wiki:nextcloud-admin

Version 14 (modified by Jamie McClelland, 4 years ago) (diff)

--

nextcloud

Our nextcloud installation is running on lucius, which is currently running Debian jessie. The nextcloud application is instatlled from source.

Important details

  • The application runs as the www-data user
  • Directories:
    • The code is in /var/www/nextcloud.
    • The data (files) are in /var/lib/nextcloud/data.
    • Our configuration is in /etc/nextcloud (symlinked from /var/www/nextcloud/config)
  • We're using the postgres package not the mysql package. If you want to muck around in the database: su - www-data and then psql nextcloud
  • We're authenticating using the login-service (web api).
  • The admin username (mfpl-admin) and password are in keyringer. However, try to avoid logging in as mfpl-admin, and if you change any configuration options, /etc/nextcloud/config.php will get overwritten
  • A 5GB per user quota is set. This is configured by logging in as mfpl-admin and then clicking to administer users. Quotas can be changed on a per user basis.
  • To fix #8125, we've added our own custom theme called "mayfirst", which is in lucius.mayfirst.org:/var/lib/nextcloud/themes and it is activated via the theme => "mayfirst" line in lucius.mayfirst.org:/etc/nextcloud/config.php. Currently, it only adds a style sheet that simply hides the password change form.
  • We have committed to maintaining four extra apps, which are installed in /var/lib/nextcloud/apps-local:
    • Calendar - allows users to create, share and sync calendars
    • Contacts - allows users to create, share and sync contacts
    • Markdown editor - provides a live preview while editing files in the markdown syntax (useful for storing static content generated web sites like hugo).
    • circles - allows users to create "circles" of people to share documents, calendars, etc. with.
    • Bookmarks (see #10696) - save, sync and share bookmarks
    • External user authentication - The base application allowing us to write our own external auth plugin (see below). The full nextcloud apps repository is checked out in /srv/nextcloud-apps. The user_external app is copied from /srv/nextcloud-apps/user_external to /var/lib/nextcloud/apps-local.
    • MF/PL custom auth app (git://git.mayfirst.org/mfpl/mfplauth) - Allowing users to login using their own May First/People Link username and password. this module is checkout via git directly in /var/lib/nextcloud/apps-local/mfplauth.
    • Rich Documents/Collobora - web edit word and spreadsheet files.

Upgrading

Steps to upgrade from source:

  • Visit https://nextcloud.com/changelog/ and download the appropriate version to /root using wget and unpack
  • Create symlinks that mirror the symlinks in /var/www/nextcloud
  • If upgrading a major version, backup /var/lib/nextcloud/apps-local and download new versions of all apps in /var/lib/nextcloud/apps-local, replacing the existing apps with the new ones.
  • Copy /etc/nextcloud/config.php to /etc/nextcloud/config.php.bak
  • Enter maintenance mode (edit to /etc/nextcloud/config.php)
  • Backup the database with:
    su -c "pg_dump nextcloud" www-data | gzip - > nextcloud.pre.$(date +%Y.%m.%d).backup.sql.gz
    
  • Ensure the dump completed successfully:
    tail nextcloud.sql
    
  • Make a backup of the current nextcloud installation:
    mv /var/www/nextcloud /var/www/nextcloud.version.n.n.n
    
  • Move the new copy in:
    mv /root/nextcloud /var/www/
    
  • Ensure all database udpates have been run, su to the www-data user and then:
    su - www-data
    cd /var/www/nextcloud
    php occ upgrade
    

Collabora online

For the richtext editor to work, we have to have Collabora Online installed. Fortunately it can be installed as a docker image.

The docker service is installed and managed via puppet (m_docker.pp).

We are loosely following these instructions for installation with nginx (that page includes an nginx configuration file). They depend on a collabora-code docker image, which has a Docker file that lives on github. Rather than pull in their unverified docker image, I have forked their Docker file (git://git.mayfirst.org/mfpl/collabora-code), with instructions on how to build it from scratch.

On lucius it should be installed via puppet and found in:

/usr/local/share/collabora-code

See the README.mfpl.md for directions on installing and upgrading the docker images

Nginx and php fpm

A working nginx configuration file for nextcloud is available.

In addition, php5-fpm should work mostly out of the box but requires these tweaks:

  • /etc/php5/fpm/pool.d/www.conf:
    • Uncomment the the lines starting with env (so environment variables are available to nextcloud)
    • Change:
      pm.max_children = 50
      pm.start_servers = 10
      pm.min_spare_servers = 10
      pm.max_spare_servers = 15
      
  • Add the file /etc/php5/fpm/conf.d/100-nextcloud.ini with the contents:
    always_populate_raw_post_data = -1