxy_set_header Connection "upgrade";' end end function getExtraBackupPatterns echo "^(cache|db|nextcloud)\.env\$" end runInstaller --force $argv end