Instalasi NextCloud 13 pada Ubuntu 16.04 LTS¶
Spek:
- MariaDB 10.2.13
- Apache 2.4.29
- PHP 7.2.2
- NextCloud 13.0.0
Database server¶
MariaDB - Instalasi MariaDB 10.2 client¶
sudo apt-get install dirmngr
#
# curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version=mariadb-10.2
#
sudo apt-get install mariadb-client
#
mysql -h MARIADB_SERVER_IP -P MARIADB_SERVER_PORT -u mariadb_client_user -p
Disabled or BINLOG_FORMAT = MIXED configured Binary Logging¶
Permanen secara global melalui konfigurasi utama MariaDB
sudo nano /etc/mysql/my.conf
[mysqld]
binlog_format = MIXED
Atau
mysql -uroot
-- global menggunkana pengguna SUPER
USE mysql;
SET GLOBAL binlog_format = 'MIXED';
-- pada basis data spesifik menggunakan pengguna basis data
USE nextcloud;
SET SESSION binlog_format = 'MIXED';
READ COMMITTED transaction isolation level¶
Permanen secara global melalui konfigurasi utama MariaDB
sudo nano /etc/mysql/my.conf
[mysqld]
transaction-isolation = READ-COMMITTED
Atau
mysql -uroot
-- global
USE mysql;
SET GLOBAL TRANSACTION ISOLATION LEVEL READ COMMITTED;
-- basis data spesifik
USE nextcloud;
SET SESSION TRANSACTION ISOLATION LEVEL READ COMMITTED;
-- SET SESSION TRANSACTION ISOLATION LEVEL REPEATABLE READ;
Manual instalation¶
Requirement - Distro bundled¶
apt-get install apache2 libapache2-mod-php7.0
apt-get install php7.0-gd php7.0-json php7.0-mysql php7.0-curl php7.0-mbstring
apt-get install php7.0-intl php7.0-mcrypt php-imagick php7.0-xml php7.0-zip
optional - external updated repo¶
# https://github.com/oerdnj/deb.sury.org/wiki/Frequently-Asked-Questions
sudo apt-get install -y language-pack-en-base software-properties-common
locale-gen en_US.UTF-8
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
sudo add-apt-repository ppa:ondrej/php
sudo add-apt-repository ppa:ondrej/apache2
sudo apt-get update
#
sudo apt-get install -y apache2 libapache2-mod-php7.2 php7.2-gd php7.2-json php7.2-mysql php7.2-curl php7.2-mbstring php7.2-intl php-imagick php7.2-xml php7.2-zip php7.2-ldap
Download NextCloud¶
# variables
NEXTCLOUD_RELEASE="13.0.0"
INSTALL_DIR="/opt"
INSTANCE_FQDN="agihan.proxsis.co.id"
# download
wget https://download.nextcloud.com/server/releases/nextcloud-$NEXTCLOUD_RELEASE.tar.{bz2,bz2.asc}
wget https://nextcloud.com/nextcloud.asc
gpg --import nextcloud.asc
gpg --verify nextcloud-$NEXTCLOUD_RELEASE.tar.bz2.asc nextcloud-$NEXTCLOUD_RELEASE.tar.bz2
# extract & run
tar -xvjf nextcloud-$NEXTCLOUD_RELEASE.tar.bz2
# copy
cp -arv nextcloud $INSTALL_DIR
chown -Rv www-data:www-data $INSTALL_DIR/nextcloud
#
# nano /etc/apache2/sites-available/$INSTANCE_FQDN.conf
cat << EOF > /etc/apache2/sites-available/$INSTANCE_FQDN.conf
Alias / "$INSTALL_DIR/nextcloud/"
<Directory $INSTALL_DIR/nextcloud/>
Options +FollowSymlinks
AllowOverride All
Satisfy Any
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME $INSTALL_DIR/nextcloud
SetEnv HTTP_HOME $INSTALL_DIR/nextcloud
</Directory>
EOF
#
a2dissite 000-default.conf
a2ensite $INSTANCE_FQDN.conf
# ln -sv /etc/apache2/sites-available/$INSTANCE_FQDN.conf /etc/apache2/sites-enabled/$INSTANCE_FQDN.conf
#
a2enmod {rewrite,headers,env,dir,mime,ssl}
#
Data location¶
mkdir -pv /mnt/vol02-nextcloud/data
chown -v www-data:www-data /mnt/vol02-nextcloud/data
Pretty URL¶
#
nano $INSTALL_DIR/nextcloud/config/config.php
#
'htaccess.RewriteBase' => '/',
# Finally run this occ-command to update your .htaccess file
sudo -u www-data php $INSTALL_DIR/nextcloud/occ maintenance:update:htaccess
SSL¶
self-signed¶
a2enmod ssl
a2ensite default-ssl
service apache2 reload
Let’s Encrypt¶
#
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-apache
#
sudo certbot --apache
# sudo certbot --apache certonly
#
sudo certbot renew --dry-run
LDAP auth¶
#
sudo -u www-data php /var/www/nextcloud/occ ldap:show-config
