From ceb41fbc536c3039b6fdf50a5311cb86014a1d80 Mon Sep 17 00:00:00 2001
From: Frank Brehm <frank@brehm-online.com>
Date: Thu, 28 Jun 2018 06:40:57 +0200
Subject: [PATCH] daily autocommit

---
 .etckeeper                                    |  2 +
 .../sites-available/001-nextcloud-ssl.conf    | 27 ++++++-
 apache2/sites-available/001-nextcloud.conf    | 33 +++++++-
 .../002-nextcloud-redir-ssl.conf              | 75 +++++++++++++++++++
 .../002-nextcloud-redir-ssl.conf              |  1 +
 cron.d/nextcloud                              |  2 +
 php/7.0/apache2/php.ini                       |  7 ++
 phpmyadmin/config-db.php                      |  3 +-
 8 files changed, 145 insertions(+), 5 deletions(-)
 create mode 100644 apache2/sites-available/002-nextcloud-redir-ssl.conf
 create mode 120000 apache2/sites-enabled/002-nextcloud-redir-ssl.conf
 create mode 100644 cron.d/nextcloud

diff --git a/.etckeeper b/.etckeeper
index d884143..f4f16a0 100755
--- a/.etckeeper
+++ b/.etckeeper
@@ -253,6 +253,7 @@ maybe chmod 0644 'apache2/sites-available/000-default-ssl.conf'
 maybe chmod 0644 'apache2/sites-available/000-default.conf'
 maybe chmod 0644 'apache2/sites-available/001-nextcloud-ssl.conf'
 maybe chmod 0644 'apache2/sites-available/001-nextcloud.conf'
+maybe chmod 0644 'apache2/sites-available/002-nextcloud-redir-ssl.conf'
 maybe chmod 0644 'apache2/sites-available/default-include.conf'
 maybe chmod 0644 'apache2/sites-available/default-ssl.conf'
 maybe chmod 0644 'apache2/sites-available/include-nextcloud.conf'
@@ -395,6 +396,7 @@ maybe chmod 0644 'cron.d/.placeholder'
 maybe chmod 0644 'cron.d/apticron'
 maybe chmod 0644 'cron.d/certbot'
 maybe chmod 0644 'cron.d/greetings'
+maybe chmod 0644 'cron.d/nextcloud'
 maybe chmod 0644 'cron.d/php'
 maybe chmod 0644 'cron.d/sync-pkgs'
 maybe chmod 0755 'cron.daily'
diff --git a/apache2/sites-available/001-nextcloud-ssl.conf b/apache2/sites-available/001-nextcloud-ssl.conf
index 48cf61d..cae241a 100644
--- a/apache2/sites-available/001-nextcloud-ssl.conf
+++ b/apache2/sites-available/001-nextcloud-ssl.conf
@@ -3,7 +3,26 @@
 <IfModule mod_ssl.c>
 	<VirtualHost _default_:443>
 
-		Include sites-available/include-nextcloud.conf
+		ServerName  cloud.uhu-banane.de
+
+		ServerAdmin webmaster@uhu-banane.de
+		DocumentRoot /var/www/nextcloud
+
+		ErrorLog ${APACHE_LOG_DIR}/nextcloud.error.log
+		CustomLog ${APACHE_LOG_DIR}/nextcloud.access.log full_combined
+
+		<Directory /var/www/nextcloud/>
+			Options +FollowSymlinks
+			AllowOverride All
+
+			<IfModule mod_dav.c>
+				Dav off
+			</IfModule>
+
+			SetEnv HOME /var/www/nextcloud
+			SetEnv HTTP_HOME /var/www/nextcloud
+
+		</Directory>
 
 		SSLEngine on
 
@@ -38,7 +57,11 @@
 		# MSIE 7 and newer should be able to use keepalive
 		BrowserMatch	"MSIE [17-9]" ssl-unclean-shutdown
 
+		<IfModule mod_headers.c>
+			Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
+		</IfModule>
+
 	</VirtualHost>
 </IfModule>
 
-# vim: filetype=apache ts=8 sw=4 sts=4 sr noet
+# vim: filetype=apache ts=8 sw=8 sts=8 sr noet
diff --git a/apache2/sites-available/001-nextcloud.conf b/apache2/sites-available/001-nextcloud.conf
index d40b893..3facc49 100644
--- a/apache2/sites-available/001-nextcloud.conf
+++ b/apache2/sites-available/001-nextcloud.conf
@@ -1,7 +1,36 @@
 <VirtualHost *:80>
 
