Difference between revisions of "Nextcloud"
Jump to navigation
Jump to search
Michael.mast (talk | contribs) |
Michael.mast (talk | contribs) |
||
| Line 82: | Line 82: | ||
==config.php modifications== | ==config.php modifications== | ||
===caching=== | ===caching=== | ||
| − | |||
| − | |||
<pre> | <pre> | ||
| + | 'memcache.local' => '\OC\Memcache\APCu', | ||
'memcache.distributed' => '\OC\Memcache\Redis', | 'memcache.distributed' => '\OC\Memcache\Redis', | ||
| + | 'memcache.locking' => '\OC\Memcache\Redis', | ||
'redis' => [ | 'redis' => [ | ||
'host' => 'redis-host.example.com', | 'host' => 'redis-host.example.com', | ||
| Line 91: | Line 91: | ||
], | ], | ||
</pre> | </pre> | ||
| + | |||
===Behind TLS Proxy=== | ===Behind TLS Proxy=== | ||
<pre>'overwriteprotocol' => 'https',</pre> | <pre>'overwriteprotocol' => 'https',</pre> | ||
===Remove Default Directory Listing=== | ===Remove Default Directory Listing=== | ||
<pre>'skeletondirectory' => '',</pre> | <pre>'skeletondirectory' => '',</pre> | ||
Revision as of 13:15, 17 July 2020
Contents
Purpose
Installation
CentOS 8
WIP
mkswap -U a507cc29-e07c-46ee-8486-350111e8edf9 /dev/nvme1n1 swapon UUID=a507cc29-e07c-46ee-8486-350111e8edf9 bash -c "echo 'UUID=a507cc29-e07c-46ee-8486-350111e8edf9 swap swap defaults' >> /etc/fstab" dnf upgrade -y dnf -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm dnf -y install wget php74-php php74-php-gd php74-php-pecl-zip php74-php-mysqlnd php74-php-intl php74-php-ldap php74-php-smbclient php74-php-pecl-imagick php74-php-process php74-php-gmp php74-php-bcmath libreoffice-writer libreoffice-calc libreoffice-impress wget https://download.nextcloud.com/server/releases/nextcloud-19.0.0.zip unzip nextcloud-19.0.0.zip mv nextcloud /var/www/html/ mkdir /var/www/html/nextcloud/data chown -R apache:apache /var/www/html/nextcloud semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/data(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/config(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/apps(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/.htaccess' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/.user.ini' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/3rdparty/aws/aws-sdk-php/src/data/logs(/.*)?' restorecon -R '/var/www/html/nextcloud/' setsebool -P httpd_can_network_connect_db on setsebool -P httpd_can_connect_ldap on setsebool -P httpd_can_network_connect on setsebool -P httpd_can_sendmail on setsebool -P httpd_use_cifs on systemctl enable --now php74-php-fpm systemctl enable --now httpd
Memory Caching
Local
For small deployments. I plan on running a cluster behind an ELB in AWS, so a dedicated redis server would be the end goal.[1]
dnf install -y php74-php-pecl-apcu
Update nextcloud/config/config.php
'memcache.local' => '\OC\Memcache\APCu',
Troubleshooting
caldav not rewriting
To fix the caldav issues, had to edit the rewrite rules in the htaccess file.[2][3]
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L] RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
to
RewriteRule ^\.well-known/carddav https://server.com/remote.php/dav/ [R=301,L] RewriteRule ^\.well-known/caldav https://server.com/remote.php/dav/ [R=301,L]
HSTS
Basic http conf file example.
<VirtualHost *:80>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
DocumentRoot /var/www/html/nextcloud
ServerName server.com
<Directory /var/www/html/nextcloud>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
</VirtualHost>
LDAPS Server Error
When trying to enable LDAPS lookup I would run into server errors. Needed to disable the config[4]
sudo -u apache php74 /var/www/html/nextcloud/occ ldap:show-config sudo -u apache php74 /var/www/html/nextcloud/occ ldap:set-config s01 ldapConfigurationActive 0
config.php modifications
caching
'memcache.local' => '\OC\Memcache\APCu',
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => [
'host' => 'redis-host.example.com',
'port' => 6379,
],
Behind TLS Proxy
'overwriteprotocol' => 'https',
Remove Default Directory Listing
'skeletondirectory' => '',
- ↑ https://docs.nextcloud.com/server/19/admin_manual/configuration_server/caching_configuration.html
- ↑ https://help.nextcloud.com/t/disable-a-specific-ldap-configuration/48443
- ↑ https://github.com/nextcloud/server/issues/11850
- ↑ https://docs.nextcloud.com/server/11.0/admin_manual/configuration_server/occ_command.html#ldap-commands-label
