Nextcloud

From Michael's Information Zone
Jump to navigation Jump to search

Purpose

Installation

CentOS 8

WIP

mkswap -U a507cc29-e07c-46ee-8486-350111e8edf9 /dev/nvme1n1
swapon UUID=a507cc29-e07c-46ee-8486-350111e8edf9
bash -c "echo 'UUID=a507cc29-e07c-46ee-8486-350111e8edf9 swap swap defaults' >> /etc/fstab"
dnf upgrade -y
dnf -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf -y install wget php74-php php74-php-gd php74-php-pecl-zip php74-php-mysqlnd php74-php-intl php74-php-ldap php74-php-smbclient php74-php-pecl-imagick php74-php-process php74-php-gmp php74-php-bcmath libreoffice-writer libreoffice-calc libreoffice-impress

wget https://download.nextcloud.com/server/releases/nextcloud-19.0.0.zip
unzip nextcloud-19.0.0.zip
mv nextcloud /var/www/html/
mkdir /var/www/html/nextcloud/data
chown -R apache:apache /var/www/html/nextcloud
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/data(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/config(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/apps(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/.htaccess'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/.user.ini'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/3rdparty/aws/aws-sdk-php/src/data/logs(/.*)?'
restorecon -R '/var/www/html/nextcloud/'

setsebool -P httpd_can_network_connect_db on
setsebool -P httpd_can_connect_ldap on
setsebool -P httpd_can_network_connect on
setsebool -P httpd_can_sendmail on
setsebool -P httpd_use_cifs on
systemctl enable --now php74-php-fpm
systemctl enable --now httpd

Memory Caching

Local

For small deployments. I plan on running a cluster behind an ELB in AWS, so a dedicated redis server would be the end goal.[1]

dnf install -y php74-php-pecl-apcu

Update nextcloud/config/config.php

'memcache.local' => '\OC\Memcache\APCu',

Troubleshooting

caldav not rewriting

To fix the caldav issues, had to edit the rewrite rules in the htaccess file.[2][3]

RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]

to

RewriteRule ^\.well-known/carddav https://server.com/remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav https://server.com/remote.php/dav/ [R=301,L]

HSTS

Basic http conf file example.

<VirtualHost *:80>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
  DocumentRoot /var/www/html/nextcloud
  ServerName  server.com

  <Directory /var/www/html/nextcloud>
    Require all granted
    AllowOverride All
    Options FollowSymLinks MultiViews
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
  </Directory>
</VirtualHost>

LDAPS Server Error

When trying to enable LDAPS lookup I would run into server errors. Needed to disable the config[4]

sudo -u apache php74 /var/www/html/nextcloud/occ ldap:show-config
sudo -u apache php74 /var/www/html/nextcloud/occ ldap:set-config s01 ldapConfigurationActive 0