diff --git a/conf/nginx-top.conf b/conf/nginx-top.conf index 4d88836..c3f4c0d 100644 --- a/conf/nginx-top.conf +++ b/conf/nginx-top.conf @@ -7,6 +7,6 @@ ## your own --- please do not ask for help from us. upstream php-fpm { - server unix:/var/run/php/php7.2-fpm.sock; + server unix:/var/run/php/php8.0-fpm.sock; } diff --git a/management/backup.py b/management/backup.py index ce358e0..2e88c8d 100755 --- a/management/backup.py +++ b/management/backup.py @@ -278,7 +278,7 @@ def perform_backup(full_backup): if quit: sys.exit(code) - service_command("php7.2-fpm", "stop", quit=True) + service_command("php8.0-fpm", "stop", quit=True) service_command("postfix", "stop", quit=True) service_command("dovecot", "stop", quit=True) @@ -312,7 +312,7 @@ def perform_backup(full_backup): # Start services again. service_command("dovecot", "start", quit=False) service_command("postfix", "start", quit=False) - service_command("php7.2-fpm", "start", quit=False) + service_command("php8.0-fpm", "start", quit=False) # Remove old backups. This deletes all backup data no longer needed # from more than 3 days ago. diff --git a/setup/functions.sh b/setup/functions.sh index 718a228..151c5f4 100644 --- a/setup/functions.sh +++ b/setup/functions.sh @@ -4,6 +4,8 @@ # -o pipefail: don't ignore errors in the non-last command in a pipeline set -euo pipefail +PHP_VER=8.0 + function hide_output { # This function hides the output of a command unless the command fails # and returns a non-zero exit code. diff --git a/setup/management.sh b/setup/management.sh index 483a9c5..a4e9c8d 100755 --- a/setup/management.sh +++ b/setup/management.sh @@ -25,7 +25,7 @@ done # # certbot installs EFF's certbot which we use to # provision free TLS certificates. -apt_install duplicity python-pip virtualenv certbot rsync +apt_install duplicity python3-pip virtualenv certbot rsync # b2sdk is used for backblaze backups. # boto is used for amazon aws backups. diff --git a/setup/nextcloud.sh b/setup/nextcloud.sh index 5525a37..4cd5a86 100755 --- a/setup/nextcloud.sh +++ b/setup/nextcloud.sh @@ -44,10 +44,10 @@ user_external_hash=3bf2609061d7214e7f0f69dd8883e55c4ec8f50a apt-get purge -qq -y owncloud* # we used to use the package manager -apt_install php php-fpm \ - php-cli php-sqlite3 php-gd php-imap php-curl php-pear curl \ - php-dev php-gd php-xml php-mbstring php-zip php-apcu php-json \ - php-intl php-imagick php-gmp php-bcmath +apt_install curl php${PHP_VER} php${PHP_VER}-fpm \ + php${PHP_VER}-cli php${PHP_VER}-sqlite3 php${PHP_VER}-gd php${PHP_VER}-imap php${PHP_VER}-curl \ + php${PHP_VER}-dev php${PHP_VER}-gd php${PHP_VER}-xml php${PHP_VER}-mbstring php${PHP_VER}-zip php${PHP_VER}-apcu \ + php${PHP_VER}-intl php${PHP_VER}-imagick php${PHP_VER}-gmp php${PHP_VER}-bcmath InstallNextcloud() { @@ -112,20 +112,20 @@ InstallNextcloud() { if [ -e $STORAGE_ROOT/owncloud/owncloud.db ]; then # ownCloud 8.1.1 broke upgrades. It may fail on the first attempt, but # that can be OK. - sudo -u www-data php /usr/local/lib/owncloud/occ upgrade + sudo -u www-data php$PHP_VER /usr/local/lib/owncloud/occ upgrade if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then echo "Trying ownCloud upgrade again to work around ownCloud upgrade bug..." - sudo -u www-data php /usr/local/lib/owncloud/occ upgrade + sudo -u www-data php$PHP_VER /usr/local/lib/owncloud/occ upgrade if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then exit 1; fi - sudo -u www-data php /usr/local/lib/owncloud/occ maintenance:mode --off + sudo -u www-data php$PHP_VER /usr/local/lib/owncloud/occ maintenance:mode --off echo "...which seemed to work." fi # Add missing indices. NextCloud didn't include this in the normal upgrade because it might take some time. - sudo -u www-data php /usr/local/lib/owncloud/occ db:add-missing-indices + sudo -u www-data php$PHP_VER /usr/local/lib/owncloud/occ db:add-missing-indices # Run conversion to BigInt identifiers, this process may take some time on large tables. - sudo -u www-data php /usr/local/lib/owncloud/occ db:convert-filecache-bigint --no-interaction + sudo -u www-data php$PHP_VER /usr/local/lib/owncloud/occ db:convert-filecache-bigint --no-interaction fi } @@ -137,7 +137,7 @@ InstallNextcloud() { # If config.php exists, get version number, otherwise CURRENT_NEXTCLOUD_VER is empty. if [ -f "$STORAGE_ROOT/owncloud/config.php" ]; then - CURRENT_NEXTCLOUD_VER=$(php -r "include(\"$STORAGE_ROOT/owncloud/config.php\"); echo(\$CONFIG['version']);") + CURRENT_NEXTCLOUD_VER=$(php$PHP_VER -r "include(\"$STORAGE_ROOT/owncloud/config.php\"); echo(\$CONFIG['version']);") else CURRENT_NEXTCLOUD_VER="" fi @@ -146,8 +146,8 @@ fi # from the version currently installed, do the install/upgrade if [ ! -d /usr/local/lib/owncloud/ ] || [[ ! ${CURRENT_NEXTCLOUD_VER} =~ ^$nextcloud_ver ]]; then - # Stop php-fpm if running. If theyre not running (which happens on a previously failed install), dont bail. - service php7.2-fpm stop &> /dev/null || /bin/true + # Stop php-fpm if running. If they are not running (which happens on a previously failed install), dont bail. + service php$PHP_VER-fpm stop &> /dev/null || /bin/true # Backup the existing ownCloud/Nextcloud. # Create a backup directory to store the current installation and database to @@ -280,7 +280,7 @@ EOF # Execute Nextcloud's setup step, which creates the Nextcloud sqlite database. # It also wipes it if it exists. And it updates config.php with database # settings and deletes the autoconfig.php file. - (cd /usr/local/lib/owncloud; sudo -u www-data php /usr/local/lib/owncloud/index.php;) + (cd /usr/local/lib/owncloud; sudo -u www-data php$PHP_VER /usr/local/lib/owncloud/index.php;) fi # Update config.php. @@ -296,7 +296,7 @@ fi # Use PHP to read the settings file, modify it, and write out the new settings array. TIMEZONE=$(cat /etc/timezone) CONFIG_TEMP=$(/bin/mktemp) -php < $CONFIG_TEMP && mv $CONFIG_TEMP $STORAGE_ROOT/owncloud/config.php; +php$PHP_VER < $CONFIG_TEMP && mv $CONFIG_TEMP $STORAGE_ROOT/owncloud/config.php; /etc/cron.d/mailinabox-nextcloud << EOF; #!/bin/bash # Mail-in-a-Box -*/5 * * * * root sudo -u www-data php -f /usr/local/lib/owncloud/cron.php +*/5 * * * * root sudo -u www-data php$PHP_VER -f /usr/local/lib/owncloud/cron.php EOF chmod +x /etc/cron.d/mailinabox-nextcloud @@ -387,4 +387,4 @@ rm -f /etc/cron.hourly/mailinabox-owncloud # ``` # Enable PHP modules and restart PHP. -restart_service php7.2-fpm +restart_service php$PHP_VER-fpm diff --git a/setup/system.sh b/setup/system.sh index b128a6b..8c7ff13 100755 --- a/setup/system.sh +++ b/setup/system.sh @@ -100,6 +100,10 @@ hide_output add-apt-repository -y universe # Install the duplicity PPA. hide_output add-apt-repository -y ppa:duplicity-team/duplicity-release-git +# Stock PHP is now 8.1, but we're transitioning through 8.0 because +# of Nextcloud. +hide_output add-apt-repository --y ppa:ondrej/php + # ### Update Packages # Update system packages to make sure we have the latest upstream versions diff --git a/setup/web.sh b/setup/web.sh index 4433ff0..392b6d9 100755 --- a/setup/web.sh +++ b/setup/web.sh @@ -19,7 +19,7 @@ fi echo "Installing Nginx (web server)..." -apt_install nginx php-cli php-fpm idn2 +apt_install nginx php${PHP_VER}-cli php${PHP_VER}-fpm idn2 rm -f /etc/nginx/sites-enabled/default @@ -46,15 +46,15 @@ tools/editconf.py /etc/nginx/nginx.conf -s \ ssl_protocols="TLSv1.2 TLSv1.3;" # Tell PHP not to expose its version number in the X-Powered-By header. -tools/editconf.py /etc/php/7.2/fpm/php.ini -c ';' \ +tools/editconf.py /etc/php/$PHP_VER/fpm/php.ini -c ';' \ expose_php=Off # Set PHPs default charset to UTF-8, since we use it. See #367. -tools/editconf.py /etc/php/7.2/fpm/php.ini -c ';' \ +tools/editconf.py /etc/php/$PHP_VER/fpm/php.ini -c ';' \ default_charset="UTF-8" # Configure the path environment for php-fpm -tools/editconf.py /etc/php/7.2/fpm/pool.d/www.conf -c ';' \ +tools/editconf.py /etc/php/$PHP_VER/fpm/pool.d/www.conf -c ';' \ env[PATH]=/usr/local/bin:/usr/bin:/bin \ # Configure php-fpm based on the amount of memory the machine has @@ -64,7 +64,7 @@ tools/editconf.py /etc/php/7.2/fpm/pool.d/www.conf -c ';' \ TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}' || /bin/true) if [ $TOTAL_PHYSICAL_MEM -lt 1000000 ] then - tools/editconf.py /etc/php/7.2/fpm/pool.d/www.conf -c ';' \ + tools/editconf.py /etc/php/$PHP_VER/fpm/pool.d/www.conf -c ';' \ pm=ondemand \ pm.max_children=8 \ pm.start_servers=2 \ @@ -72,7 +72,7 @@ then pm.max_spare_servers=3 elif [ $TOTAL_PHYSICAL_MEM -lt 2000000 ] then - tools/editconf.py /etc/php/7.2/fpm/pool.d/www.conf -c ';' \ + tools/editconf.py /etc/php/$PHP_VER/fpm/pool.d/www.conf -c ';' \ pm=ondemand \ pm.max_children=16 \ pm.start_servers=4 \ @@ -80,14 +80,14 @@ then pm.max_spare_servers=6 elif [ $TOTAL_PHYSICAL_MEM -lt 3000000 ] then - tools/editconf.py /etc/php/7.2/fpm/pool.d/www.conf -c ';' \ + tools/editconf.py /etc/php/$PHP_VER/fpm/pool.d/www.conf -c ';' \ pm=dynamic \ pm.max_children=60 \ pm.start_servers=6 \ pm.min_spare_servers=3 \ pm.max_spare_servers=9 else - tools/editconf.py /etc/php/7.2/fpm/pool.d/www.conf -c ';' \ + tools/editconf.py /etc/php/$PHP_VER/fpm/pool.d/www.conf -c ';' \ pm=dynamic \ pm.max_children=120 \ pm.start_servers=12 \ @@ -147,7 +147,7 @@ chown -R $STORAGE_USER $STORAGE_ROOT/www # Start services. restart_service nginx -restart_service php7.2-fpm +restart_service php$PHP_VER-fpm # Open ports. ufw_allow http diff --git a/setup/webmail.sh b/setup/webmail.sh index 938bcdd..839b653 100755 --- a/setup/webmail.sh +++ b/setup/webmail.sh @@ -22,8 +22,8 @@ source /etc/mailinabox.conf # load global vars echo "Installing Roundcube (webmail)..." apt_install \ dbconfig-common \ - php-cli php-sqlite3 php-intl php-json php-common php-curl php-ldap \ - php-gd php-pspell libjs-jquery libjs-jquery-mousewheel libmagic1 php-mbstring + php${PHP_VER}-cli php${PHP_VER}-sqlite3 php${PHP_VER}-intl php${PHP_VER}-common php${PHP_VER}-curl php${PHP_VER}-ldap \ + php${PHP_VER}-gd php${PHP_VER}-pspell php${PHP_VER}-mbstring libjs-jquery libjs-jquery-mousewheel libmagic1 # Install Roundcube from source if it is not already present or if it is out of date. # Combine the Roundcube version number with the commit hash of plugins to track @@ -202,10 +202,10 @@ chown -f -R root.www-data ${RCM_PLUGIN_DIR}/carddav chmod -R 774 ${RCM_PLUGIN_DIR}/carddav # Run Roundcube database migration script (database is created if it does not exist) -${RCM_DIR}/bin/updatedb.sh --dir ${RCM_DIR}/SQL --package roundcube +php$PHP_VER ${RCM_DIR}/bin/updatedb.sh --dir ${RCM_DIR}/SQL --package roundcube chown www-data:www-data $STORAGE_ROOT/mail/roundcube/roundcube.sqlite chmod 664 $STORAGE_ROOT/mail/roundcube/roundcube.sqlite # Enable PHP modules. -phpenmod -v php mcrypt imap -restart_service php7.2-fpm +phpenmod -v $PHP_VER imap +restart_service php$PHP_VER-fpm diff --git a/setup/zpush.sh b/setup/zpush.sh index c1c00f2..4fdfadc 100755 --- a/setup/zpush.sh +++ b/setup/zpush.sh @@ -17,9 +17,9 @@ source /etc/mailinabox.conf # load global vars echo "Installing Z-Push (Exchange/ActiveSync server)..." apt_install \ - php-soap php-imap libawl-php php-xsl + php${PHP_VER}-soap php${PHP_VER}-imap libawl-php php$PHP_VER-xml -phpenmod -v php imap +phpenmod -v $PHP_VER imap # Copy Z-Push into place. VERSION=2.6.2 @@ -42,8 +42,6 @@ if [ $needs_update == 1 ]; then rm -rf /tmp/z-push.zip /tmp/z-push rm -f /usr/sbin/z-push-{admin,top} - ln -s /usr/local/lib/z-push/z-push-admin.php /usr/sbin/z-push-admin - ln -s /usr/local/lib/z-push/z-push-top.php /usr/sbin/z-push-top echo $VERSION > /usr/local/lib/z-push/version fi @@ -102,8 +100,8 @@ EOF # Restart service. -restart_service php7.2-fpm +restart_service php$PHP_VER-fpm # Fix states after upgrade -hide_output z-push-admin -a fixstates +hide_output php$PHP_VER /usr/local/lib/z-push/z-push-admin.php -a fixstates diff --git a/tools/owncloud-restore.sh b/tools/owncloud-restore.sh index 4b0ba4d..108c8b7 100755 --- a/tools/owncloud-restore.sh +++ b/tools/owncloud-restore.sh @@ -26,7 +26,7 @@ if [ ! -f $1/config.php ]; then fi echo "Restoring backup from $1" -service php7.2-fpm stop +service php8.0-fpm stop # remove the current ownCloud/Nextcloud installation rm -rf /usr/local/lib/owncloud/ @@ -43,7 +43,7 @@ ln -sf $STORAGE_ROOT/owncloud/config.php /usr/local/lib/owncloud/config/config.p chown -f -R www-data.www-data $STORAGE_ROOT/owncloud /usr/local/lib/owncloud chown www-data.www-data $STORAGE_ROOT/owncloud/config.php -sudo -u www-data php /usr/local/lib/owncloud/occ maintenance:mode --off +sudo -u www-data php$PHP_VER /usr/local/lib/owncloud/occ maintenance:mode --off -service php7.2-fpm start +service php8.0-fpm start echo "Done" diff --git a/tools/owncloud-unlockadmin.sh b/tools/owncloud-unlockadmin.sh index 50e3b01..0b7ffc9 100755 --- a/tools/owncloud-unlockadmin.sh +++ b/tools/owncloud-unlockadmin.sh @@ -20,4 +20,4 @@ echo echo Press enter to continue. read -sudo -u www-data php /usr/local/lib/owncloud/occ group:adduser admin $ADMIN && echo Done. +sudo -u www-data php$PHP_VER /usr/local/lib/owncloud/occ group:adduser admin $ADMIN && echo Done.