This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
computing:nextcloud [2018/10/10 02:23] – oemb1905 | computing:nextcloud [2024/07/13 04:12] (current) – oemb1905 | ||
---|---|---|---|
Line 11: | Line 11: | ||
------------------------------------------- | ------------------------------------------- | ||
- | This tutorial is for users of Debian GNU/ | + | This tutorial is for a Nextcloud instance on Debian GNU/ |
- | sudo wget https:// | + | sudo apt install apache2-utils php-xml php-curl php-gd php-cgi php-cli php-zip php-mysql php-mbstring php-intl php-fpm php-apcu php-gmp php-imagick php-bcmath php-bz2 wget unzip |
- | sudo unzip nextcloud-14.0.1.zip | + | |
| | ||
- | Make sure to see if there is a newer version than what I have in the example above. The latest version of Nextcloud server can be found here [[https:// | + | Or ... |
+ | |||
+ | sudo apt-get | ||
+ | |||
+ | Once these are installed, make sure you can enable them and that you have no errors in your configurations: | ||
+ | sudo a2enmod ssl | ||
+ | sudo a2enmod headers | ||
+ | sudo a2enmod proxy_fcgi | ||
+ | sudo a2enmod setenvif | ||
+ | sudo a2enconf php8.2-fpm | ||
+ | sudo a2enconf php8.2-cgi | ||
+ | sudo sudo apache2ctl configtest | ||
+ | There may be some others for your use case. Assuming you left the webroot in / | ||
| | ||
+ | cd / | ||
+ | sudo wget https:// | ||
+ | sudo unzip latest.zip | ||
+ | sudo rm latest.zip | ||
+ | sudo rm public_html | ||
+ | sudo mv nextcloud public_html | ||
+ | cd public_html | ||
+ | sudo chown www-data: | ||
+ | sudo mkdir / | ||
+ | sudo chown www-data: | ||
+ | sudo chmod 750 -R / | ||
+ | sudo mkdir -p / | ||
+ | sudo chmod 0640 *.php *.txt *.html AUTHORS COPYING | ||
+ | sudo chmod 0750 {3rdparty, | ||
+ | sudo chown root: | ||
+ | sudo chown www-data: | ||
+ | sudo chmod 0755 / | ||
+ | sudo chmod 0644 / | ||
+ | sudo chown root: | ||
+ | sudo systemctl restart mysql | ||
+ | sudo systemctl restart mysqld | ||
+ | sudo systemctl restart apache2 | ||
+ | sudo systemctl restart php7.3-fpm.service | ||
+ | |||
+ | Prepare MariaDB server for 4-byte characters prior to creating database: | ||
+ | |||
+ | sudo nano / | ||
+ | | ||
+ | Once inside that file, copy these configurations under the [mysqld] block and restart the service: | ||
+ | |||
+ | innodb_large_prefix=true | ||
+ | innodb_file_format=barracuda | ||
+ | innodb_file_per_table=1 | ||
+ | |||
+ | It is now time to set up your database: | ||
+ | |||
+ | sudo mysql -u root -p | ||
+ | |||
+ | Enter your password for sudo and then for MySQL. | ||
+ | |||
+ | CREATE DATABASE nextcloud; | ||
+ | CREATE USER nextclouduser@localhost IDENTIFIED BY ' | ||
+ | GRANT ALL PRIVILEGES ON nextcloud.* to nextclouduser@localhost IDENTIFIED BY ' | ||
+ | FLUSH PRIVILEGES; | ||
+ | EXIT; | ||
+ | |||
+ | Let's first restart the web server, php, and mysql: | ||
+ | | ||
+ | sudo systemctl restart mysql | ||
+ | sudo systemctl restart apache2 | ||
+ | sudo systemctl restart php7.3-fpm.service | ||
+ | |||
+ | Now, visit test.com in your browser and then specify the following configuration options: | ||
+ | |||
+ | * create new user name: adminname | ||
