Commit 710f5601 authored by pedrolab's avatar pedrolab

howto nextcloud

parent 067db5b8
# install nextcloud
install apache
apt-get install apache2 libapache2-mod-php7.0
install mysql
apt-get install mariadb-server php7.0-mysql
install php
apt-get install php7.0-gd php7.0-json php7.0-curl php7.0-mbstring
install php extensions
apt-get install php7.0-intl php7.0-mcrypt php-imagick php7.0-xml php7.0-zip
install apache modules
a2enmod php7.0 rewrite headers env dir mime
download latest nextcloud (today is 15.0.5)
cd /var/www/html
chown -R www-data: nextcloud
do apache configuration for nextcloud
vi /etc/apache2/sites-available/nextcloud.conf
option /nextcloud - use this configuration if you want to access nextcloud through
Alias /nextcloud "/var/www/nextcloud/"
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
DocumentRoot /var/www/html/nextcloud
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
Satisfy Any
<Directory "/var/www/html/nextcloud/data/">
# just in case if .htaccess gets disabled
Require all denied
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15768000; preload"
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
enable site for apache
add in `/etc/php/7.0/apache2/php.ini`:
[optional] in case you want to have data in different disk/storage:
mkdir -p /media/data/nextcloud
chown -R www-data: /media/data/nextcloud
cd /var/www/html/nextcloud
mv data /media/data/nextcloud
ln -s /media/data/nextcloud/data data
create user, database and choose privileges for nextcloud's case: run `mysql_setpermission` and select option 6
run in browser nextcloud and follow steps to install it
enter nextcloud, go to apps and install: calendar, polls, collabora online
# collabora online
install docker
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
curl -fsSL | sudo apt-key add -
apt-key fingerprint 0EBFCD88
add-apt-repository \
"deb [arch=amd64] \
$(lsb_release -cs) \
apt-get update
apt-get install docker-ce docker-ce-cli
after that you have to reboot
`` in case you use apache2 as reverse proxy (as seen in the official guide)
<VirtualHost *:443>
# SSL configuration, you may want to take the easy route instead and use Lets Encrypt!
SSLEngine on
#SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
#SSLCertificateChainFile /path/to/intermediate_certificate
#SSLCertificateKeyFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# Container uses a unique non-signed certificate
SSLProxyEngine On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
# keep the host
ProxyPreserveHost On
# static html, js, images, etc. served from loolwsd
# loleaflet is the client part of LibreOffice Online
ProxyPass /loleaflet retry=0
ProxyPassReverse /loleaflet
# WOPI discovery URL
ProxyPass /hosting/discovery retry=0
ProxyPassReverse /hosting/discovery
# Main websocket
ProxyPassMatch "/lool/(.*)/ws$" wss://$1/ws nocanon
# Admin Console websocket
ProxyPass /lool/adminws wss://
# Download as, Fullscreen presentation and Image upload operations
ProxyPass /lool
ProxyPassReverse /lool
# Endpoint with information about availability of various features
ProxyPass /hosting/capabilities retry=0
ProxyPassReverse /hosting/capabilities
[nginx reverse proxy option](
enable site
if your reverse proxy is in localhost
docker run -t -d -p -e 'domain=nextcloud\\.example\\.com' -e 'dictionaries=en es ..' --restart always --cap-add MKNOD collabora/code
if your reverse proxy is in another host and in the host you installed collabora online is not exposed to the internet directly (and remember to adapt config file of reverse proxy changing localhost to the host you have to go):
docker run -t -d -p -e 'domain=nextcloud\\.example\\.com' -e 'dictionaries=en es ..' --restart always --cap-add MKNOD collabora/code
if you have firewall:
- ACCEPT traffic for docker0 bridge interface
- don't allow docker to modify firewall, put `DOCKER_OPTS="--iptables=false"` in `/etc/default/docker`
a way to validate that collabora online is working:
## issue with xfs d_type false
problem: xfs with d_type/ftype false is problematic with docker
workaround: create a new xfs partition
create new directory in that new partition for docker
mkdir -p /media/data/docker
find docker.service
systemctl status docker
go to `/lib/systemd/system/docker.service` and add the location (thanks
ExecStart=/usr/bin/dockerd -g /media/data/docker -H fd:// --containerd=/run/containerd/containerd.sock
reload systemd config
systemctl daemon-reload
force the usage of overlay2 (src Add in `/etc/docker/daemon.json`
"storage-driver": "overlay2"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment