User:Steffo/Nextcloud
Category:File sharing Category:Web applications
From Wikipedia:Nextcloud:
- Nextcloud is a suite of client-server software for creating and using file hosting services. It is functionally similar to Dropbox, although Nextcloud is free and open-source, allowing anyone to install and operate it on a private server. In contrast to proprietary services like Dropbox, the open architecture allows adding additional functionality to the server in form of applications.
Nextcloud is a fork of ownCloud. For differences between the two, see wikipedia:Nextcloud#Differences from ownCloud.
Prerequisites
Nextcloud requires several components:[1]
- A database:
- mariadb (MariaDB) or
- postgresql (PostgreSQL)
- A PHP FastCGI implementation:
- A web server:
- apache (Apache) or
- nginx-mainline (nginx)
Make sure the required components are installed before proceeding.
Installation
Install the nextcloud package.
Database setup
An SQL database must be set up and used for your Nextcloud installation. After setting up the database here, you will be prompted for its information when you first create an administrator account.
MariaDB
Create the nextcloud
database:
# mariadb
MariaDB [(none)]> CREATE DATABASE nextcloud DEFAULT CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_general_ci';
Then, create the nextcloud
user and give it privileges to use the newly created database:
# mariadb
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nextcloud.* TO nextcloud IDENTIFIED BY 'YOUR_PASSWORD_HERE'; MariaDB [(none)]> FLUSH PRIVILEGES;
Configure the pdo_mysql
and mysqli
extensions
PostgreSQL
Create the nextcloud
user:
# sudo -iu postgres
[postgres]$ createuser nextcloud
Then, create the nextcloud
database owned by the newly created user:
# sudo -iu postgres
[postgres]$ createdb --owner=nextcloud nextcloud
Configure the pdo_pgsql
and pgsql
extensions (php-pgsql)
PHP setup
Ensure session.save_path
is set:
/etc/php/php.ini
session.save_path = "/tmp"
Ensure the required, recommended and optional extensions are enabled:
/etc/php/php.ini
extension=gd extension=intl extension=zip
Enable the opcache
extension, and configure it recommended by the documentation:
/etc/php/php.ini
zend_extension=opcache opcache.enable=1 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=10000 opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1
Increase the PHP memory limit to a value greater or equal to 512 MB:
/etc/php/php.ini
memory_limit = 512M
PHP-FPM setup
Add an additional process pool that runs as the nextcloud
user and group:
/etc/php/php-fpm.d/nextcloud.conf
[nextcloud] user = nextcloud group = nextcloud listen = /run/nextcloud/php-fpm.sock env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp ; should be accessible by your web server listen.owner = http listen.group = http pm = dynamic pm.max_children = 120 pm.start_servers = 12 pm.min_spare_servers = 6 pm.max_spare_servers = 18
The php-fpm service runs with the system mounted as read-only for hardening purposes, so it is necessary to explicitly grant write permissions on the appropriate Nextcloud paths.
Create an override.conf
for php-fpm
:
# systemctl edit php-fpm.service
[Service] ReadWritePaths=/var/lib/nextcloud/data ReadWritePaths=/var/lib/nextcloud/apps ReadWritePaths=/etc/webapps/nextcloud/config
Restart php-fpm.service
.
Nextcloud setup
Paths configuration
The configuration files are stored in the /etc/webapps/nextcloud/config/
directory.
The config.php
file contains the settings for the Nextcloud instance, and is prefilled with some Arch-specific settings:
/etc/webapps/nextcloud/config/config.php
<?php $CONFIG = array ( 'datadirectory' => '/var/lib/nextcloud/data', 'logfile' => '/var/log/nextcloud/nextcloud.log', 'apps_paths' => [ [ 'path'=> '/usr/share/webapps/nextcloud/apps', 'url' => '/apps', 'writable' => false, ], [ 'path'=> '/var/lib/nextcloud/apps', 'url' => '/wapps', 'writable' => true, ], ], );
The config.sample.php
file contains all available config options: they should be copied to config.php
as needed and possibly changed to match the desired behaviour.
The CAN_INSTALL
file is a blank file that, if present, authorizes Nextcloud to begin a new installation if so is requested through the installation page.
Setup
occ
(OwnCloud Console) is a command-line tool that can be used to administrate Nextcloud. It is located in /usr/share/webapps/nextcloud/occ
and should always be run as the nextcloud
user. A wrapper is provided in /usr/bin/occ
which will run the command using sudo.
To set up Nextcloud, you can use the # occ maintenance:install
command. See documentation for more details.
For example, to set up Nextcloud with #PostgreSQL, using Unix sockets:
# occ maintenance:install --database "pgsql" --database-name "nextcloud" --database-user "nextcloud" --database-pass "password" --admin-user "admin" --admin-pass "password"
To set up Nextcloud with #MariaDB:
# occ maintenance:install --database "mysql" --database-name "nextcloud" --database-user "nextcloud" --database-pass "password" --admin-user "admin" --admin-pass "password"
Web server setup
Depending on which web server you are using, further setup is required.
