Debian 10 64 bits – Nextcloud

Installation d'une instance Nextcloud sur une Debian Buster

Auteur : Vince Nadus
Date de publication : 1 mai 2021
lamp nginx nextcloud mariadb php

Pré-requis logiciel

apt-get install ca-certificates apt-transport-https

Pré-requis de Nextcloud

apt-get install apache2 mariadb-server php libapache2-mod-php php-common libapache2-mod-php php-mbstring php-xmlrpc php-soap php-apcu php-smbclient php-ldap php-redis php-gd php-xml php-intl php-json php-imagick php-mysql php-cli php-ldap php-zip php-curl php-opcache

Paramétrage PHP /etc/php/7.3/apache2/php.ini

file_uploads = On 
allow_url_fopen = On 
memory_limit = 256M 
upload_max_file_size = 300M 
max_execution_time = 360 
date.timezone = Pacific/Wallis

Paramétrage MySQL

mysql -u root -p
CREATE DATABASE nextcloud;
CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'new_password_here';
GRANT ALL ON nextcloud.* TO 'nextclouduser'@'localhost' IDENTIFIED BY 'user_password_here' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;

Téléchargement et déploiement Nextcloud

cd /tmp && wget https://download.nextcloud.com/server/releases/latest.zip 
unzip latest.zip 
mv nextcloud /var/www/html/nextcloud/
chown -R www-data:www-data /var/www/html/nextcloud/ 
chmod -R 755 /var/www/html/nextcloud/

Paramétrage Apache2 /etc/apache2/sites-available/nextcloud.conf

<VirtualHost *:80> 
    ServerAdmin admin@example.com 
    DocumentRoot /var/www/html/nextcloud/ 
    ServerName example.com 
    ServerAlias www.example.com 
    Alias /nextcloud "/var/www/html/nextcloud/" 

    <Directory /var/www/html/nextcloud/> 
        Options +FollowSymlinks 
        AllowOverride All 
        Require all granted 
            <IfModule mod_dav.c> 
                Dav off 
            </IfModule> 
        SetEnv HOME /var/www/html/nextcloud 
        SetEnv HTTP_HOME /var/www/html/nextcloud 
    </Directory> 
    ErrorLog ${APACHE_LOG_DIR}/error.log 
    CustomLog ${APACHE_LOG_DIR}/access.log combined 
</VirtualHost>

a2ensite nextcloud.conf 
a2enmod rewrite 
a2enmod headers 
a2enmod env 
a2enmod dir 
a2enmod mime
systemctl restart apache2.service

Accès à la page d’administration http://192.168.0.248/nextcloud/ Info https://www.c-rieger.de/ https://dennisnotes.com/note/20180831-nextcloud-docker-nginx-reverse-proxy/ Configuration Nextcloud https://cloud.loina.wf/index.php/settings/admin/overview Problème de sécurité de Header /etc/nginx/sites-enabled/nextcloud.conf

server {
if ($host = cloud.xxx.fr) {
return 301 https://$host$request_uri;
} # managed by Certbot

listen 80;
listen [::]:80;
server_name cloud.xxx.fr;

}
server {
listen 443 ssl;
listen [::]:443 ssl;

#root /var/www/html;
#index index.html index.htm index.nginx-debian.html;

server_name cloud.xxx.fr;

access_log /var/log/nginx/cloud.xxx.fr/access.log;
error_log /var/log/nginx/cloud.xxx.fr/error.log;

# On rend le reste directement
location / {
# auth_basic "Nom d'utilisateur et mot de passe sont recquis !";
# auth_basic_user_file /etc/nginx/.htpasswd;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
client_max_body_size 0;
proxy_pass http://X.X.X.X;
}
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}

location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
ssl_certificate /etc/letsencrypt/live/cloud.xxx.fr/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cloud.xxx.fr/privkey.pem; # managed by Certbot

}

Problème de proxy et d’origine /var/www/html/nextcloud/config/config.php

'trusted_proxies' => ['10.168.50.10'],

'trusted_domains' =>
array (
0 => '10.168.50.22',
1 => 'cloud.xxx.fr',
),

Problème de memcached /var/www/html/nextcloud/config/config.php

'memcache.local' => '\OC\Memcache\APCu',

Script Bash

Nextcloud Script