==============
cloud.libre.is
==============
Administrator documentation for Libre Cloud.
``_
The site is based on Nextcloud software.
``_
Nextcloud install documentation:
``_
``_
Firewall
========
Open ports 80 and 443.
.. code-block:: cfg
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
Apache
======
Initial setup of Apache with Certbot.
.. code-block:: sh
sudo su -
apt install python3-certbot-apache php php-fpm php-gd php-json php-xml \
php-curl php-mbstring php-zip php-mysql php-intl php-imap php-bcmath \
php-gmp php-apcu php-redis php-imagick imagemagick ffmpeg
echo "cloud.libre.is" > /var/www/html/index.html
certbot -d cloud.libre.is
a2enmod rewrite headers env dir mime setenvif ssl proxy_fcgi
a2enconf php8.2-fpm
systemctl restart apache2
Some PHP config...XXX
.. code-block:: sh
sed -i -e 's/max_execution_time = 30/max_execution_time = 90/g' \
/etc/php/8.2/apache2/php.ini
sed -i -e 's/max_execution_time = 30/max_execution_time = 90/g' \
/etc/php/8.2/cli/php.ini
sed -i -e 's/max_execution_time = 30/max_execution_time = 90/g' \
/etc/php/8.2/fpm/php.ini
sed -i -e 's/memory_limit = 128M/memory_limit = 512M/g' \
/etc/php/8.2/apache2/php.ini
sed -i -e 's/memory_limit = 128M/memory_limit = 512M/g' \
/etc/php/8.2/cli/php.ini
sed -i -e 's/memory_limit = 128M/memory_limit = 512M/g' \
/etc/php/8.2/fpm/php.ini
sed -i -e 's/;opcache.enable=1/opcache.enable=1/g' \
/etc/php/8.2/apache2/php.ini
sed -i -e 's/;opcache.enable=1/opcache.enable=1/g' \
/etc/php/8.2/cli/php.ini
sed -i -e 's/;opcache.enable=1/opcache.enable=1/g' \
/etc/php/8.2/fpm/php.ini
systemctl restart apache2
Database
========
Use MariaDB for the databse.
``_
.. code-block:: sh
sudo apt install mariadb-server
sudo mariadb-admin password
mariadb -uroot -p
Then in the database:
.. code-block:: sql
CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY 'password';
CREATE DATABASE IF NOT EXISTS nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
GRANT ALL PRIVILEGES on nextcloud.* to 'nextcloud'@'localhost';
FLUSH PRIVILEGES;
EXIT
Edit /etc/mysql/my.cnf to look like this:
.. code-block:: cfg
[server]
skip_name_resolve = 1
innodb_buffer_pool_size = 128M
innodb_buffer_pool_instances = 1
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 32M
innodb_max_dirty_pages_pct = 90
query_cache_type = 1
query_cache_limit = 2M
query_cache_min_res_unit = 2k
query_cache_size = 64M
tmp_table_size= 64M
max_heap_table_size= 64M
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 1
[client-server]
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mariadb.conf.d/
[client]
default-character-set = utf8mb4
[mysqld]
character_set_server = utf8mb4
collation_server = utf8mb4_general_ci
transaction_isolation = READ-COMMITTED
binlog_format = ROW
innodb_large_prefix=on
innodb_file_format=barracuda
innodb_file_per_table=1
Restart database:
.. code-block:: sh
systemctl restart mariadb.service
Edit PHP file /etc/php/8.2/apache2/conf.d/20-pdo_mysql.ini for MariaDB.
XXX maybe too:
/etc/php/8.2/cli/conf.d/20-pdo_mysql.ini
/etc/php/8.2/fpm/conf.d/20-pdo_mysql.ini
.. code-block:: cfg
extension=pdo_mysql.so
[mysql]
mysql.allow_local_infile=On
mysql.allow_persistent=On
mysql.cache_size=2000
mysql.max_persistent=-1
mysql.max_links=-1
mysql.default_port=
mysql.default_socket=/run/mysqld/mysqld.sock
mysql.default_host=
mysql.default_user=
mysql.default_password=
mysql.connect_timeout=60
mysql.trace_mode=Off
Then restart apache...
.. code-block:: sh
sudo systemctl restart apache2
Nextcloud
=========
Get Nextcloud source.
.. code-block:: sh
wget https://download.nextcloud.com/server/releases/latest.tar.bz2
wget https://download.nextcloud.com/server/releases/latest.tar.bz2.sha256
cat latest.tar.bz2.sha256 ; sha256sum latest.tar.bz2
tar xf latest.tar.bz2
sudo cp -a nextcloud/* /var/www/html/nextcloud/
sudo cp -a nextcloud/.htaccess nextcloud/.user.ini /var/www/html/nextcloud/
sudo chown -R www-data:www-data /var/www/html/nextcloud/
Apache More
===========
Set up Apache for nextcloud.
Remove the old configs:
.. code-block::
rm /etc/apache2/sites-enabled/000-default.conf \
/etc/apache2/sites-enabled/000-default-le-ssl.conf
Then add file /etc/apache2/sites-available/cloud-libre-is.conf
with these contents:
.. code-block:: apache
ServerName cloud.libre.is
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/nextcloud
ErrorLog ${APACHE_LOG_DIR}/error-cloud-libre-is.log
CustomLog ${APACHE_LOG_DIR}/access-cloud-libre-is.log combined
RewriteEngine on
ReWriteCond %{HTTPS} off
ReWriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{SERVER_NAME} =cloud.libre.is
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
ServerName cloud.libre.is
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/nextcloud
ErrorLog ${APACHE_LOG_DIR}/error-ssl-cloud-libre-is.log
CustomLog ${APACHE_LOG_DIR}/access-ssl-cloud-libre-is.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/cloud.libre.is/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cloud.libre.is/privkey.pem
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
Dav off
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Symlink it to enable it, then restart apache.
.. code-block:: sh
sudo ln -s /etc/apache2/sites-available/cloud-libre-is.conf \
/etc/apache2/sites-enabled/
rm /var/www/html/index.html
sudo systemctl restart apache2
Nextcloud Admin
===============
Now go to the new site and configure via web browser:
``_
Config changes:
.. code-block:: cfg
'overwrite.cli.url' => 'https://cloud.libre.is/',
'htaccess.RewriteBase' => '/',
Update config:
.. code-block:: sh
sudo -u www-data php /var/www/nextcloud/occ maintenance:update:htaccess
Background jobs:
``_
FPM config:
``_
``_