diff --git a/arch_install.sh b/arch_install.sh index e09cf3f..7eff8d6 100644 --- a/arch_install.sh +++ b/arch_install.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -# Nextcloud + Apache + PHP 8.3 (php-legacy) + MariaDB + Redis on Arch Linux +# Nextcloud + Apache + PHP 8.3 (php-legacy) + MariaDB + Valkey/Redis on Arch Linux # Production-oriented, reverse-proxy aware # # Run as root: @@ -37,6 +37,9 @@ PHP_FPM_SERVICE="php-fpm-legacy" REDIS_SOCK="/run/redis/redis.sock" +# ========================= +# HELPERS +# ========================= log() { printf '\n==== %s ====\n' "$1" } @@ -63,6 +66,13 @@ check_vars() { done } +require_cmd() { + command -v "$1" >/dev/null 2>&1 || { + echo "Required command not found: $1" + exit 1 + } +} + enable_php_ext() { local ext="$1" if ! grep -Eq "^[[:space:]]*extension=${ext}\.so" "$PHP_INI"; then @@ -93,8 +103,10 @@ set_fpm_value() { fi } -detect_redis_conf() { - if [[ -f /etc/redis/redis.conf ]]; then +detect_kv_conf() { + if [[ -f /etc/valkey/valkey.conf ]]; then + echo "/etc/valkey/valkey.conf" + elif [[ -f /etc/redis/redis.conf ]]; then echo "/etc/redis/redis.conf" elif [[ -f /etc/redis.conf ]]; then echo "/etc/redis.conf" @@ -103,13 +115,19 @@ detect_redis_conf() { fi } -require_cmd() { - command -v "$1" >/dev/null 2>&1 || { - echo "Required command not found: $1" - exit 1 - } +detect_kv_service() { + if systemctl list-unit-files 2>/dev/null | grep -q '^valkey\.service'; then + echo "valkey" + elif systemctl list-unit-files 2>/dev/null | grep -q '^redis\.service'; then + echo "redis" + else + echo "" + fi } +# ========================= +# PRECHECKS +# ========================= require_root check_vars @@ -117,20 +135,39 @@ log "Updating system and installing packages" pacman -Syu --noconfirm pacman -S --needed --noconfirm \ - apache mariadb redis cronie \ + apache mariadb valkey cronie \ php-legacy php-legacy-fpm php-legacy-gd php-legacy-intl php-legacy-sodium \ php-legacy-apcu php-legacy-redis php-legacy-imagick \ curl wget tar bzip2 unzip sudo require_cmd mariadb require_cmd httpd -require_cmd redis-server require_cmd "${PHP_BIN}" +KV_CONF="$(detect_kv_conf)" +KV_SERVICE="$(detect_kv_service)" + +if [[ -z "${KV_CONF}" ]]; then + echo "Could not find Valkey/Redis config file." + echo "Looked for /etc/valkey/valkey.conf, /etc/redis/redis.conf, and /etc/redis.conf" + exit 1 +fi + +if [[ -z "${KV_SERVICE}" ]]; then + echo "Could not find valkey.service or redis.service" + exit 1 +fi + +# ========================= +# DIRECTORIES +# ========================= log "Creating base directories" install -d -m 0755 /srv/http install -d -m 0750 "${NC_DATA_DIR}" +# ========================= +# MARIADB +# ========================= log "Initializing and configuring MariaDB" if [[ ! -d /var/lib/mysql/mysql ]]; then mariadb-install-db --user=mysql --basedir=/usr --datadir=/var/lib/mysql @@ -153,6 +190,9 @@ GRANT ALL PRIVILEGES ON \`${DB_NAME}\`.* TO '${DB_USER}'@'localhost'; FLUSH PRIVILEGES; SQL +# ========================= +# PHP +# ========================= log "Configuring PHP 8.3 legacy stack" for ext in gd intl mysqli pdo_mysql sodium zip apcu redis imagick; do enable_php_ext "$ext" @@ -166,7 +206,6 @@ set_ini_value "max_input_time" "360" set_ini_value "output_buffering" "Off" set_ini_value "date.timezone" "UTC" -# opcache if ! grep -Eq '^[[:space:]]*zend_extension[[:space:]]*=.*opcache' "$PHP_INI"; then printf "\nzend_extension=opcache\n" >> "$PHP_INI" fi @@ -193,34 +232,36 @@ set_fpm_value "pm.max_spare_servers" "16" systemctl enable --now "${PHP_FPM_SERVICE}" systemctl restart "${PHP_FPM_SERVICE}" -log "Configuring Redis" -REDIS_CONF="$(detect_redis_conf)" -if [[ -z "${REDIS_CONF}" ]]; then - echo "Could not find Redis config file." - echo "Looked for /etc/redis/redis.conf and /etc/redis.conf" - exit 1 -fi +# ========================= +# VALKEY / REDIS +# ========================= +log "Configuring Valkey/Redis" +echo "Using config: ${KV_CONF}" +echo "Using service: ${KV_SERVICE}" -echo "Using Redis config: ${REDIS_CONF}" +sed -ri 's|^port .