You are not logged in.

Pages: 1

Topic closed

#1 2019-03-07 19:58:02

jancici
Member
From: svk
Registered: 2011-12-04
Posts: 192

nextcloud instaltion and configuration

I find that wiki page https://wiki.archlinux.org/index.php/Nextcloud is maybe bit out of date or in some cases not very helpfull.
I decided to used nextcloud with PSQL, NGINX and UWSGI. I did install nextcloud on my home router where I am running archlinux.

I would like to share my findings, feelings and configs. Maybe it will helpfull for someone.
Of course, I am new with nextcloud and configuration of nginx. Maybe someone will find some mistake or better (more secure) options, then thanks for feedback and comments.

1) Installation of prerequisites and nextcloud is OK.

2) PHP setup, here is list of packages I did install

local/php 7.3.2-1
local/php-apcu 5.1.17-1
local/php-embed 7.3.2-1
local/php-gd 7.3.2-1
local/php-igbinary 3.0.0-1
local/php-imagick 3.4.3-5
local/php-intl 7.3.2-1
local/php-pgsql 7.3.2-1
local/php-redis 4.2.0-1
local/uwsgi-plugin-php 2.0.18-1

3) PSQL, I did create new DB and user which can access that DB. PSQL is running on same server so Nextcloud will access DB over unix socket, PSQL is opening that by defualt.

I did add following line into /var/lib/postgres/data/pg_hba.conf

# TYPE  DATABASE        USER            ADDRESS                 METHOD
local   nextcloud       nextcloud                               trust

4) UWSGI, I decide to used uwsgi because I am alrady using that for my custom django app. Uwsgi is opening unix socket for nginx.

here is configuration /etc/uwsgi/nextcloud.ini

[uwsgi]
plugins = php
php-sapi-name = apache

procname-master = uwsgi %n
master = true

socket = /run/uwsgi/%n.sock
chmod-socket = 660
chown-socket = http:http

uid    = http
gid    = http
umask  = 027

processes = 4
cheaper = 1

; this would help with "broken pipe" or "timetout"
harakiri = 240 
http-timeout = 240 
socket-timeout = 240 
worker-reload-mercy = 240 
reload-mercy = 240 
mule-reload-mercy = 240

touch-reload = %p

disable-logging = true

php-docroot     = /usr/share/webapps/%n
php-allowed-ext = .php
php-index = index.php

php-set = date.timezone=Europe/Bratislava
;php-set = open_basedir=/tmp/:/usr/share/webapps/nextcloud:/etc/webapps/nextcloud:/dev/urandom
php-set = expose_php=false
php-set = session.save_path=/srv/nextcloud/data

php-set = upload_max_filesize=513M
php-set = post_max_size=513M
php-set = memory_limit=800M
php-set = output_buffering=off

php-set = extension=gd
php-set = extension=iconv
;php-set = extension=zip     # enabled by default in global php.ini

php-set = extension=pdo_pgsql

;php-set = extension=curl    # enabled by default in global php.ini
php-set = extension=bz2
php-set = extension=intl

; opcache
php-set = zend_extension=opcache
php-set = opcache.enable=1
php-set = opcache.enable_cli=1
php-set = opcache.interned_strings_buffer=8
php-set = opcache.max_accelerated_files=10000
php-set = opcache.memory_consumption=128
php-set = opcache.save_comments=1
php-set = opcache.revalidate_freq=1

php-set = extension=apcu
php-set = apc.ttl=7200
php-set = apc.enable_cli=1

php-set = extension=redis

cron2 = minute=-15,unique=1 /usr/bin/php -c /etc/uwsgi/cron-php.ini -f /usr/share/webapps/nextcloud/cron.php 1>/dev/null

5) REDIS. I find out that it is good to used redis at least for Transactional file locking.
https://docs.nextcloud.com/server/15/ad … ional.html

I did configure redis to open unix socket.
Here is configuration options which I changed, all other option I did leave by default.

port 0
unixsocket /run/redis/redis.sock
unixsocketperm 770
timeout 0

6) NGINX, for now I am using standart http port 80, later I will used only https

here is config for Nextcloud app which is accessable on subdomain, dont forget to make symlink to side-enabled.