-	Include sites-available/include-nextcloud.conf
+	ServerName  cloud.uhu-banane.de
+	ServerAlias cloud
+	ServerAlias cloud.brehm-berlin.de
+	ServerAlias cloud.brehm-online.com
+	ServerAlias cloud.brehm-online.eu
+	ServerAlias cloud.frankepedia.eu
+	ServerAlias cloud.hennig-berlin.org
+	ServerAlias cloud.uhu-banane.com
+	ServerAlias cloud.uhu-banane.eu
+	ServerAlias cloud.uhu-banane.net
+	ServerAlias cloud.uhu-banane.org
+	ServerAlias nextcloud
+	ServerAlias nextcloud.brehm-berlin.de
+	ServerAlias nextcloud.brehm-online.com
+	ServerAlias nextcloud.brehm-online.eu
+	ServerAlias nextcloud.frankepedia.eu
+	ServerAlias nextcloud.hennig-berlin.org
+	ServerAlias nextcloud.uhu-banane.com
+	ServerAlias nextcloud.uhu-banane.de
+	ServerAlias nextcloud.uhu-banane.eu
+	ServerAlias nextcloud.uhu-banane.net
+	ServerAlias nextcloud.uhu-banane.org
+
+	ServerAdmin webmaster@uhu-banane.de
+
+	ErrorLog ${APACHE_LOG_DIR}/nextcloud-redir.error.log
+	CustomLog ${APACHE_LOG_DIR}/nextcloud-redir.access.log full_combined
+
+	Redirect permanent / https://cloud.uhu-banane.de/
+
 
 </VirtualHost>
 
-# vim: filetype=apache ts=4 sw=4 sts=4 sr noet
+# vim: filetype=apache ts=8 sw=8 sts=8 sr noet
diff --git a/apache2/sites-available/002-nextcloud-redir-ssl.conf b/apache2/sites-available/002-nextcloud-redir-ssl.conf
new file mode 100644
index 0000000..36944c9
--- /dev/null
+++ b/apache2/sites-available/002-nextcloud-redir-ssl.conf
@@ -0,0 +1,75 @@
+
+
+<IfModule mod_ssl.c>
+	<VirtualHost _default_:443>
+
+		ServerName  nextcloud.uhu-banane.com
+		ServerAlias cloud
+		ServerAlias cloud.brehm-berlin.de
+		ServerAlias cloud.brehm-online.com
+		ServerAlias cloud.brehm-online.eu
+		ServerAlias cloud.frankepedia.eu
+		ServerAlias cloud.hennig-berlin.org
+		ServerAlias cloud.uhu-banane.com
+		ServerAlias cloud.uhu-banane.eu
+		ServerAlias cloud.uhu-banane.net
+		ServerAlias cloud.uhu-banane.org
+		ServerAlias nextcloud
+		ServerAlias nextcloud.brehm-berlin.de
+		ServerAlias nextcloud.brehm-online.com
+		ServerAlias nextcloud.brehm-online.eu
+		ServerAlias nextcloud.frankepedia.eu
+		ServerAlias nextcloud.hennig-berlin.org
+		ServerAlias nextcloud.uhu-banane.de
+		ServerAlias nextcloud.uhu-banane.eu
+		ServerAlias nextcloud.uhu-banane.net
+		ServerAlias nextcloud.uhu-banane.org
+
+		ServerAdmin webmaster@uhu-banane.de
+
+		ErrorLog ${APACHE_LOG_DIR}/nextcloud-redir.error.log
+		CustomLog ${APACHE_LOG_DIR}/nextcloud-redir.access.log full_combined
+
+		Redirect permanent / https://cloud.uhu-banane.de/
+
+		SSLEngine on
+
+		SSLCertificateFile	/etc/letsencrypt/live/cloud.uhu-banane.de/fullchain.pem
+		SSLCertificateKeyFile	/etc/letsencrypt/live/cloud.uhu-banane.de/privkey.pem
+
+		Include /etc/letsencrypt/options-ssl-apache.conf
+
+		#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
+
+		#SSLCACertificatePath /etc/ssl/certs/
+		#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
+
+		#SSLCARevocationPath /etc/apache2/ssl.crl/
+		#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
+
+		#SSLVerifyClient require
+		#SSLVerifyDepth  10
+
+		#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
+
+		<FilesMatch "\.(cgi|shtml|phtml|php)$">
+			SSLOptions +StdEnvVars
+		</FilesMatch>
+		<Directory /usr/lib/cgi-bin>
+			SSLOptions +StdEnvVars
+		</Directory>
+
+		BrowserMatch	"MSIE [2-6]" \
+			nokeepalive ssl-unclean-shutdown \
+			downgrade-1.0 force-response-1.0
+		# MSIE 7 and newer should be able to use keepalive
+		BrowserMatch	"MSIE [17-9]" ssl-unclean-shutdown
+
+		<IfModule mod_headers.c>
+			Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
+		</IfModule>
+
+	</VirtualHost>
+</IfModule>
+
+# vim: filetype=apache ts=8 sw=8 sts=8 sr noet
diff --git a/apache2/sites-enabled/002-nextcloud-redir-ssl.conf b/apache2/sites-enabled/002-nextcloud-redir-ssl.conf
new file mode 120000
index 0000000..d525c79
--- /dev/null
+++ b/apache2/sites-enabled/002-nextcloud-redir-ssl.conf
@@ -0,0 +1 @@
+../sites-available/002-nextcloud-redir-ssl.conf
\ No newline at end of file
diff --git a/cron.d/nextcloud b/cron.d/nextcloud
new file mode 100644
index 0000000..a2cf25e
--- /dev/null
+++ b/cron.d/nextcloud
@@ -0,0 +1,2 @@
+# Cronjob for Nextcloud
+*/15  *  *  *  * www-data php -f /var/www/nextcloud/cron.php
diff --git a/php/7.0/apache2/php.ini b/php/7.0/apache2/php.ini
index fb7cde3..86be54b 100644
--- a/php/7.0/apache2/php.ini
+++ b/php/7.0/apache2/php.ini
@@ -1765,19 +1765,24 @@ ldap.max_links = -1
 [opcache]
 ; Determines if Zend OPCache is enabled
 ;opcache.enable=0
+opcache.enable=1
 