*|port 0|' "${KV_CONF}" -sed -ri 's|^port .*|port 0|' "${REDIS_CONF}" - -if grep -Eq '^[[:space:]]*unixsocket[[:space:]]+' "${REDIS_CONF}"; then - sed -ri "s|^[[:space:]]*unixsocket[[:space:]]+.*|unixsocket ${REDIS_SOCK}|" "${REDIS_CONF}" +if grep -Eq '^[[:space:]]*unixsocket[[:space:]]+' "${KV_CONF}"; then + sed -ri "s|^[[:space:]]*unixsocket[[:space:]]+.*|unixsocket ${REDIS_SOCK}|" "${KV_CONF}" else - printf "\nunixsocket %s\n" "${REDIS_SOCK}" >> "${REDIS_CONF}" + printf "\nunixsocket %s\n" "${REDIS_SOCK}" >> "${KV_CONF}" fi -if grep -Eq '^[[:space:]]*unixsocketperm[[:space:]]+' "${REDIS_CONF}"; then - sed -ri 's|^[[:space:]]*unixsocketperm[[:space:]]+.*|unixsocketperm 770|' "${REDIS_CONF}" +if grep -Eq '^[[:space:]]*unixsocketperm[[:space:]]+' "${KV_CONF}"; then + sed -ri 's|^[[:space:]]*unixsocketperm[[:space:]]+.*|unixsocketperm 770|' "${KV_CONF}" else - printf "unixsocketperm 770\n" >> "${REDIS_CONF}" + printf "unixsocketperm 770\n" >> "${KV_CONF}" fi -usermod -aG redis http || true -systemctl enable --now redis -systemctl restart redis +usermod -aG redis http 2>/dev/null || true +usermod -aG valkey http 2>/dev/null || true +systemctl enable --now "${KV_SERVICE}" +systemctl restart "${KV_SERVICE}" + +# ========================= +# APACHE +# ========================= log "Configuring Apache" HTTPD_CONF="/etc/httpd/conf/httpd.conf" @@ -290,6 +331,9 @@ httpd -t systemctl enable --now httpd systemctl reload httpd +# ========================= +# DOWNLOAD NEXTCLOUD +# ========================= log "Downloading official Nextcloud release" TMPDIR="$(mktemp -d)" trap 'rm -rf "$TMPDIR"' EXIT @@ -312,6 +356,9 @@ chmod 0750 "${NC_DATA_DIR}" install -d -o http -g http -m 0750 "${NC_DIR}/config" install -d -o http -g http -m 0750 "${NC_DIR}/apps" +# ========================= +# INSTALL NEXTCLOUD +# ========================= log "Running Nextcloud installer" sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" maintenance:install \ --database "mysql" \ @@ -322,6 +369,9 @@ sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" maintenance:install \ --admin-pass "${ADMIN_PASS}" \ --data-dir "${NC_DATA_DIR}" +# ========================= +# REVERSE PROXY / HTTPS +# ========================= log "Applying reverse-proxy and HTTPS settings" sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" config:system:set overwrite.cli.url --value="https://${DOMAIN}" sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" config:system:set overwriteprotocol --value="https" @@ -339,11 +389,17 @@ fi sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" config:system:set trusted_domains 1 --value="${DOMAIN}" +# ========================= +# CACHE / LOCKING +# ========================= log "Configuring APCu and Redis" sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" config:system:set memcache.local --value='\OC\Memcache\APCu' sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" config:system:set memcache.locking --value='\OC\Memcache\Redis' sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" config:system:set redis --type=json --value="{\"host\":\"${REDIS_SOCK}\",\"port\":0,\"timeout\":1.5}" +# ========================= +# CRON +# ========================= log "Configuring cron background jobs" systemctl enable --now cronie @@ -354,6 +410,9 @@ EOF chmod 0644 /etc/cron.d/nextcloud systemctl restart cronie +# ========================= +# FINALIZE +# ========================= log "Finalizing" sudo -u http "${PHP_BIN}" "${NC_DIR}/occ" maintenance:update:htaccess || true @@ -367,12 +426,13 @@ echo " Web root: ${NC_DIR}" echo " Data dir: ${NC_DATA_DIR}" echo " PHP: ${PHP_BIN}" echo " FPM svc: ${PHP_FPM_SERVICE}" -echo " Redis conf: ${REDIS_CONF}" +echo " KV conf: ${KV_CONF}" +echo " KV service: ${KV_SERVICE}" echo "-----------------------------------------------------------------" echo " Services enabled:" echo " - httpd" echo " - ${PHP_FPM_SERVICE}" echo " - mariadb" -echo " - redis" +echo " - ${KV_SERVICE}" echo " - cronie" echo "=================================================================" \ No newline at end of file