Apache
Ensure the Apache HTTP Server is enabled, and that php-fpm is correctly configured.
Create a new Apache virtual host for Nextcloud:
/etc/httpd/conf/vhosts
<VirtualHost *:443> ServerName nextcloud.example.com SSLEngine on SSLCertificateFile "/path/to/your/chain" SSLCertificateKeyFile "/path/to/your/privatekey" DocumentRoot /usr/share/webapps/nextcloud DirectoryIndex index.php index.html <Directory /usr/share/webapps/nextcloud> Require all granted </Directory> <FilesMatch \.php$> SetHandler "proxy:unix:/run/nextcloud/php-fpm.sock|fcgi://localhost/" </FilesMatch> </VirtualHost>
Change the localhost
in the trusted_domains
key of the Nextcloud config to your virtual host ServerName
:
/etc/webapps/nextcloud/config/config.php
'trusted_domains' => array ( 0 => 'nextcloud.example.org', ),
Do the same to the overwrite.cli.url
key:
/etc/webapps/nextcloud/config/config.php
'overwrite.cli.url' => 'http://nextcloud.example.org',
Restart httpd.service
.
Nginx
Make sure #PHP-FPM setup has been followed correctly.
Create /etc/nginx/conf.d/nextcloud.conf
and add the content according to the Nextcloud documentation.
Set the php-handler block according to you php-fpm socket:
/etc/nginx/conf.d/nextcloud.conf
upstream php-handler { server unix:/run/nextcloud/php-fpm.sock; }
Make sure to include your configuration file in nginx:
/etc/nginx/nginx.conf
include conf.d/*.conf;
Optional steps
Customize Nextcloud paths
Data directory
By default, data is stored in /var/lib/nextcloud/data/
, a directory accessible only from the Nextcloud application.
This location can be configured by changing the datadirectory
config key:
'datadirectory' => '/var/lib/nextcloud/data',
datadirectory
needs to be writable by the nextcloud
user.System apps directory
Some Nextcloud apps are distributed as Arch packages:
- nextcloud-app-bookmarks
- nextcloud-app-calendar
- nextcloud-app-contacts
- nextcloud-app-deck
- nextcloud-app-mail
- nextcloud-app-news
- nextcloud-app-notes
- nextcloud-app-spreed
- nextcloud-app-tasks
They are installed in the /usr/share/webapps/nextcloud/apps
directory.
nextcloud
, and should be owned by root
instead.This path should be present as an entry of the apps_paths
config key:
[ 'path'=> '/usr/share/webapps/nextcloud/apps', 'url' => '/apps', 'writable' => false, ],
Writable apps directory
Other Nextcloud apps can be downloaded from the internal app store.
By default, they are installed through the /usr/share/webapps/nextcloud/wapps
symlink in /var/lib/nextcloud/apps
, a directory accessible only from the Nextcloud application.
This location can be configured by changing the writable path in the apps_paths
default config key:
[ 'path'=> '/var/lib/nextcloud/apps', 'url' => '/wapps', 'writable' => true, ],
nextcloud
user, and a symlink pointing to it should be available in /usr/share/webapps/nextcloud/wapps
. Log directory
Nextcloud keeps an internal logfile where various events (such as errors) are logged.
By default, logs are created in /var/log/nextcloud/nextcloud.log
.
This location can be configured by changing the logfile
config key.
'logfile' => '/var/log/nextcloud/nextcloud.log',
Optional php modules
Optionally, you may want to install and configure other recommended and optional PHP extensions. For all prerequisite PHP modules, see the upstream documentation.
Cache setup
To improve speed, caching can be configured using of the three supported backends.
Redis cache setup
Ensure that PHP#Redis is installed and configured.
Add the following lines to the Nextcloud config (uncomment the password if it is required):
/etc/webapps/nextcloud/config/config.php
'memcache.distributed' => '\OC\Memcache\Redis', 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => [ 'host' => '/var/run/redis/redis.sock', 'port' => 0, 'dbindex' => 0, # 'password' => 'secret', ],
Background tasks
Nextcloud by default a single background task every time one of its pages is visited.
This behaviour is for compatibility and is not recommended; it is recommended to configure a systemd timer that runs the tasks independently from the users visiting the website.
To do so, create and enable the nextcloud-cron
service:
/etc/systemd/system/nextcloud-cron.service
[Unit] Description=Nextcloud cron.php job [Service] User=nextcloud ExecStart=/usr/bin/php -f /usr/share/webapps/nextcloud/cron.php KillMode=process
Then, create and enable the nextcloud-cron
timer:
/etc/systemd/system/nextcloud-cron.timer
[Unit] Description=Run nextcloud-cron every 5 minutes [Timer] OnBootSec=5min OnUnitActiveSec=5min Unit=nextcloud-cron.service [Install] WantedBy=timers.target
Finally, enable the Cron background tasks mode:
# occ background:cron