Project

General

Profile

Support #847

Install a NextCloud Server on FreeBSD

Added by Daniel Curtis over 8 years ago. Updated almost 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Daniel Curtis
Category:
Web Server
Target version:
FreeBSD 10
Start date:
08/30/2016
Due date:
% Done:

100%

Estimated time:
1.00 h
Spent time:
3.00 h

Description

This is a guide on setting up NextCloud 12 with Nginx on FreeBSD 11.

Prepare the Environment

  • Before installation of the components, make sure everything is up to date using the following command:
    pkg update -f && pkg upgrade
  • Create the nextcloud user:
    pw user add -n nextcloud -m -s /sbin/nologin -c "NextCloud"

Install Nginx

  • Install Nginx
    pkg install nginx
  • Start and enable nginx at boot:
    echo 'nginx_enable="YES"' >> /etc/rc.conf
service nginx start
  • Create a configuration directory to make managing individual server blocks easier
    mkdir /usr/local/etc/nginx/conf.d
  • Edit the main nginx config file:
    vi /usr/local/etc/nginx/nginx.conf
    • And strip down the config file and add the include statement at the end to make it easier to handle various server blocks:
      worker_processes  1;
error_log  /var/log/nginx-error.log;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    # Load config files from the /etc/nginx/conf.d directory
    include /usr/local/etc/nginx/conf.d/*.conf;
}

Install PHP

  • Install PHP 5.6:
    pkg install php56
  • Configure the default PHP settings
    cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
  • Edit the PHP config:
    vi /usr/local/etc/php.ini
    • And add the following to the end of the file to enable opcache:
      opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
  • Create a directory for the php-fpm configs:
    mkdir /usr/local/etc/php-fpm.d
  • Edit /usr/local/etc/php-fpm.conf:
    vi /usr/local/etc/php-fpm.conf
    • Make the following changes:
      include=/usr/local/etc/php-fpm.d/*.conf
  • Enable PHP-FPM at boot:
    echo 'php_fpm_enable="YES"' >> /etc/rc.conf
  • Restart nginx:
    service nginx restart

Install MySQL Server (Option 1)

  • Start by installing the mysql56-server and mysql56-client packages:
    pkg install mysql56-{server,client}
  • Copy a base MySQL configuration to use:
    cp /usr/local/share/mysql/my-small.cnf /var/db/mysql/my.cnf
  • Edit the mariadb config to change the max packet size:
    vi /var/db/mysql/my.cnf
    • and modify max_allowed_packet to 32M
      max_allowed_packet = 32M
  • Enable and start MariaDB
    echo 'mysql_enable="YES"' >> /etc/rc.conf
service mysql-server start
  • Prepare the database for use by running the secure installation:
    mysql_secure_installation
    • NOTE: Choose a strong root password and answer yes to all questions.

Create MySQL Databases and Users

  • Login to MySQL and create appropriate databases and users.
    mysql -u root -p
    • and run the following SQL queries to create the nextclouddb database and nextclouduser user:
      CREATE DATABASE nextclouddb CHARACTER SET utf8;

CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'SuperSecretPassword';

GRANT ALL PRIVILEGES ON nextclouddb.* TO 'nextclouduser'@'localhost';

FLUSH PRIVILEGES;

quit

Install PostgreSQL (Option 2)

  • Start by installing the mysql56-server and mysql56-client packages:
    pkg install postgresql95-{server,client} php56-{pdo_pgsql,pgsql}
  • Enable, initialize and start PostgreSQL
    echo 'postgresql_enable="YES"' >> /etc/rc.conf
service postgresql initdb
service postgresql start
  • Edit the pg_hba.conf file:
    vi /usr/local/pgsql/data/pg_hba.conf
    • And add the following to the end of the file to enable password authentication:
      host    all        all        samehost        md5

Create PostgreSQL Databases and Users

  • Log in to postgresql user account
    su - pgsql
  • Connect to postgresql database
    psql -d template1
    • Create a user for NextCloud:
      CREATE USER nextclouduser WITH PASSWORD 'SuperSecretPassword' CREATEDB;
    • Create the NextCloud database & grant all privileges on database
      CREATE DATABASE nextclouddb OWNER nextclouduser encoding='UNICODE';
GRANT ALL PRIVILEGES ON DATABASE nextclouddb TO nextclouduser;
  • Quit postgresql and exit the user:
    \q
exit