+ | * create new user pass: password | ||
+ | * specify data folder: / | ||
+ | * database user name: nextclouduser | ||
+ | * database name: nextcloud | ||
+ | * database location: localhost | ||
+ | |||
+ | The first thing to do is to navigate to Settings, Overview. | ||
+ | |||
+ | sudo nano / | ||
+ | | ||
+ | I entered the following settings, currently recommended by Nextcloud. | ||
+ | | ||
+ | opcache.enable=1 | ||
+ | opcache.enable_cli=1 | ||
+ | opcache.interned_strings_buffer=16 | ||
+ | opcache.max_accelerated_files=10000 | ||
+ | opcache.memory_consumption=128 | ||
+ | opcache.save_comments=1 | ||
+ | opcache.revalidate_freq=1 | ||
+ | |||
+ | To adjust php memory limit and post size, navigate to these locations and change the following parameters: | ||
+ | |||
+ | sudo nano / | ||
+ | sudo nano / | ||
+ | sudo nano / | ||
+ | sudo nano / | ||
+ | upload_max_filesize=2G | ||
+ | post_max_size=2G | ||
+ | memory_limit=512M | ||
+ | | ||
+ | Next, adjust your max age header in your ssl vhost: | ||
+ | |||
+ | sudo nano / | ||
+ | <Header always set Strict-Transport-Security " | ||
+ | |||
+ | Enable overrides so that cal/card dav will work without cumbersome vhost entries: | ||
+ | |||
+ | sudo nano / | ||
+ | < | ||
+ | | ||
+ | If you do not want to allow overrides, then manually set the redirects for cal/card dav as follows: | ||
+ | |||
+ | sudo nano / | ||
+ | < | ||
+ | < | ||
+ | |||
+ | Lastly, when upgraing you might get a big integers db error. If so, run this in web root: | ||
+ | |||
+ | sudo -u www-data php occ db: | ||
+ | |||
+ | To configure cron to refresh php every 5 minutes: | ||
+ | |||
+ | sudo crontab -e -u www-data | ||
+ | < | ||
+ | < | ||
+ | | ||
+ | To fine tune php: | ||
+ | |||
+ | sudo nano / | ||
+ | https:// | ||
+ | | ||
+ | For a 4GB server: | ||
+ | | ||
+ | pm = dynamic | ||
+ | pm.max_children = 120 | ||
+ | pm.start_servers = 12 | ||
+ | pm.min_spare_servers = 6 | ||
+ | pm.max_spare_servers = 18 | ||
+ | | ||
+ | For a 1GB server, use defaults: | ||
+ | |||
+ | pm = dynamic | ||
+ | pm.max_children = 5 | ||
+ | pm.start_servers = 2 | ||
+ | pm.min_spare_servers = 1 | ||
+ | pm.max_spare_servers = 3 | ||
+ | |||
+ | To reset permissions after an update: | ||
+ | cd / | ||
+ | sudo chown www-data: | ||
+ | sudo chown www-data: | ||
+ | sudo chmod 0640 *.php *.txt *.html AUTHORS COPYING | ||
+ | sudo chmod 0750 {3rdparty, | ||
+ | sudo chown root: | ||
+ | sudo chown www-data: | ||
+ | sudo chmod 0755 / | ||
+ | sudo chmod 0644 / | ||
+ | sudo chown root: | ||
+ | sudo systemctl restart mysql | ||
+ | sudo systemctl restart mysqld | ||
+ | sudo systemctl restart apache2pm = dynamic | ||
+ | sudo systemctl restart php7.3-fpm.service | ||
+ | |||
+ | Need to manually move files from an old NAS or elsewhere to Nextcloud: | ||
+ | |||
+ | sudo -u www-data php / | ||
+ | sudo -u www-data php occ files:scan --path=/ | ||
+ | sudo -u www-data php occ files:scan --path=/ | ||
+ | sudo -u www-data php occ files:scan --help | ||
+ | |||
+ | Okay, and for Nextcloud Talk configuration, | ||
+ | |||
+ | sudo apt install coturn | ||
+ | sudo nano / | ||
+ | openssl rand -hex 32 | ||
