Difference between revisions of "Nextcloud"

From SME Server
Jump to navigationJump to search
(11 intermediate revisions by 2 users not shown)
Line 155: Line 155:
 
=== Uninstall ===
 
=== Uninstall ===
 
  yum remove {{#var:smecontribname}}  {{#var:contribname}}
 
  yum remove {{#var:smecontribname}}  {{#var:contribname}}
 +
 +
=== Use a dedicated domain to connect to Nextcloud ===
 +
<syntaxhighlight lang="bash">
 +
db domains set cloud.mydomain.com domain Description "Nextcloud" Content Primary Nameservers internet TemplatePath WebAppVirtualHost DocumentRoot /usr/share/nextcloud RequireSSL enabled letsencryptSSLcert enabled
 +
signal-event domain-create cloud.mydomain.com
 +
 +
#this one to let nextcloud DAV be redirect correctly
 +
config setprop nextcloud CloudDomain cloud.mydomain.com
 +
signal-event nextcloud-update
 +
 +
#only if you use a Let's Encrypt certificate
 +
expand-template /etc/dehydrated/domains.txt
 +
dehydrated -c
 +
 +
</syntaxhighlight>
 +
 +
=== Move user space from uuid to username ===
 +
User stored using ldap from SME with initial install will create a space with their ldap uuid. This is not very user friendly and further more it will lead to ios app issues.
 +
Recent version will use the username for new users, but for those already created you will need to do the following
 +
you will need to do as admin :
 +
# go to preference
 +
# choose ldap
 +
# choose expert
 +
# fill the 3 fields as presented above, or using the cli do
 +
  OCC ldap:set-config s01 ldapExpertUUIDGroupAttr cn
 +
  OCC ldap:set-config s01 ldapExpertUUIDUserAttr uid
 +
  OCC ldap:set-config s01 ldapExpertUsernameAttr uid
 +
# in cli, you will then need to do :
 +
  OCC user:list and save the content
 +
  cd /home/e-smith/files/nextcloud/data ; mv OLDUUID username
 +
  OCC files:scan username
 +
# delete the UUID association for users
 +
# you should then be able to login as the user with its previous files
 +
 +
Only drawback, trash history might be gone, a trick inside the db using a script could workaround that and avoid the OCC files:scan username
 +
 +
=== Mount with davfs on Fedora Clients ===
 +
While you might love the easy setup of the gnome client for nextcloud, you might encounter some frustration of having your favourite applications not showing nextcloud as mounted and needing to find it to sometime not being able to access it.
 +
 +
Here is a workaround
 +
 +
First as root<syntaxhighlight lang="bash">
 +
dnf install davfs2 -y
 +
usermod -aG davfs2 $YOURUSER
 +
echo "use_locks 0" >> /etc/davfs2/davfs2.conf
 +
echo "https://example.com/nextcloud/remote.php/webdav /home/$YOURUSER/nextcloud davfs user,rw,auto 0 0
 +
" >> /etc/fstab
 +
 +
 +
</syntaxhighlight>then you should log out /log in with your user in order to have the group membership. You can also just do "su -l USERNAME"
 +
 +
then as your user (replace your_password by your password, or a token;):<syntaxhighlight lang="bash">
 +
mkdir ~/nextcloud
 +
mkdir ~/.davfs2
 +
echo "https://example.com/nextcloud/remote.php/webdav your_Nextcloud_username your_password" >> ~/.davfs2/secrets
 +
chmod 0600 ~/.davfs2/secrets
 +
</syntaxhighlight>then just mount ! <syntaxhighlight lang="bash">
 +
mount ~/nextcloud
 +
</syntaxhighlight>
 +
 +
From there you can tweak the cache configuration to make it easier for you if you are far from the server, default cache size is 50MiByte, you could increase it to let's say 3 GiByte in ~/.davfs2/davfs2.conf for your user <syntaxhighlight lang="bash">
 +
cache_size 3G
 +
</syntaxhighlight>you should see the folder mount at every logon from now on!  if you do not want that, change "auto" in the fstab by "noauto".
 +
 +
Then add the following in ~/bash_profile or ~/bash_rc. You could user also mount -a and to try to put something in /etc/gdm/PostLogin/" instead<syntaxhighlight lang="bash">
 +
mount /home/username/nextcloud
 +
 +
 +
 +
</syntaxhighlight>And Finally to umount in  gdm using "sudo vim /etc/gdm/PostSession/"<syntaxhighlight lang="bash">
 +
if [ ${USERNAME} = "myuser" ];then
 +
  umount -fl /home/myuser/nextcloud
 +
fi
 +
</syntaxhighlight>
 +
 +
Adapted from those sources:
 +
* http://www.tuxfixer.com/mount-webdav-remote-storage-in-fedora-linux-via-davfs2/
 +
* https://docs.nextcloud.com/server/13/user_manual/files/access_webdav.html
  
