openbsd-ports

History

gonzalo efb4ddc7cb Update for Nextcloud to 15.0.0

OK aja@

2018-12-19 10:18:34 +00:00

DESCR

Update for Nextcloud to 12.0.5:

2018-01-25 10:45:18 +00:00

PLIST

Update for Nextcloud to 15.0.0

2018-12-19 10:18:34 +00:00

README

Add path to second .htaccess file (missed in previous).

2018-12-09 14:06:26 +00:00

UNMESSAGE

- disable integrity checks, we want to be able to patch files; some folks may

2018-12-09 11:07:35 +00:00

README

$OpenBSD: README,v 1.10 2018/12/09 14:06:26 ajacoutot Exp $

+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------

Nextcloud is installed under
    ${INSTDIR}

Official documentation is available at:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/

Post-installation instructions
==============================

*** It is highly recommended to use SSL on the webserver (HTTPS).

chroot(2)
---------
When running Nextcloud under a chrooted environment, make sure to read the
"PHP's OpenSSL functions" section of:
    ${LOCALBASE}/share/doc/pkg-readmes/php-${MODPHP_VERSION}

The HTTP server must be able to resolve hostnames:
    # mkdir -p /var/www/etc
    # cp /etc/resolv.conf /var/www/etc

The configuration of an SQLite database path is set relatively to the chroot in
Nextcloud which will break background jobs run by cron(8) (see below).
A symlink can be created to workaround this issue:
    # ln -f ${TINSTDIR) /nextcloud

OpenBSD HTTP daemon
-------------------
httpd(8) example configuration for Nextcloud:

---8<---------------------------------------------------------------------------
server "domain.tld" {
	listen on egress tls port 443

	root "/nextcloud"
	request strip 1

	hsts max-age 15768000

	tls {
		certificate "/etc/ssl/domain.tld_fullchain.pem"
		key "/etc/ssl/private/domain.tld_private.pem"
	}

	# First deny access to the specified files
	location "/db_structure.xml"    { block }
	location "/.ht*"                { block }
	location "/README"              { block }
	location "/data*"               { block }
	location "/config*"             { block }
	location "/build*"              { block }
	location "/tests*"              { block }
	location "/config*"             { block }
	location "/lib*"                { block }
	location "/3rdparty*"           { block }
	location "/templates*"          { block }
	location "/data*"               { block }
	location "/.ht*"                { block }
	location "/.user*"              { block }
	location "/autotest*"           { block }
	location "/occ*"                { block }
	location "/issue*"              { block }
	location "/indie*"              { block }
	location "/db_*"                { block }
	location "/console*"            { block }

	location "/*.php*" {
		root "/nextcloud"
		request strip 1
		fastcgi socket "/run/php-fpm.sock"
	}
}
---8<---------------------------------------------------------------------------

nginx
-----
See:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/installation/nginx.html

Apache HTTPD
------------
Apache configuration for Nextcloud is stored under:
    ${PREFIX}/conf/modules.sample/apache-nextcloud.conf

It needs to be enabled by running the following command after the apache-httpd
package is installed:
# ln -s ../modules.sample/apache-nextcloud.conf ${PREFIX}/conf/modules
# rcctl restart apache2

The rewrite_module needs to be enabled by uncommenting the following line in
${SYSCONFDIR}/apache2/httpd2.conf:
    #LoadModule rewrite_module /usr/local/lib/apache2/mod_rewrite.so

PHP
---
Default PHP values for Apache are set under:
    ${TINSTDIR}/.htaccess
    ${TINSTDIR}/config/.htaccess

OpenBSD HTTP daemon users can match these .htaccess file values by editing
${SYSCONFDIR}/php-${MODPHP_VERSION}.ini or ${SYSCONFDIR}/php-fpm.conf.

nginx users can match these .htaccess file values by configuring fastcgi_param
with a PHP_VALUE in ${SYSCONFDIR}/nginx/nginx.conf.

For enhanced performance, a PHP opcode cache can be used (built-in to PHP 5.5+,
enable "opcache.ini" to use it).
Recommended values for ${SYSCONFDIR}/php-${MODPHP_VERSION}.ini:
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

Database configuration
----------------------
See the following URL for setting up a database for Nextcloud:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/configuration_database/linux_database_configuration.html

Nextcloud can work with a PostgreSQL, MariaDB or SQLite3 database. The
corresponding package needs to be installed *before* setting up Nextcloud:
    php-pdo_sqlite, php-pdo_pgsql or php-pdo_mysql

Configuration file
------------------
Configuration is done under:
    ${INSTDIR}/config/config.php
and the default "datadirectory" is set to:
    ${TINSTDIR}/data
When running chrooted, ${PREFIX} must be stripped from the paths.

Cron job
--------
Nextcloud needs to run background jobs on a regular basis. By default, it will
execute one task with each page loaded ("AJAX" option in the admin interface).
The prefered way is to use a cron(8) job instead.
(see https://<hostname>/nextcloud/index.php/settings/admin#backgroundjobs)
e.g.
*/15	*	*	*	*	su -m www -c "${MODPHP_BIN} -f ${INSTDIR}/cron.php"

Memory caching and file locking
-------------------------------
Nextcloud server performance can be significantly improved with memory caching
and memory-based locking. Distributed caching and Transactional File Locking is
provided by Redis, an in-memory data structure store. More information and
configuration example are available at:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/configuration_server/caching_configuration.html#id4

TL;DR
You need a redis server running (available in the redis package) then adapt and
append the following to:
    ${INSTDIR}/config/config.php

  'filelocking.enabled' => true,
  'memcache.local' => '\OC\Memcache\Redis',
  'memcache.locking' => '\OC\Memcache\Redis',
  'redis' => array(
    'host' => 'localhost',
    'port' => 6379,
    'timeout' => 0.0,
    'password' => '', // Optional, if not defined no password will be used.
  ),

Authentication backends
-----------------------
When using a non-default user authentication backend (LDAP, IMAP, ...), extra
packages may be needed (e.g. php-ldap, php-imap).

Finishing and validating the installation
-----------------------------------------
Make sure the web server can resolve its hostname (e.g. if chrooted, by creating
${PREFIX}/etc/hosts and/or ${PREFIX}/etc/resolv.conf).

Accessing https://<hostname>/nextcloud with a Web browser will finish the
installation and create a new admin user.

Updating
========
Before updating to a new release, read:
    https://docs.nextcloud.com/server/${MAJOR}/admin_manual/maintenance/upgrade.html

WebDAV access
=============
The personal WebDAV share can be accessed using the following URL (e.g. with
Nautilus, Thunar or Doplhin) and the corresponding user and password for the
share:
    https://<hostname>/nextcloud/remote.php/webdav/

Synchronization
===============
The "owncloudclient" package (net/owncloudclient) is a graphical (Qt)
application to synchronize with a Nextcloud server.

Apps and dependencies
=====================
To keep dependencies to a minimum, not all dependencies for all installed apps
are enforced. It is the job of the administrator to manually install required
packages according to the non-default apps (s)he wants to enable.