+ | | ||
+ | The Nextcloud [[https:// | ||
+ | |||
+ | listening-port=3478 | ||
+ | fingerprint | ||
+ | use-auth-secret | ||
+ | static-auth-secret=< | ||
+ | realm=your.domain.org | ||
+ | total-quota=100 | ||
+ | bps-capacity=0 | ||
+ | stale-nonce | ||
+ | no-multicast-peers | ||
+ | systemctl restart coturn | ||
+ | | ||
+ | After doing this, go to Nextcloud / Settings / Talk, and enter localhost: | ||
+ | |||
+ | sudo nano / | ||
+ | sudo nano / | ||
+ | sudo nano / | ||
+ | sudo nano / | ||
+ | max_excution_time = 240 (for all of them) | ||
+ | |||
+ | If you get the missing indexes error on an upgrade, use: | ||
+ | |||
+ | sudo -u www-data php occ db: | ||
+ | |||
+ | Brute force won't permit log in | ||
+ | |||
+ | select database; | ||
+ | delete FROM oc_bruteforce_attempts; | ||
+ | flush privileges; | ||
+ | exit; | ||
+ | | ||
+ | Log in normally after that. My latest command is for Stubborn files that won't delete from trashbin: | ||
+ | |||
+ | sudo -u www-data php occ trashbin: | ||
+ | | ||
+ | Phone region issue | ||
+ | |||
+ | sudo nano / | ||
+ | ' | ||
+ | |||
+ | New weird error about svg support for phpimagick | ||
+ | |||
+ | sudo apt install libmagickcore-6.q16-6-extra | ||
+ | | ||
+ | Upgrade & Update: | ||
+ | |||
+ | cd / | ||
+ | sudo -u www-data php occ upgrade | ||
+ | cd / | ||
+ | sudo -u www-data php updater.phar | ||
+ | | ||
+ | Use redis for everything except local memcache which uses apcu. Also, in this configuration, | ||
+ | |||
+ | sudo apt install | ||
+ | sudo apt install | ||
+ | sudo apt-get install php-{xml, | ||
+ | sudo apt-get install php8.3-{xml, | ||
+ | |||
+ | Then, right underneath the ''' | ||
+ | |||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ], | ||
+ | |||
+ | |||
+ | Configure apcu in php mods: | ||
+ | |||
+ | sudo nano / | ||
+ | < | ||
+ | |||
+ | To get Social working, these rewrite rules are needed. However, these need to actually point to a .well-known directory which is configured properly. If, however, override All did not make that or your instance was upgraded and does not have it, these rewrites in .htaccess will not be enough on their own. | ||
+ | |||
+ | RewriteRule ^\.well-known/ | ||
+ | RewriteRule ^\.well-known/ | ||
+ | | ||
+ | Enable rotation of logs | ||
+ | |||
+ | ' | ||
+ | |||
+ | Delete the log contents (removes errors from admin settings GUI) | ||
+ | | ||
+ | sudo -u www-data truncate nextcloud.log | ||
+ | |||
+ | This will put the logs on a schedule and remove old errors in due time. When I put Nextcloud behind a reverse proxy, I had to change the following in the primary config: | ||
+ | |||
+ | sudo nano / | ||
+ | ' | ||
+ | array ( | ||
+ | 0 => ' | ||
+ | 1 => ' | ||
+ | ), | ||
+ | ' | ||
+ | ' | ||
+ | |||
+ | This ensures that the upstream subnet and node is trusted and that external url requests don't try to access the subnet directly. There are other notes in the proxmox tutorial since that is when I set up the reverse proxy setup. There is now a recommended maintenance window setting: | ||
+ | |||
+ | ' | ||
+ | | ||
+ | Mimetype migrations | ||
+ | |||
+ | sudo -u www-data php occ maintenance: | ||
+ | --- // |