 
=== Known issues ===
 
=== Known issues ===
Line 187: Line 265:
  
 
repeat above for each major update until you are one update from the latest major update. At that point you can follow the usual process. source (https://bugs.contribs.org/show_bug.cgi?id=10670#c3)
 
repeat above for each major update until you are one update from the latest major update. At that point you can follow the usual process. source (https://bugs.contribs.org/show_bug.cgi?id=10670#c3)
 +
 +
==== Upgrading from 17.0.1.x to 17.07.x ====
 +
 +
You can use the built in updater.
 +
The only issue experienced was right at the end of the process with a http 500 error. I just did 'retry' and it completed.
 +
 +
You may need to update your database which I did as follows - note it may take a very long time with a lot of files:
 +
 +
OCC maintenance:mode --on
 +
OCC db:convert-filecache-bigint
 +
OCC maintenance:mode --off
 +
 +
==== User cannot see shares/files ====
 +
 +
After a new install the admin user could see shares but not a user.
 +
 +
We had a single ibay and it was set:
 +
 +
Group Everyone
 +
Write group
 +
Read everyone
 +
 +
We created a new group called localusers and added the admin and single user.
 +
 +
We then set the ibay:
 +
 +
Group localusers
 +
Write group
 +
Read group
 +
 +
This appeared to fix the issue and the user could now see the files.
 +
 +
====Reset Database====
 +
 +
For reference, whilst looking at resetting file caches I found this.
 +
 +
It is probably extremely dangerous but wanted to make a note.
 +
 +
https://github.com/nextcloud/server/issues/8113#issuecomment-565876798
 +
 +
===Koozali SMEv10 testing===
 +
 +
We are still building Koozali SME v10 and have been testing installation of Nextcloud, currently on version 20.
 +
 +
We have packages in smedev.
 +
 +
You will also need packages from some other repos.
 +
  
 
=== Bugs ===
 
=== Bugs ===

Revision as of 18:37, 1 December 2020




nextcloud
Nextcloud Logo.svg
nextcloud logo
MaintainerUnnilennium
Urlhttps://nextcloud.com
LicenceAGPLv3
Category

Contrib

Tags cloudfilesdropboxseafilepydioajaxplorerowncloud


Maintainer

Jean-Philippe Pialasse

Version

Contrib 10:
Contrib 9:
smeserver-nextcloud
The latest version of smeserver-nextcloud is available in the SME repository, click on the version number(s) for more information.


Contrib 9:
nextcloud
The latest version of nextcloud is available in the SME repository, click on the version number(s) for more information.


Description

Nextcloud is a suite of client-server software for creating and using file hosting services. It is functionally similar to Dropbox, although Nextcloud is free and open-source, allowing anyone to install and operate it on a private server.

As per SME Server Keep It Simple, all your ibays and home folders will be accessible through the nextcloud interface using the "external files" app. You will also have your main user user Nextcloud folder saved under /home/e-smith/files/owncloud/data which is in the default backup path. So you can now enjoy both your own cloud repository with access to the very same files on your samba share!

How do I add my SME users ? They are already there ! Just tell them to connect to https://mydomain/nextcloud. You can also add external users or allow them to register with a nextcloud app.

What are the admin ? By default you have a nextcloudadmin user and the regular SME admin user. First one use the password you can see with "config getprop nextcloud AdminPassword", and second one, well, just use your regular admin password. Then you can manage apps, external files repos and admin group membership.

Installation

You do not need to follow the Repo pages of fws and remi-safe to isntall those two needed repos, instead use the packages to install them followed by a yum-modify event. Then run the main installation.

yum install smeserver-extrarepositories-remi-safe smeserver-extrarepositories-fws smeserver-extrarepositories-epel
signal-event yum-modify
yum install smeserver-nextcloud --enablerepo=smecontribs,epel,fws
signal-event webapps-update
service php-fpm start
service php71-php-fpm start
signal-event nextcloud-update

you can skip the service php-fpm* commands if it was already installed and running before the installation of nextcloud

then you can do the following and you can safely ignore the signal-event post-upgrade reboot if prompted, unless you also installed other packages that needs to do so.

config set UnsavedChanges no

or do

signal-event post-upgrade 
signal-event reboot

Upgrade

yum  update smeserver-nextcloud nextcloud smeserver-php-fpm smeserver-webapps-common  --enablerepo=smecontribs,epel,fws
signal-event nextcloud-update

Configuration

property default values
AdminPassword GENERATED string password for your main admin user for nextcloud *
AdminUser nextcloudadmin string main admin user for your installation *
DbName nextcloud string for mysql db
DbPassword GENERATED string for mysql db
DbUser nextcloud string for mysql db
TrustedDomains empty strings coma separated add domain or ip that are in need to be added to default access to nextcloud
VirtualHost empty domain name
access private private, public
status enabled enabled,disabled
MaxUploadSize 4096M number if a number will be converted to Megabytes, otherwise use the usual suffix : 2T for 2 terrabytes etc...
MemoryLimit 528M number if a number will be converted to Megabytes, otherwise use the usual suffix : 2T for 2 terrabytes etc...
Shares enabled enabled,disabled add the samba shares from the shared-folders contrib in the nextcloud ibays folder along with regular ibays
IncludeIbay empty strings coma separated add ibays names that need to be include. If not empty, only the name present here will be accessible via nextcloud. Take precedence over ExcludeIbay. You set it with a random string to exclude all ibays and shares from automatic inclusion.
ExcludeIbay Primary strings coma separated will exclude from nexcloud access any ibay via nextcloud. Default excludes Primary ibay. If you want to include Primary set it with a random string.
UseSMB enabled enabled,disabled allow you to set ibay access via samba share or via Local driver in nextcloud. Enabled is for samba, this allow you to access as your user and have your quota accounted. It might be a little slower, and need you to have your password loaded in the session. Local driver if disabled, will let you access only what apache user (www) has right to access as member of a group.
  • the SME admin user is also an admin of your nextcloud installation. You have two admin account as per default installation on SME Server.


example of setting :

 config setprop nextcloud ExcludeIbay ibay1,ibay2
 signal-event nextcloud-update

Command line

if you happen to need tweaking your installation, here is how to access the command line for Nextcloud on SME, we made it easier for you, just log as root and use the OCC command (using capitals), This command will execute for you what you need as the www user, using the needed version of php. Here two examples:

OCC maintenance:mode --off
OCC maintenance:repair

to seek for additional command consult Nextcloud documentation : https://docs.nextcloud.com/server/13.0.0/admin_manual/configuration_server/occ_command.html

Uninstall

yum remove smeserver-nextcloud  nextcloud

Use a dedicated domain to connect to Nextcloud

db domains set cloud.mydomain.com domain Description "Nextcloud" Content Primary Nameservers internet TemplatePath WebAppVirtualHost DocumentRoot /usr/share/nextcloud RequireSSL enabled letsencryptSSLcert enabled
signal-event domain-create cloud.mydomain.com

#this one to let nextcloud DAV be redirect correctly
config setprop nextcloud CloudDomain cloud.mydomain.com
signal-event nextcloud-update

#only if you use a Let's Encrypt certificate
expand-template /etc/dehydrated/domains.txt
dehydrated -c

Move user space from uuid to username

User stored using ldap from SME with initial install will create a space with their ldap uuid. This is not very user friendly and further more it will lead to ios app issues. Recent version will use the username for new users, but for those already created you will need to do the following you will need to do as admin :

  1. go to preference
  2. choose ldap
  3. choose expert
  4. fill the 3 fields as presented above, or using the cli do
 OCC ldap:set-config s01 ldapExpertUUIDGroupAttr cn
 OCC ldap:set-config s01 ldapExpertUUIDUserAttr uid
 OCC ldap:set-config s01 ldapExpertUsernameAttr uid
  1. in cli, you will then need to do :
  OCC user:list and save the content
  cd /home/e-smith/files/nextcloud/data ; mv OLDUUID username
  OCC files:scan username
  1. delete the UUID association for users
  2. you should then be able to login as the user with its previous files

Only drawback, trash history might be gone, a trick inside the db using a script could workaround that and avoid the OCC files:scan username

Mount with davfs on Fedora Clients

While you might love the easy setup of the gnome client for nextcloud, you might encounter some frustration of having your favourite applications not showing nextcloud as mounted and needing to find it to sometime not being able to access it.

