Nous allons dans ce mémos installer une instance de Nextcloud à partir d'une machine Debian fraîchement installé.
Pré-requis logiciel
apt-get install ca-certificates apt-transport-httpsPré-requis de Nextcloud
apt-get install apache2 mariadb-server php libapache2-mod-php php-common libapache2-mod-php php-mbstring php-xmlrpc php-soap php-apcu php-smbclient php-ldap php-redis php-gd php-xml php-intl php-json php-imagick php-mysql php-cli php-ldap php-zip php-curl php-opcacheParamétrage PHP
/etc/php/7.3/apache2/php.ini
file_uploads = On
allow_url_fopen = On
memory_limit = 256M
upload_max_file_size = 300M
max_execution_time = 360
date.timezone = Pacific/WallisParamétrage MySQL
mysql -u root -p
CREATE DATABASE nextcloud;
CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'new_password_here';
GRANT ALL ON nextcloud.* TO 'nextclouduser'@'localhost' IDENTIFIED BY 'user_password_here' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;Téléchargement et déploiement Nextcloud
cd /tmp && wget https://download.nextcloud.com/server/releases/latest.zip
unzip latest.zip
mv nextcloud /var/www/html/nextcloud/
chown -R www-data:www-data /var/www/html/nextcloud/
chmod -R 755 /var/www/html/nextcloud/Paramétrage Apache2
/etc/apache2/sites-available/nextcloud.conf
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/nextcloud/
ServerName example.com
ServerAlias www.example.com
Alias /nextcloud "/var/www/html/nextcloud/"
<Directory /var/www/html/nextcloud/>
Options +FollowSymlinks
AllowOverride All
Require all granted
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/html/nextcloud
SetEnv HTTP_HOME /var/www/html/nextcloud
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>a2ensite nextcloud.conf
a2enmod rewrite
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime
systemctl restart apache2.serviceAccès à la page d’administration
Info
https://www.c-rieger.de/ https://dennisnotes.com/note/20180831-nextcloud-docker-nginx-reverse-proxy/
Configuration Nextcloud
Problème de sécurité de Header
/etc/nginx/sites-enabled/nextcloud.conf
server {
if ($host = cloud.xxx.fr) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name cloud.xxx.fr;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
#root /var/www/html;
#index index.html index.htm index.nginx-debian.html;
server_name cloud.xxx.fr;
access_log /var/log/nginx/cloud.xxx.fr/access.log;
error_log /var/log/nginx/cloud.xxx.fr/error.log;
# On rend le reste directement
location / {
# auth_basic "Nom d'utilisateur et mot de passe sont recquis !";
# auth_basic_user_file /etc/nginx/.htpasswd;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
client_max_body_size 0;
proxy_pass http://X.X.X.X;
}
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
ssl_certificate /etc/letsencrypt/live/cloud.xxx.fr/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cloud.xxx.fr/privkey.pem; # managed by Certbot
}Problème de proxy et d’origine
/var/www/html/nextcloud/config/config.php
'trusted_proxies' => ['10.168.50.10'],
'trusted_domains' =>
array (
0 => '10.168.50.22',
1 => 'cloud.xxx.fr',
),Problème de memcached
/var/www/html/nextcloud/config/config.php
'memcache.local' => '\OC\Memcache\APCu',