Skip to content

Commit

Permalink
randomize database password (fixes)
Browse files Browse the repository at this point in the history
  • Loading branch information
@nachoparker
nachoparker committed Aug 10, 2017
1 parent 558e3a5 commit 530e3a1
Show file tree
Hide file tree
Showing 6 changed files with 15 additions and 13 deletions.
6 changes: 2 additions & 4 deletions etc/nextcloudpi-config.d/nc-backup.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,17 +24,15 @@ DBBACKUP=nextcloud-sqlbkp_`date +"%Y%m%d"`.bak

configure()
{
local DBPASSWD=$( cat /root/.dbpass )

cd $BASEDIR_/nextcloud
sudo -u www-data php occ maintenance:mode --on

cd $BASEDIR_
echo -e "backup database..."
mysqldump -u root -p$DBPASSWD --single-transaction nextcloud > $DBBACKUP
mysqldump -u root --single-transaction nextcloud > $DBBACKUP

echo -e "backup files..."
mkdir -p $DESTDIR
mkdir -p $DESTDIR_
tar -cf $DESTFILE $DBBACKUP nextcloud/ && \
echo -e "backup $DESTFILE generated" || \
echo -e "error generating backup"
Expand Down
3 changes: 1 addition & 2 deletions etc/nextcloudpi-config.d/nc-init.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,6 @@ show_info()

configure()
{
local DBPASSWD=$( cat /root/.dbpass )

## RE-CREATE DATABASE TABLE

echo "Setting up database..."
Expand All @@ -49,6 +47,7 @@ configure()
done

# workaround to emulate DROP USER IF EXISTS ..;)
local DBPASSWD=$( grep password /root/.my.cnf | cut -d= -f2 )
mysql -u root -p$DBPASSWD <<EOF
DROP DATABASE IF EXISTS nextcloud;
CREATE DATABASE nextcloud
Expand Down
3 changes: 2 additions & 1 deletion etc/nextcloudpi-config.d/nc-nextcloud.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,6 @@ install() { :; }

configure()
{
local DBPASSWD=$( cat /root/.dbpass )

## RE-CREATE DATABASE TABLE
echo "Starting mariaDB"
Expand All @@ -62,7 +61,9 @@ configure()
done

echo "Setting up database..."

# workaround to emulate DROP USER IF EXISTS ..;)
local DBPASSWD=$( grep password /root/.my.cnf | cut -d= -f2 )
mysql -u root -p$DBPASSWD <<EOF
DROP DATABASE IF EXISTS nextcloud;
CREATE DATABASE nextcloud
Expand Down
3 changes: 1 addition & 2 deletions etc/nextcloudpi-config.d/nc-restore.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,6 @@ You can use nc-backup " \

configure()
{
local DBPASSWD=$( cat /root/.dbpass )

[ -f $BACKUPFILE_ ] || { echo -e "$BACKUPFILE_ not found"; return 1; }
[ -d $BASEDIR_ ] || { echo -e "$BASEDIR_ not found"; return 1; }
[ -d $BASEDIR_/nextcloud ] && { echo -e "WARNING: overwriting old instance"; }
Expand All @@ -55,6 +53,7 @@ configure()
tar -xf $BACKUPFILE_ || return 1

# RE-CREATE DATABASE TABLE
local DBPASSWD=$( grep password /root/.my.cnf | cut -d= -f2 )
echo -e "restore database..."
mysql -u root -p$DBPASSWD <<EOF
DROP DATABASE IF EXISTS nextcloud;
Expand Down
6 changes: 3 additions & 3 deletions lamp.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,9 +47,9 @@ EOF

# Randomize mariaDB password
# Suggested by @enoch85 and taken from the nextcloud vm ( https://github.com/nextcloud/vm/blob/master/lib.sh#L46 )
$DBPASSWD=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$(shuf -i 30-35 -n 1)" | head -n 1)
echo $DBPASSWD > /root/.dbpass
chmod 600 /root/.dbpass
DBPASSWD=$(tr -dc "a-zA-Z0-9@#*=" < /dev/urandom | fold -w "$(shuf -i 30-35 -n 1)" | head -n 1)
echo -e "[client]\npassword=$DBPASSWD" > /root/.my.cnf
chmod 600 /root/.my.cnf

debconf-set-selections <<< "mariadb-server-5.5 mysql-server/root_password password $DBPASSWD"
debconf-set-selections <<< "mariadb-server-5.5 mysql-server/root_password_again password $DBPASSWD"
Expand Down
7 changes: 6 additions & 1 deletion update.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,15 @@ cp -r ncp-web /var/www/
chown www-data:www-data /var/www/ncp-web
chmod 770 /var/www/ncp-web

# force-fix unattended-upgrades for old image users
## BACKWARD FIXES ( for older images )

# force-fix unattended-upgrades
cd /usr/local/etc/nextcloudpi-config.d/
activate_script unattended-upgrades.sh

# for old image users, save default password
test -f /root/.my.cnf || echo -e "[client]\npassword=ownyourbits" > /root/.my.cnf

# License
#
# This script is free software; you can redistribute it and/or modify it
Expand Down

0 comments on commit 530e3a1

Please sign in to comment.