Differences between revisions 6 and 7
Revision 6 as of 2021-11-18 08:58:01
Size: 2006
Editor: DominicRicottone
Comment:
Revision 7 as of 2022-09-26 18:45:24
Size: 2410
Editor: DominicRicottone
Comment:
Deletions are marked like this. Additions are marked like this.
Line 34: Line 34:
----
Line 36: Line 37:
=== Web Server ===
Line 38: Line 38:
If the site is encrypted, additional settings must be applied. == Configuration ==



=== PHP ===

`php(1)` needs to be configured specially. After following the suggestions [[PHP/Configuration|here]], adjust the below settings:

Enable the `opcache` module and tune it.

{{{
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
}}}



=== PHP-FPM ===

`php-fpm(8)` needs access to some environment variables, namely `$PATH`. After following the suggestions [[PHP/FPM#Configuration|here]], in `/etc/php/php-fpm.d/www.conf`, uncomment `env[PATH]`.

Alternatively set `clear_env = no`, but note that this is a security risk.



=== Systemd ===

`php-fpm(8)` needs access to the `apps` and `data` directories created above.

[[Linux/Systemd|Systemd]] would block this access. To fix this, try `systemctl edit php-fpm.service` and make the below adjustments:

{{{
[Service]
ReadWritePaths = /usr/share/webapps/nextcloud/apps
ReadWritePaths = /usr/share/webapps/nextcloud/data

# Path to the data directory
ReadWritePaths = /var/www/nextcloud
}}}



=== MariaDB ===

The [[MariaDB]] database must use ''actual'' UTF-8 encoding.

{{{
mysql -u root -p
mysql> CREATE DATABASE nextcloud DEFAULT CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';
mysql> GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost' IDENTIFIED BY 'password';
mysql> FLUSH PRIVILEGES;
mysql> \q
}}}



=== NGINX ===

Configure `nginx(8)` according to the articles [[NGINX|here]] and [[NGINX/FastCGI|here]], plus the below guard applied to the !NextCloud server.
Line 50: Line 112:
=== PHP ===

There are several steps beyond a standard [[NGINX/FastCGIConfiguration|FastCGI]] configuration.

In `/etc/php/php-fpm.d/www.conf`, uncomment `env[PATH]` OR set `clear_env = no`.

Enable the `opcache` module and tune it. The defaults are typically enough.

{{{
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
}}}

PHP-FPM must be explicitly allowed to access the key program and data directories. With `systemd`, this would be done as `systemctl edit php-fpm.service`.

{{{
[Service]
ReadWritePaths = /usr/share/webapps/nextcloud/apps
ReadWritePaths = /usr/share/webapps/nextcloud/data

# Path to the data directory
ReadWritePaths = /var/www/nextcloud
}}}


=== Back-end ===

Setup the [[MariaDB]] back-end to use ''actual'' UTF-8 encoding.

{{{
mysql -u root -p
mysql> CREATE DATABASE nextcloud DEFAULT CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';
mysql> GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost' IDENTIFIED BY 'password';
mysql> FLUSH PRIVILEGES;
mysql> \q
}}}

Nextcloud

Contents

  1. Nextcloud
    1. Installation
    2. Configuration
      1. PHP
      2. PHP-FPM
      3. Systemd
      4. MariaDB
      5. NGINX

Installation

Fetch the latest version of the software package. 

wget https://download.nextcloud.com/server/releases/nextcloud-18.0.2.zip

Create an installation directory that can be owned by the web server's user (typically www-data). 

mkdir /var/www/nextcloud
unzip nextcloud-18.0.2.zip -d /var/www/nextcloud
chown www-data:www-data /var/www/nextcloud
chmod 755 /var/www/nextcloud

Also, create a data directory. 

mkdir /var/nextcloud
chown www-data:www-data /var/nextcloud
chmod 755 /var/nextcloud

Configuration

PHP

php(1) needs to be configured specially. After following the suggestions here, adjust the below settings:

Enable the opcache module and tune it. 

opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

PHP-FPM

php-fpm(8) needs access to some environment variables, namely $PATH. After following the suggestions here, in /etc/php/php-fpm.d/www.conf, uncomment env[PATH].

Alternatively set clear_env = no, but note that this is a security risk.

Systemd

php-fpm(8) needs access to the apps and data directories created above.

Systemd would block this access. To fix this, try systemctl edit php-fpm.service and make the below adjustments: 

[Service]
ReadWritePaths = /usr/share/webapps/nextcloud/apps
ReadWritePaths = /usr/share/webapps/nextcloud/data

# Path to the data directory
ReadWritePaths = /var/www/nextcloud

MariaDB

The MariaDB database must use actual UTF-8 encoding. 

mysql -u root -p
mysql> CREATE DATABASE nextcloud DEFAULT CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';
mysql> GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost' IDENTIFIED BY 'password';
mysql> FLUSH PRIVILEGES;
mysql> \q

NGINX

Configure nginx(8) according to the articles here and here, plus the below guard applied to the !NextCloud server. 

location ~ \.php(?:$|/) {
  # ...
  fastcgi_param modHeadersAvailable true;
  # ...
}

CategoryRicottone

PHP/Nextcloud (last edited 2023-04-22 20:23:04 by DominicRicottone)