openbsd-ports

History

landry 575fd863a7 Update to nextcloud 18.0.4.

See https://nextcloud.com/changelog/#latest18, fixes annoying bug not
showing photo galleries in public shares.

ok gonzalo@ (MAINTAINER)

2020-04-27 11:24:08 +00:00

DESCR

Update for Nextcloud to 12.0.5:

2018-01-25 10:45:18 +00:00

PLIST

Update to nextcloud 18.0.4.

2020-04-27 11:24:08 +00:00

README

Update for Nextcloud to 17.0.0

2019-10-29 07:24:03 +00:00

UNMESSAGE

- disable integrity checks, we want to be able to patch files; some folks may

2018-12-09 11:07:35 +00:00

README

$OpenBSD: README,v 1.16 2019/10/29 07:24:03 gonzalo Exp $

+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------

Nextcloud is installed under
    ${INSTDIR}

Official documentation is available at:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/

Post-installation instructions
==============================

*** It is highly recommended to use SSL on the webserver (HTTPS).

chroot(2)
---------
When running Nextcloud under a chrooted environment, make sure to read the
"PHP's OpenSSL functions" section of:
    ${LOCALBASE}/share/doc/pkg-readmes/php-${MODPHP_VERSION}

The HTTP server must be able to resolve hostnames:
    # mkdir -p /var/www/etc
    # cp /etc/resolv.conf /var/www/etc

The configuration of an SQLite database path is set relatively to the chroot in
Nextcloud which will break background jobs run by cron(8) (see below).
A symlink can be created to workaround this issue:
    # ln -sf ${INSTDIR} /nextcloud

OpenBSD HTTP daemon
-------------------
httpd(8) example configuration for Nextcloud:

---8<---------------------------------------------------------------------------
server "domain.tld" {
	listen on egress tls port 443

	hsts max-age 15768000

	tls {
		certificate "/etc/ssl/domain.tld_fullchain.pem"
		key "/etc/ssl/private/domain.tld_private.pem"
	}

	# Set max upload size to 513M (in bytes)
	connection max request body 537919488
	connection max requests 1000
	connection request timeout 3600
	connection timeout 3600

	block drop

	# Ensure that no '*.php*' files can be fetched from these directories
	location "/nextcloud/config/*" {
		block drop
	}

	location "/nextcloud/data/*" {
		block drop
	}

	# Note that this matches "*.php*" anywhere in the request path.
	location "/nextcloud/*.php*" {
		root "/nextcloud"
		request strip 1
		fastcgi socket "/run/php-fpm.sock"
		pass
	}

	location "/nextcloud/apps/*" {
		root "/nextcloud"
		request strip 1
		pass
	}

	location "/nextcloud/core/*" {
		root "/nextcloud"
		request strip 1
		pass
	}

	location "/nextcloud/settings/*" {
		root "/nextcloud"
		request strip 1
		pass
	}

	location "/nextcloud" {
		block return 301 "$DOCUMENT_URI/index.php"
	}

	location "/nextcloud/" {
		block return 301 "$DOCUMENT_URI/index.php"
	}

	location "/.well-known/carddav" {
		block return 301 "https://$SERVER_NAME/nextcloud/remote.php/dav"
	}

	location "/.well-known/caldav" {
		block return 301 "https://$SERVER_NAME/nextcloud/remote.php/dav"
	}

	location "/.well-known/webfinger" {
		block return 301 "https://$SERVER_NAME/nextcloud/public.php?service=webfinger"
	}

	location match "/nextcloud/oc[ms]%-provider/*" {
		directory index index.php
		pass
	}
}
---8<---------------------------------------------------------------------------

nginx
-----
See:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/installation/nginx.html

Apache HTTPD
------------
Apache configuration for Nextcloud is stored under:
    ${PREFIX}/conf/modules.sample/apache-nextcloud.conf

It needs to be enabled by running the following command after the apache-httpd
package is installed:
# ln -s ../modules.sample/apache-nextcloud.conf ${PREFIX}/conf/modules
# rcctl restart apache2