 ; Determines if Zend OPCache is enabled for the CLI version of PHP
 ;opcache.enable_cli=0
+opcache.enable_cli=1
 
 ; The OPcache shared memory storage size.
 ;opcache.memory_consumption=64
+opcache.memory_consumption=128
 
 ; The amount of memory for interned strings in Mbytes.
 ;opcache.interned_strings_buffer=4
+opcache.interned_strings_buffer=8
 
 ; The maximum number of keys (scripts) in the OPcache hash table.
 ; Only numbers between 200 and 1000000 are allowed.
 ;opcache.max_accelerated_files=2000
+opcache.max_accelerated_files=10000
 
 ; The maximum percentage of "wasted" memory until a restart is scheduled.
 ;opcache.max_wasted_percentage=5
@@ -1796,6 +1801,7 @@ ldap.max_links = -1
 ; memory storage allocation. ("1" means validate once per second, but only
 ; once per request. "0" means always validate)
 ;opcache.revalidate_freq=2
+opcache.revalidate_freq=1
 
 ; Enables or disables file search in include_path optimization
 ;opcache.revalidate_path=0
@@ -1803,6 +1809,7 @@ ldap.max_links = -1
 ; If disabled, all PHPDoc comments are dropped from the code to reduce the
 ; size of the optimized code.
 ;opcache.save_comments=1
+opcache.save_comments=1
 
 ; If enabled, a fast shutdown sequence is used for the accelerated code
 ; Depending on the used Memory Manager this may cause some incompatibilities.
diff --git a/phpmyadmin/config-db.php b/phpmyadmin/config-db.php
index e642ac6..0d54e39 100644
--- a/phpmyadmin/config-db.php
+++ b/phpmyadmin/config-db.php
@@ -13,6 +13,7 @@ $dbuser='';
 $dbpass='';
 $basepath='';
 $dbname='phpmyadmin';
-$dbserver='localhost';
+#$dbserver='localhost';
+$dbserver='sarah-v6.uhu-banane.de';
 $dbport='3306';
 $dbtype='mysql';
-- 
2.39.5