Install Nextcloud

  • Install nextcloud:
    pkg install nextcloud
  • Create an nextcloud.example.com server block config file:
    vi /usr/local/etc/nginx/conf.d/nextcloud.example.com.conf
    • Add the following:
      upstream nextcloud-handler {
  server unix:/var/run/nextcloud.example.com-php-fpm.sock;
}

server {
  listen 80;
  server_name nextcloud.example.com;

  # Path to the root of your installation
  root /usr/local/www/nextcloud/;

  # set max upload size
  client_max_body_size 10G;
  fastcgi_buffers 64 4K;

  # Disable gzip to avoid the removal of the ETag header
  gzip off;

  rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
  rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
  rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;

  index index.php;
  error_page 403 /core/templates/403.php;
  error_page 404 /core/templates/404.php;

  location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
  }

  location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
    deny all;
  }

  location / {
    # The following 2 rules are only needed with webfinger
    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

    rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
    rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;

    rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;

    try_files $uri $uri/ =404;
  }

  location ~ \.php(?:$|/) {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_pass nextcloud-handler;
    fastcgi_intercept_errors on;
  }

  # Adding the cache control header for js and css files
  # Make sure it is BELOW the location ~ \.php(?:$|/) { block
  location ~* \.(?:css|js)$ {
    add_header Cache-Control "public, max-age=7200";
    # Add headers to serve security related headers
    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    # Optional: Don't log access to assets
    access_log off;
  }

  # Optional: Don't log access to other assets
  location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
    access_log off;
  }
}
  • Create the temporary session folder and restrict its permissions:
    mkdir -p /usr/local/www/nextcloud/tmp
chmod o-rwx /usr/local/www/nextcloud/tmp
  • Create the nextcloud php-fpm pool config file:
    vi /usr/local/etc/php-fpm.d/nextcloud.example.com.conf
    • And add the following:
      [nextcloud.example.com]
user = nextcloud
group = www
listen = /var/run/nextcloud.example.com-php-fpm.sock
listen.owner = nextcloud
listen.group = www
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
php_admin_value[session.save_path] = "/usr/local/www/nextcloud/tmp"
  • Change the ownership of the nextcloud directory:
    chown -R nextcloud:www /usr/local/www/nextcloud
  • Restart nginx and start php-fpm:
    service nginx restart
service php-fpm start

NextCloud With PHP7 (Optional)

  • Uninstall the default php56 version:
    pkg remove php56
pkg autoremove
  • Install portmaster:
    pkg install portmaster
  • Update ports tree:
    portsnap fetch extract
  • Edit the make.conf file:
    vi /etc/make.conf
    • And add the following to the file:
      DEFAULT_VERSIONS+= php=71
  • Build nextcloud with php71 as the default version:
    portmaster www/nextcloud

Redis

  • Install Redis and PHP extension:
    pkg install redis pecl-redis
    • NOTE: If using a non-default version of php, eg. php71, pecl-redis will need to be rebuild using the currently installed version of php:
      portmaster databases/pecl-redis
  • Create the directory which contains the socket
    mkdir -p /var/run/redis
chown redis:redis /var/run/redis
chmod 755 /var/run/redis
  • Edit the redis config:
    vi /usr/local/etc/redis.conf
    • And modify the following parameters in the config:
      port 0
unixsocket /var/run/redis/redis.sock
unixsocketperm 770
  • Add nextcloud user to redis group
    pw groupmod redis -m nextcloud
  • Start and enable Redis at boot:
    echo 'redis_enable="YES"' >> /etc/rc.conf
service redis.start
  • Edit the NextCloud config:
    vi /usr/local/www/nextcloud/config/config.php
    • And add the following before the ending );:
        'memcache.locking' => '\OC\Memcache\Redis',
  'memcache.local' => '\OC\Memcache\Redis',
  'redis' => array(
     'host' => '/tmp/redis.sock',
     'port' => 0,
  ),

Resources

#1

Updated by Daniel Curtis over 8 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100
#2

Updated by Daniel Curtis over 8 years ago

  • Status changed from Resolved to Closed
#3

Updated by Daniel Curtis almost 7 years ago

  • Description updated (diff)
#4

Updated by Daniel Curtis almost 7 years ago

  • Description updated (diff)
#5

Updated by Daniel Curtis almost 7 years ago

  • Description updated (diff)

Also available in: Atom PDF