Difference between revisions of "NextCloud"
Line 3: | Line 3: | ||
== Prerequisites == | == Prerequisites == | ||
− | Instal some stuff first. This NextCloud recipe uses PostgreSQL, Redis, Apache 2.4, FastCGI with PHP FPM, and Dehydrated for SSL certificate maangement. | + | Instal some stuff first. This NextCloud recipe uses PostgreSQL, Redis, Apache 2.4, FastCGI with PHP FPM, and Dehydrated for [[Letsencrypt]] SSL certificate maangement. |
sudo apt install apache2 libapache2-mod-fcgid \ | sudo apt install apache2 libapache2-mod-fcgid \ | ||
Line 29: | Line 29: | ||
Should look something like this: | Should look something like this: | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
<VirtualHost *:443> | <VirtualHost *:443> | ||
ServerName cloud.'''example.com''' | ServerName cloud.'''example.com''' | ||
− | + | DocumentRoot /var/www/nextcloud | |
− | DocumentRoot /var/www/nextcloud | ||
− | |||
<Directory "/var/www/nexcloud"> | <Directory "/var/www/nexcloud"> | ||
Options FollowSymLinks MultiViews | Options FollowSymLinks MultiViews | ||
Line 52: | Line 43: | ||
</IfModule> | </IfModule> | ||
</Directory> | </Directory> | ||
− | |||
SSLEngine On | SSLEngine On | ||
− | SSLCertificateFile | + | SSLCertificateFile ... |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
</VirtualHost> | </VirtualHost> | ||
Line 95: | Line 79: | ||
chown -R www-data:www-data /var/lib/nextcloud /var/cache/nextcloud | chown -R www-data:www-data /var/lib/nextcloud /var/cache/nextcloud | ||
− | == | + | == Configure NextCloud == |
Edit the configuration file in {{code|config/config.php}} and check or consider these settings, and add the database and SMTP connection details: | Edit the configuration file in {{code|config/config.php}} and check or consider these settings, and add the database and SMTP connection details: | ||
Line 160: | Line 144: | ||
Then add the following to {{code|config.php}} to get lots of other useful file previews: | Then add the following to {{code|config.php}} to get lots of other useful file previews: | ||
'enabledPreviewProviders' => [ | 'enabledPreviewProviders' => [ | ||
− | + | # ... | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
8 => 'OC\\Preview\\MarkDown', | 8 => 'OC\\Preview\\MarkDown', | ||
9 => 'OC\\Preview\\Movie', | 9 => 'OC\\Preview\\Movie', |
Revision as of 07:42, 8 December 2020
Assumes Ubuntu 20.04, stable20 branch, and installing under /var/www for a cloud.example.com URL (c. December 2020).
Prerequisites
Instal some stuff first. This NextCloud recipe uses PostgreSQL, Redis, Apache 2.4, FastCGI with PHP FPM, and Dehydrated for Letsencrypt SSL certificate maangement.
sudo apt install apache2 libapache2-mod-fcgid \ php7.4-{bcmath,bz2,curl,gd,fpm,gmp,intl,json,mbstring,opcache,pgsql,tidy,xmlrpc,xsl,zip} php-{imagick,redis} composer dehydrated postgresql redis-server
Set up the webserver
Running Apache with mod-php is old hat, incompatible with HTTP/2, slow, and horribly memory ineffient under load. Luckily these days we can use PHP-FPM which has been built-in to all versions of PHP since 5.4.