/etc/nginx/sites-available/nextcloud.conf

server {
    listen 80;
    listen [::]:80;
    server_name nextcloud.server.local_domain;

    root /usr/share/webapps/nextcloud/;

    client_max_body_size 128M;

    location = /.well-known/carddav {
      return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host/remote.php/dav;
    }

    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

    location ~ \.php(?:$|/) {
       include uwsgi_params;
       uwsgi_modifier1 14;
       uwsgi_read_timeout 180;
       uwsgi_pass unix:/run/uwsgi/nextcloud.sock;
    }
}

and here config on nginx: /etc/nginx/nginx.conf                    

worker_processes  auto;
events {
    worker_connections  1024;
    use epoll;
}
http {
    include       mime.types;
    default_type  application/octet-stream;

    types_hash_max_size 4096;
    server_names_hash_bucket_size 128;

    sendfile       on;
    tcp_nopush     on;
    tcp_nodelay    off;

    server_tokens off;
    keepalive_timeout  5;

    proxy_redirect     off;
    proxy_set_header   Host              $host;
    proxy_set_header   X-Real-IP         $remote_addr;
    proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_max_temp_file_size 0;

    proxy_connect_timeout      90;
    proxy_send_timeout         120;
    proxy_read_timeout         120;

    proxy_buffer_size          4k;
    proxy_buffers              4 32k;
    proxy_busy_buffers_size    64k;
    proxy_temp_file_write_size 64k;

    include             /etc/nginx/sites-enabled/*;
}



7) first start :: inicialize

I dicede to separate app and data, so I did create /srv/nextcloud/data to store files.

Open nextcloud app in webbrowser, THEN update 'datadirectory' in nextcloud config file {it will contain much less line as shown bellow}, THEN fill instalation formular in webbrowser.

Here is my nextcloud config file after first login: /etc/webapps/nextcloud/config/config.php

<?php
$CONFIG = array (
  'instanceid' => '123456789',
  'datadirectory' => '/srv/nextcloud/data',
  'passwordsalt' => 'kasrl a4iuf ;le4mrai ewu7froa4 nr ae8rf7 9a',
  'secret' => ',ksaj56;sruj[ saeojmta osyuefp;ao etn ao;weu7fpoatnh a8oe7gf',
  'trusted_domains' => 
  array (
    0 => 'nextcloud.server.local_domain',
  ),
  'dbtype' => 'pgsql',
  'version' => '15.0.4.0',
  'overwrite.cli.url' => 'http://nextcloud.server.local_domain',
  'dbname' => 'nextcloud',
  'dbhost' => '/run/postgresql/',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'nextcloud',
  'dbpassword' => ',sh5 s8orug; seotns8rp7ytps nerguy',
  'installed' => true,
  'mail_smtpmode' => 'smtp',
  'mail_smtpsecure' => 'ssl',
  'mail_sendmailmode' => 'smtp',
  'filelocking.enabled' => true,
  'memcache.local' => '\OC\Memcache\APCu',
  'memcache.distributed' => '\OC\Memcache\Redis',
  'memcache.locking' => '\OC\Memcache\Redis',
  'redis' => array (
     'host' => '/run/redis/redis.sock',
     'port' => 0,
     'timeout' => 0.0,
  ),
//  'log_type' => 'syslog',
//  'logfile' => '',
//  'loglevel' => 3,
);

Offline

#2 2019-03-07 20:08:09

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,426
Website

Re: nextcloud instaltion and configuration

Please don't post tutorials here: the wiki is for documentation.

Post this to your user namspace and then leave a note on the nextcloud talk page inviting people to comment on it; from there it can be cleaned up and migrated into the wiki proper.


Closing.

Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

Pages: 1

Topic closed

Board footer

Powered by FluxBB