RealStickman
32898d0bf3
Requires CSP and how I set it
Podman command for Onlyoffice just sets the token
Multiple links on Installation, integration and proxy configuration linked
7.5 KiB
| title | visible |
|---|---|
| Nextcloud | true |
[toc]
Installation
Nextcloud will be using apache
apt install mlocate apache2 libapache2-mod-php mariadb-client mariadb-server wget unzip bzip2 curl php php-common php-curl php-gd php-mbstring php-mysql php-xml php-zip php-intl php-apcu php-redis php-bcmath php-gmp php-imagick
Not found: php-http-request python-certbot-apache
No password set
mariadb -u root -p
CREATE DATABASE nextcloud;
For UTF8 support use this instead:
CREATE DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
GRANT ALL ON nextcloud.* TO 'nextcloud'@'localhost' IDENTIFIED BY '{PASSWORD}';
FLUSH PRIVILEGES;
Exit the MariaDB prompt
Download Nextcloud into /var/www
wget https://download.nextcloud.com/server/releases/nextcloud-{VERSION}.tar.bz2
tar -xf nextcloud-{VERSION}.tar.bz2
Change owner to the apache user
chown -Rfv www-data:www-data /var/www/nextcloud
Create nextcloud configuration for apache
vi /etc/apache2/sites-available/nextcloud.conf
Configuration file
<VirtualHost *:80> #specify listen ip addresses: {ADDRESS}:{PORT} for ipv4, [{ADDRESS}]:{PORT} vor ipv6, *:80 for all
ServerAdmin webmaster@localhost
DocumentRoot /var/www/nextcloud
Alias /nextcloud "/var/www/nextcloud/"
<Directory "/var/www/nextcloud/">
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
Require all granted
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
ErrorLog ${APACHE_LOG_DIR}/nextcloud_error_log
CustomLog ${APACHE_LOG_DIR}/nextcloud_access_log common
</VirtualHost>
Enable nextcloud and disable the default site
a2ensite nextcloud.conf && a2dissite 000-default.conf
Edit ports.conf for apache2 to only bind the addresses you need
systemctl restart apache2
Cron
To execute regular jobs, I personally use cron.
Edit crontab as the www-data user.
sudo -u www-data crontab -e
Add this following line:
*/5 * * * * php -f {NEXTCLOUD DIR}/cron.php
Configuration
The main config file is {NEXTCLOUD DIR}/config/config.php
Automatic Trash clearing
See this page for more options
This settings keeps the files for 15 days, unless drive space is getting low.
In that case it delets them earlier.
'trashbin_retention_obligation' => 'auto, 15',
Trust Proxy
This disables the warning of untrusted proxy in the webinterface.
'trusted_proxies' =>
array (
0 => '{PROXY IP}',
),
Trusted Domains
Array of trusted domains.
'trusted_domains' =>
array (
0 => '{DOMAIN 1}',
1 => '{DOMAIN 2}',
),
Maintenance
Maintenance Mode
Enable maintenance mode to prevent data inconsistencies
sudo -u www-data php /var/www/nextcloud/occ maintenance:mode --on
To disable maintenance mode again, run the same command with --off instead of --on
Upgrade with CLI
sudo -u www-data php /var/www/nextcloud/updater/updater.phar
Backup Database
Dump database to file
NOTE: The password needs to be inserted directly after -p without any space
mysqldump --single-transaction -h {SERVER} -u {USERNAME} -p{PASSWORD} {DB NAME} > nextcloud-sqlbkp_`date +"%Y%m%d"`.bak
Backup Script
#!/bin/bash
set -euo pipefail
server=
username=
password=
db_name=
sudo mkdir -p /var/www/database-backup
sudo -u www-data php /var/www/nextcloud/occ maintenance:mode --on
mysqldump --single-transaction -h $server -u $username -p$password $db_name | sudo tee /var/www/database-backup/nextcloud-sqlbkp_`date +"%Y%m%d"`.bak
sudo -u www-data php /var/www/nextcloud/occ maintenance:mode --off
Restore Database
mariadb -h {SERVER} -u {USERNAME} -p{PASSWORD} -e "DROP DATABASE nextcloud"
mariadb -h {SERVER} -u {USERNAME} -p{PASSWORD} -e "CREATE DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci"
mariadb -h {SERVER} -u {USERNAME} -p{PASSWORD} {DB NAME} < nextcloud-sqlbkp.bak
Collabora Online Container
Unfinished
Docker Compose for Nextcloud + Collabora + Traefik?
Use HTTPS with Ubuntu 22.04, apache, Nextcloud and Collabora(Docker)
HowTo: Ubuntu + Docker + Nextcloud + Talk + Collabora
podman run -t -d --name collabora-online -p 9980:9980 \
-e "extra_params=--o:ssl.enable=false --o:ssl.termination=true" \
--label "io.containers.autoupdate=image" \
docker.io/collabora/code:latest
server {
listen 443 ssl;
server_name collabora.exu.li;
ssl_certificate_key /etc/acme-sh/collabora.exu.li/key.pem;
ssl_certificate /etc/acme-sh/collabora.exu.li/cert.pem;
# static files
location ^~ /browser {
proxy_pass http://172.18.50.101:9980;
proxy_set_header Host $http_host;
}
# WOPI discovery URL
location ^~ /hosting/discovery {
proxy_pass http://172.18.50.101:9980;
proxy_set_header Host $http_host;
}
# Capabilities
location ^~ /hosting/capabilities {
proxy_pass http://172.18.50.101:9980;
proxy_set_header Host $http_host;
}
# main websocket
location ~ ^/cool/(.*)/ws$ {
proxy_pass http://172.18.50.101:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}
# download, presentation and image upload
location ~ ^/(c|l)ool {
proxy_pass http://172.18.50.101:9980;
proxy_set_header Host $http_host;
}
# Admin Console websocket
location ^~ /cool/adminws {
proxy_pass http://172.18.50.101:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}
}
Onlyoffice Container
Integrating onlyoffice, requires setting the correct Content Security Policy headers on the webserver. Using CSP also introduces blockages in Nextcloud that have to be fixed. The console view is your friend for finding every issue.
For my installation, the headers needed to be set like this.
Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: onlyoffice.exu.li;"
sudo podman run -itd --name onlyoffice -p 8080:80 \
-e JWT_SECRET={secret key} \
docker.io/onlyoffice/documentserver
Installing ONLYOFFICE Docs Community Edition for Docker on a local server
About the ONLYOFFICE and Nextcloud integration
Using ONLYOFFICE Docs behind the proxy