diff --git a/files/nextcloud.nginx b/files/nextcloud.nginx index 6c69b14..f1c6fe3 100644 --- a/files/nextcloud.nginx +++ b/files/nextcloud.nginx @@ -1,5 +1,5 @@ upstream php-handler { - server unix:/run/php/php7.0-fpm.sock; + server unix:/run/php/phpVERSION-fpm.sock; } server { @@ -16,7 +16,8 @@ server { add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; + #add_header X-Frame-Options "SAMEORIGIN"; + add_header Referrer-Policy no-referrer; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; diff --git a/gencode-remote b/gencode-remote index 51d7bc1..31aeb24 100755 --- a/gencode-remote +++ b/gencode-remote @@ -21,7 +21,6 @@ case "$os" in restart="systemctl restart nginx" ;; *) - restart="systemctl restart nginx" echo "Unsupported version $os_version of $os." >&2 exit 1 ;; diff --git a/manifest b/manifest index ca0f6d3..687127b 100755 --- a/manifest +++ b/manifest @@ -29,9 +29,19 @@ os_version=$(cat "$__global/explorer/os_version") case "$os_version" in 8*|jessie) distribution="jessie" + packages="php7.0-common php7.0-gd php7.0-json php7.0-pgsql php7.0-curl php7.0-intl php7.0-mcrypt php7.0-imagick php7.0-zip php7.0-apcu php7.0-mbstring php7.0-xml php7.0-fpm" + phpv="7.0" ;; 9*|ascii|ascii/ceres) distribution="stretch" + packages="php7.0-common php7.0-gd php7.0-json php7.0-pgsql php7.0-curl php7.0-intl php7.0-mcrypt php7.0-imagick php7.0-zip php7.0-apcu php7.0-mbstring php7.0-xml php7.0-fpm" + phpv="7.0" + ;; + 10*|beowulf|beowulf/ceres) + #packages="php7.3-common php7.3-gd php7.3-json php7.3-pgsql php7.3-curl php7.3-intl php7.3-mcrypt php-imagick php7.3-zip php-apcu php7.3-mbstring php7.3-xml php7.3-fpm" + distribution="buster" + packages="php7.3-fpm php7.3-intl php7.3-ldap php7.3-imap php7.3-gd php7.3-pgsql php7.3-curl php7.3-xml php7.3-zip php7.3-mbstring php7.3-soap php7.3-smbclient php7.3-json php7.3-gmp php7.3-bz2 php-pear" + phpv="7.3" ;; *) echo "Unsupported version $os_version of $os." >&2 @@ -47,17 +57,19 @@ domain=$(cat "$__object/parameter/domain") tmpdir="$__object/files" mkdir "$tmpdir" -__apt_key_uri dotdeb --uri https://www.dotdeb.org/dotdeb.gpg -require="__apt_key_uri/dotdeb" __apt_source dotdeb --uri http://packages.dotdeb.org \ - --distribution ${distribution} \ - --component all - -require="__apt_source/dotdeb" __apt_update_index +case "$os_version" in + 8*|jessie|9*|ascii|ascii/ceres) + __apt_key_uri dotdeb --uri https://www.dotdeb.org/dotdeb.gpg + require="__apt_key_uri/dotdeb" __apt_source dotdeb --uri http://packages.dotdeb.org \ + --distribution ${distribution} \ + --component all + require="__apt_source/dotdeb" __apt_update_index + ;; +esac +__apt_update_index # Install packages -for package in php7.0-common php7.0-gd php7.0-json php7.0-pgsql php7.0-curl \ - php7.0-intl php7.0-mcrypt php7.0-imagick \ - php7.0-zip php7.0-apcu php7.0-mbstring php7.0-xml php7.0-fpm; +for package in ${packages} do require="__apt_update_index" __package $package --state=present done @@ -66,7 +78,7 @@ __package curl --state=present # Configure packages ## PHP 7 -require="__package/php7.0-fpm" __file /etc/php/7.0/fpm/pool.d/www.conf \ +require="__package/php${phpv}-fpm" __file /etc/php/${phpv}/fpm/pool.d/www.conf \ --owner root --group root --mode 644 --source "$__type/files/fpm.conf" @@ -85,6 +97,7 @@ require="__ungleich_http_server_ssl_redirect_letsencrypt/$domain" \ ### The SSL configuration sed "s/DOMAIN/$domain/" "$__type/files/nextcloud.nginx" > "$tmpdir/nginx" +sed "s/VERSION/$phpv/" "$__type/files/nextcloud.nginx" > "$tmpdir/nginx" require="__letsencrypt_cert/$domain __package/nginx" __file /etc/nginx/sites-enabled/nextcloud \ --owner www-data \ --group www-data \ @@ -103,4 +116,4 @@ require="__package/postgresql __postgres_role/${db_user}" __postgres_database "$ # Start on boot require="__package/postgresql" __start_on_boot postgresql require="__package/nginx" __start_on_boot nginx -require="__package/php7.0-fpm" __start_on_boot php7.0-fpm +require="__package/php${phpv}-fpm" __start_on_boot php${phpv}-fpm