Add a global config to deny access to git repositories, in /etc/apache2/conf-available/deny-git.conf:
# /etc/apache2/conf-available/deny-git.conf <FilesMatch "^\.git"> Require all denied </FilesMatch>
Then enable the Apache configs and required modules:
a2enconf deny-git php7.4-fpm a2enmod proxy_fcgi mpm_worker setenvif rewrite ssl headers dir env
Add virtual host for NextCloud
Should look something like this:
<VirtualHost *:443> ServerName cloud.example.com DocumentRoot /var/www/nextcloud <Directory "/var/www/nexcloud"> Options FollowSymLinks MultiViews AllowOverride All Require all granted Satisfy Any SetEnv HOME /var/www/nextcloud SetEnv HTTP_HOME /var/www/nextcloud <IfModule mod_dav.c> Dav off </IfModule> </Directory> SSLEngine On SSLCertificateFile ... </VirtualHost>
Configure PHP
PHP needs a few things: enable the opcache, increase the memory limit, and increase the maximum POST size so you can upload large files. Fiddle with these settings in php/7.4/fpm/php.ini:
max_execution_time = 60 memory_limit = 512M post_max_size = 500M upload_max_filesize = 500M opcache.enable=1
Create a database
Create a database in PostgreSQL:
sudo -u postgres createuser -SDRP <nextcloud-user> sudo -u postgres createdb -E UTF8 -O <nextcloud-user> <nextcloud-dbname>
Install NextCloud
We can just clone it from git:
git clone https://github.com/nextcloud/server.git nextcloud cd nextcloud git checkout stable20 # or whatever the latest stable version is git submodule update --init --recursive chown www-data:www-data config apps .htaccess
Create a directory for the cache and user data, which should not reside under the web root:
mkdir -p /var/lib/nextcloud/data /var/cache/nextcloud chown -R www-data:www-data /var/lib/nextcloud /var/cache/nextcloud
Configure NextCloud
Edit the configuration file in config/config.php and check or consider these settings, and add the database and SMTP connection details:
$config => [ # ... # 'passwordsalt' => "<very long random string>", 'secret' => "<a different very long random string>", 'trusted_domains' => [ 0 => "cloud.example.com", ], 'datadirectory' => '/var/lib/nextcloud/data', 'overwrite.cli.url' => 'https://cloud.example.com/', 'htaccess.RewriteBase' => '/', # Database connection details 'dbtype' => 'pgsql', 'dbhost' => 'localhost', 'dbuser' => "<nextcloud-dbuser>", 'dbpassword' => "<password>", 'dbname' => "<nextcloud-dbname>", 'dbtableprefix' => 'oc_', # Force all URLs to use SSL or it may trip up things like OAuth 'overwriteprotocol' => 'https', # Use Redis and caching to make everything go faster 'memcache.local' => '\\OC\\Memcache\\Redis', 'memcache.locking' => '\\OC\\Memcache\\Redis', 'redis' => [ 'host' => 'localhost', 'port' => 6379, ], 'cache_path' => '/var/cache/nextcloud', # Send email details 'mail_smtpmode' => 'smtp', 'mail_smtpsecure' => 'tls', 'mail_sendmailmode' => 'smtp', 'mail_from_address' => "nexcloud@example.com", 'mail_domain' => "example.com", 'mail_smtpauthtype' => 'PLAIN', 'mail_smtpauth' => 1, 'mail_smtphost' => ""mail.example.com", 'mail_smtpport' => '587', 'mail_smtpname' => '<emailuser>', 'mail_smtppassword' => '<emailpassword>',
Then navigate to the URL in the browser to install (or run the NextCloud ./occ tool from the command line).
Clean URLs
For clean URLs, make sure AllowOverride All is set for the parent directory; the /var/www definition is in the main /etc/apache2/apache.conf. Then run the follwing OCC command to enable the rewrite rules:
sudo -u www-data ./occ maintenance:update:htaccess
Previews of other file types
Edit /etc/ImageMagick/policy.xml and remove this line to get PDF previews to work:
<policy domain="coder" rights="none" pattern="PDF" />
Then add the following to config.php to get lots of other useful file previews:
'enabledPreviewProviders' => [ # ... 8 => 'OC\\Preview\\MarkDown', 9 => 'OC\\Preview\\Movie', 10 => 'OC\\Preview\\PDF', 11 => 'OC\\Preview\\OpenDocument', 12 => 'OC\\Preview\\MSOfficeDoc', 13 => 'OC\\Preview\\MSOffice2003', 14 => 'OC\\Preview\\MSOffice2007', ],
Photos
Photos replaces the Gallery app, and is installed separately through the NC store or you can use git to manage it as a submodule. If it doesn't work you might need to build its JavaScript resources by running make in its apps/photos directory. Alternatively you can resuscitate the Gallery app, which stopped working after NextCloud version 17, by updating its JavaScript dompurify library to a newer version and bumping the app max version in apps/galleryappinfo/info.xml as follows (See also pull request #570):
<nextcloud min-version="17" max-version="20"/>
Maintenance
Keep the git checkout of NextCloud and its submodules up to date with git, and run the OCC upgrade command:
cd /var/www/nextcloud git pull git submodule update --init --recursive sudo -u www-data ./occ upgrade
Cron job
In the administrator settings select cron rather than other methods, and put this in /etc/cron.d/nextcloud
*/5 * * * * www-data /usr/bin/php /var/www/nextcloud/cron.php