Nextcloud

From Segfault
Jump to navigation Jump to search

Installation

While Owncloud does provide packages for various distributions[1], Nextcloud only links to 3rd party provides, offering builds of their latest releases.[2]

When installing from the official release:

wget https://download.nextcloud.com/server/releases/nextcloud-12.0.5.tar.bz2{,.sha256,.asc}

gpg --recv-keys D75899B9A724937A
gpg --verify nextcloud*.bz2.asc
sha256sum -c nextcloud*.tar.bz2.sha256

cd $DOCROOT
tar -xjf nextcloud*.tar.bz2

The webserver needs to be able to write to certain parts of the installation, but not all:

sudo chown -cR root:root nextcloud/
sudo chown -cR www-data:www-data nextcloud/{.htaccess,.user.ini,3rdparty,apps,config,data}

Install some dependencies:

apt-get install php-apcu php-bz2 php-curl php-gd php-imagick php-intl php-json php-mbstring php-mcrypt php-mysql php-xml php-xml-parser php-zip

Enable PHP Opcache:[3]

$ cat /etc/php/7.0/mods-available/opcache.ini
zend_extension=opcache.so
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

Prepare the database:

> CREATE USER nextcloud@localhost IDENTIFIED BY 's3cr3t';
> CREATE DATABASE IF NOT EXISTS nextcloud;
> GRANT ALL PRIVILEGES ON nextcloud.* TO nextcloud@localhost;

With all that in place, the installer should start once a web browser is pointed to the document root.

The (newly generated) config/config.php can be adjusted to switch to pretty URLs[4]

 [...]
 'datadirectory' => '/var/www/nextcloud/data',
 'overwrite.cli.url' => 'https://www.example.net/nextcloud',
 'htaccess.RewriteBase' => '/nextcloud',

Re-generate $DOCROOT/.htaccess:

sudo -u www-data php /var/www/nextcloud/occ maintenance:update:htaccess

When serving Nextcloud in a subdirectory, we may also need the following settings on the web server to allow proper service discovery[5]

Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav

Caching

According to the documentation, we can use several caching techniques.

APC

php-apcu needs to be installed and enabled:

$ cat /etc/php/conf.d/apcu.ini 
extension=apcu.so
apc.enable_cli=1

So we should have something like this:

$ php -r 'phpinfo();'  | grep apc
apc.enable_cli => On => On
apc.enabled => On => On
[...]

Enable APCu in NextCloud config.php

'memcache.local'       => '\OC\Memcache\APCu',

We could also enable the APC statistics page:

$ ln -s /usr/share/webapps/php-apcu/apc.php /var/www/apc.php
$ cat /var/www/apc.conf.php 
<?php
   defaults('ADMIN_USERNAME','admin');
   defaults('ADMIN_PASSWORD','s3cr3t');
?>

Redis

While we could use Memcached for caching, Redis appears[6] to be the better choice. YMMV though.

Install Redis and configure as needed:

$ grep ^[a-z] /etc/redis.conf
bind 127.0.0.1
protected-mode yes
port 0
unixsocket /var/run/redis/redis.sock
unixsocketperm 700
[...]

Make the socket available to the user running the web server:

setfacl -m u:http:rwx /var/run/redis/{,redis.sock}

We will also need the PHP module:

git clone https://github.com/phpredis/phpredis.git phpredis-git
cd phpredis-git
phpize && make
sudo install -m0755 -o root -g root modules/redis.so /usr/local/lib/

Enable the module in our PHP config:

$ grep redis /etc/php/conf.d/local.ini 
extension=/usr/local/lib/redis.so

...and in Nextcloud:

$ cat ../nextcloud/config/config.php
[...]
 'memcache.local'       => '\OC\Memcache\APCu',
 'memcache.distributed' => '\OC\Memcache\Redis',
 'memcache.locking'     => '\OC\Memcache\Redis',
 'redis' => [
    'host' => '/var/run/redis/redis.sock',
    'port' => 0,
  ],

Databases

sqlite

TBD!

PostgreSQL

TBD!
sudo -u postgres psql
CREATE USER nextcloud WITH PASSWORD 'nextcloud';
CREATE DATABASE nextcloud WITH OWNER nextcloud TEMPLATE template0 ENCODING 'UTF8';
https://pgtune.leopard.in.ua/
vi /etc/postgresql/10/main/postgresql.conf

Update

The built-in updater appears to work just fine. We have to make some preparations first:

DOCROOT=/var/www                                                                          # Adjust as needed!
chown -R www-data:www-data $DOCROOT/nextcloud/

Start the web updater and let it run until:

Keep maintenance mode active?
[x] Maintenance mode will kept active.
Now trigger the migration via command line: ./occ upgrade

And we'll do just that:

sudo -u www-data php $DOCROOT/nextcloud/occ upgrade

If all went well, disable the maintenance mode:

sudo -u www-data php $DOCROOT/nextcloud/occ maintenance:mode --off

Adjust ownerships again:

sudo chown  -R root:root $DOCROOT/nextcloud/
sudo chown -cR www-data:www-data $DOCROOT/nextcloud/{.htaccess,.user.ini,3rdparty,apps,config,data}

Links

References