The rewrite_module needs to be enabled by uncommenting the following line in
${SYSCONFDIR}/apache2/httpd2.conf:
    #LoadModule rewrite_module /usr/local/lib/apache2/mod_rewrite.so

PHP
---
Default PHP values for Apache are set under:
    ${INSTDIR}/.htaccess
    ${INSTDIR}/config/.htaccess

OpenBSD HTTP daemon users can match these .htaccess file values by editing
${SYSCONFDIR}/php-${MODPHP_VERSION}.ini or ${SYSCONFDIR}/php-fpm.conf.

nginx users can match these .htaccess file values by configuring fastcgi_param
with a PHP_VALUE in ${SYSCONFDIR}/nginx/nginx.conf.

For enhanced performance, a PHP opcode cache can be used (built-in to PHP 5.5+,
enable "opcache.ini" to use it).
Recommended values for ${SYSCONFDIR}/php-${MODPHP_VERSION}.ini:
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

Database configuration
----------------------
See the following URL for setting up a database for Nextcloud:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/configuration_database/linux_database_configuration.html

Nextcloud can work with a PostgreSQL, MariaDB or SQLite3 database. The
corresponding package needs to be installed *before* setting up Nextcloud:
    php-pdo_sqlite, php-pdo_pgsql or php-pdo_mysql

Configuration file
------------------
Configuration is done under:
    ${INSTDIR}/config/config.php
and the default "datadirectory" is set to:
    ${INSTDIR}/data
When running chrooted, ${PREFIX} must be stripped from the paths.

Cron job
--------
Nextcloud needs to run background jobs on a regular basis. By default, it will
execute one task with each page loaded ("AJAX" option in the admin interface).
The prefered way is to use a cron(8) job instead.
(see https://<hostname>/nextcloud/index.php/settings/admin#backgroundjobs)
e.g.
*/15	*	*	*	*	su -m www -c "${MODPHP_BIN} -f ${INSTDIR}/cron.php"

Memory caching and file locking
-------------------------------
Nextcloud server performance can be significantly improved with memory caching
and memory-based locking. Distributed caching and Transactional File Locking is
provided by Redis, an in-memory data structure store. More information and
configuration example are available at:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/configuration_server/caching_configuration.html#id4

TL;DR
You need a redis server running (available in the redis package) then adapt and
append the following to:
    ${INSTDIR}/config/config.php

  'filelocking.enabled' => true,
  'memcache.local' => '\OC\Memcache\Redis',
  'memcache.locking' => '\OC\Memcache\Redis',
  'redis' => array(
    'host' => 'localhost',
    'port' => 6379,
    'timeout' => 0.0,
    'password' => '', // Optional, if not defined no password will be used.
  ),

Authentication backends
-----------------------
When using a non-default user authentication backend (LDAP, IMAP, ...), extra
packages may be needed (e.g. php-ldap, php-imap).

Finishing and validating the installation
-----------------------------------------
Make sure the web server can resolve its hostname (e.g. if chrooted, by creating
${PREFIX}/etc/hosts and/or ${PREFIX}/etc/resolv.conf).

Create the file "CAN_INSTALL" to allow web-based installation:

    # touch ${INSTDIR}/config/CAN_INSTALL

Accessing https://<hostname>/nextcloud with a Web browser will finish the
installation and create a new admin user.

Updating
========
Before updating to a new release, read:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/maintenance/upgrade.html

WebDAV access
=============
The personal WebDAV share can be accessed using the following URL (e.g. with
Nautilus, Thunar or Doplhin) and the corresponding user and password for the
share:
    https://<hostname>/nextcloud/remote.php/webdav/

Synchronization
===============
The "owncloudclient" package (net/owncloudclient) is a graphical (Qt)
application to synchronize with a Nextcloud server.

Apps and dependencies
=====================
To keep dependencies to a minimum, not all dependencies for all installed apps
are enforced. It is the job of the administrator to manually install required
packages according to the non-default apps (s)he wants to enable.