Here is a workaround

First as root

dnf install davfs2 -y
usermod -aG davfs2 $YOURUSER
echo "use_locks 0" >> /etc/davfs2/davfs2.conf
echo "https://example.com/nextcloud/remote.php/webdav /home/$YOURUSER/nextcloud davfs user,rw,auto 0 0
" >> /etc/fstab

then you should log out /log in with your user in order to have the group membership. You can also just do "su -l USERNAME" then as your user (replace your_password by your password, or a token;):

mkdir ~/nextcloud
mkdir ~/.davfs2
echo "https://example.com/nextcloud/remote.php/webdav your_Nextcloud_username your_password" >> ~/.davfs2/secrets 
chmod 0600 ~/.davfs2/secrets

then just mount !

mount ~/nextcloud

From there you can tweak the cache configuration to make it easier for you if you are far from the server, default cache size is 50MiByte, you could increase it to let's say 3 GiByte in ~/.davfs2/davfs2.conf for your user

cache_size 3G

you should see the folder mount at every logon from now on! if you do not want that, change "auto" in the fstab by "noauto". Then add the following in ~/bash_profile or ~/bash_rc. You could user also mount -a and to try to put something in /etc/gdm/PostLogin/" instead

mount /home/username/nextcloud

And Finally to umount in gdm using "sudo vim /etc/gdm/PostSession/"

if [ ${USERNAME} = "myuser" ];then
  umount -fl /home/myuser/nextcloud
fi

Adapted from those sources:

Known issues

failure to do online upgrade from 13.0.2

The following extra files have been found:    assets
cd /usr/share/nextcloud/
rm -rf assets
yum update smeserver-nextcloud --enablerepo=smecontribs
signal-event nextcloud-update

then proceed to online web upgrade

issue upgrading from 13.0.2 to 15.0.0 RPM

Nextcloud is only build to upgrade from one major release to the next. If you try to install the nextcloud-15 rpm while you already have installed the nextcloud-13, you might have encounter the following issue.

“Updates between multiple major versions are unsupported”

goto usr/share/nextcloud

copy everything except /data and /config to temp folder

download intermediate version of nextcloud from https://nextcloud.com/changelog/

unzip and copy files to /usr/share/nextcloud, dont overwrite /data or /config

change ownership in /usr/share/nextcloud chown -R apache:www .

goto https://yoururl/nextcloud and run the updater

logon to nextcloud and make sure it is all working as expected

repeat above for each major update until you are one update from the latest major update. At that point you can follow the usual process. source (https://bugs.contribs.org/show_bug.cgi?id=10670#c3)

Upgrading from 17.0.1.x to 17.07.x

You can use the built in updater. The only issue experienced was right at the end of the process with a http 500 error. I just did 'retry' and it completed.

You may need to update your database which I did as follows - note it may take a very long time with a lot of files:

OCC maintenance:mode --on
OCC db:convert-filecache-bigint
OCC maintenance:mode --off

User cannot see shares/files

After a new install the admin user could see shares but not a user.

We had a single ibay and it was set:

Group Everyone
Write group
Read everyone

We created a new group called localusers and added the admin and single user.

We then set the ibay:

Group localusers
Write group
Read group

This appeared to fix the issue and the user could now see the files.

Reset Database

For reference, whilst looking at resetting file caches I found this.

It is probably extremely dangerous but wanted to make a note.

https://github.com/nextcloud/server/issues/8113#issuecomment-565876798

Koozali SMEv10 testing

We are still building Koozali SME v10 and have been testing installation of Nextcloud, currently on version 20.

We have packages in smedev.

You will also need packages from some other repos.


Bugs

Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-nextcloud component or use this link


Below is an overview of the current issues for this contrib:

IDProductVersionStatusSummary (6 tasks)
12487SME Contribs10.0CONFIRMEDupdate nextcloud fail2ban filter
12486SME Contribs10.0UNCONFIRMEDocc requires /sbin/e-smith to be in the path
12406SME Contribs10.0CONFIRMEDNFR switch to PHP83 support for NC 29 and after
11169SME Contribs10alphaCONFIRMEDsmeserver-nextcloud requires a modify script
10590SME ContribsFuturCONFIRMEDNFR: limit access to some groups
10566SME Contribs10.0CONFIRMEDNFR: split action nextcloud-occ-conf

Changelog

Only released version in smecontrib are listed here.

smeserver-nextcloud Changelog: SME 10 (smecontribs)

2024/01/29 Jean-Philippe Pialasse 1.2.0-29.sme
- require nextcloud-src >= 26 [SME: 12318]

 multiple fixes and rewrites
- restore default log level [SME: 12412]

2023/09/09 Jean-Philippe Pialasse 1.2.0-28.sme
- workaround opcache segfault with php 81 using in memory only [SME: 12298]

- index file cache using Redis [SME: 12401]
2023/09/09 John Crisp 1.2.0-27.sme
- Fix syntax error in 20opcache.ini [SME: 12298]
2023/08/19 Jean-Philippe Pialasse 1.2.0-26.sme
- fix missing template-begin

2023/08/08 Jean-Philippe Pialasse 1.2.0-25.sme
- make php81 compatible for NC 25 and higher [SME: 12298]
- requires php81-redis [SME: 12401]
- recognize need cpuinfo access [SME: 12339]

- remove simple signup link [SME: 12329]