#
sudo -u www-data php /var/www/nextcloud/occ ldap:test-config ""
#
sudo -u www-data php /var/www/nextcloud/occ config:app:set user_ldap enforce_home_folder_naming_rule --value=1
DEBUG¶
// https://docs.nextcloud.com/server/13/admin_manual/configuration_server/logging_configuration.html
'log_type' => 'owncloud',
'logfile' => 'nextcloud.log',
'loglevel' => '0',
'logdateformat' => 'F d, Y H:i:s',
Digital Ocean Spaces as Primary Storage¶
// https://docs.nextcloud.com/server/11/admin_manual/configuration_files/primary_storage.html#amazon-s3
'objectstore' => array(
'class' => 'OC\\Files\\ObjectStore\\S3',
'arguments' => array(
'bucket' => 'agihan',
'autocreate' => true,
'key' => 'AGY3Q2BRX2TS7YUMPU2R',
'secret' => 'y4aUeHKNB3OKwyUvJUJmE1MOLAX24tcvWD/cZwy7DfE',
'hostname' => 'sgp1.digitaloceanspaces.com',
// 'port' => 1234,
'use_ssl' => true,
'region' => 'sgp1',
// required for some non amazon s3 implementations
// 'use_path_style'=>true
),
),
LDAP / AD Integration¶
Server
- Host: ipa1.int.proxsis.co.id
- Port:
- Pengguna DN: uid=system,cn=sysaccounts,cn=etc,cn=int,cn=proxsis,cn=co,cn=id
- Kata sandi: rahAsia51A2#
- Satu base DN per baris: dc=int,dc=proxsis,dc=co,dc=id
Pengguna
- LDAP filter: (objectclass=*)
Atribut Login
- Sunting Kueri LDAP: (uid=%uid)
Grup
- LDAP Filter: (|(cn=ipausers))
Lanjutan
- Pengaturan Koneksi
- Konfigurasi Aktif: v
- Pengaturan Direktori
- Bidang Tampilan Nama Pengguna: displayname
- Bidang Tampilan Nama Pengguna Kedua
- Base User Tree: cn=users,cn=accounts,dc=int,dc=proxsis,dc=co,dc=id
- Atribut Pencarian Pengguna
- Bidang Tampilan Nama Grup: cn
- Base Group Tree: cn=groups,cn=accounts,dc=int,dc=proxsis,dc=co,dc=id
- Atribut Pencarian Grup
- Asosiasi Anggota-Grup: uniqueMember
- URL Member Grup Dinamis
- Grup Bersarang
- Paging chunksize
- Aktifkan perubahan
- Default password policy DN
- Atribut Khusus:
- Kolom Kuota:
- Kuota Baku:
- Kolom Email: mail
- Aturan Penamaan Folder Home Pengguna:
- Nama Pengguna internal:
- Atribut Nama Pengguna Internal: uid
- Timpa deteksi UUID
- Atribut UUID untuk Pengguna: ipaUniqueID
- Atribut UUID untuk Grup: ipaUniqueID
Memindahkan atau menunjuk direktori data ke lokasi lain¶
Proses ini dilakukan pada DigitalOcean dengan menggunakan Block Storage
# Melakukan format terhadap Block Storage yang baru tautkan dengan Droplet
sudo mkfs.ext4 -F /dev/disk/by-id/scsi-0DO_Volume_vol02-agihan
# Membuat direktori tujuan `mount`, melakukan proses `mount` dan terakhir menyematkan konfigurasi fstab, agar otomatis terpasang setelah proses reboot
sudo mkdir -p /mnt/vol02-agihan; sudo mount -o discard,defaults /dev/disk/by-id/scsi-0DO_Volume_vol02-agihan /mnt/vol02-agihan; echo /dev/disk/by-id/scsi-0DO_Volume_vol02-agihan /mnt/vol02-agihan ext4 defaults,nofail,discard 0 0 | sudo tee -a /etc/fstab
# Lakukan salin berkas dengan metode sinkronisasi menggunakan `rsync`, pastikan menggunakan parameter yang menjamin kesamaan atribut antara lokasi lama dengan lokasi baru
sudo screen rsync -Phirvogt /opt/nextcloud/data /mnt/vol02-agihan/
# Beralih ke moda perawatan `on` lalu matikan sementara `apache2`
sudo -u www-data php /opt/nextcloud/occ maintenance:mode --on
sudo systemctl stop apache2
# Cadangkan basis data untuk memitigasi risiko galat fatal
mysqldump -u pgs_nc13 -h 10.130.64.244 -P 33066 -p
# Setelah mode perawatan aktif dan apache sudah dimatikan, lakukan sinkronisasi sekali lagi untuk memastikan konsistensi data
sudo screen rsync -Phirvogt /opt/nextcloud/data /mnt/vol02-agihan/
# Ubah nama direktori `/opt/nextcloud/data`
sudo mv /opt/nextcloud/data{,-relocated}
# Buat `symlink` tautan simbolik dari lokasi baru ke lokasi lama
sudo ln -s /mnt/vol02-agihan/data/ /opt/nextcloud/data
# Lakukan verifikasi data, ubah moda perawatan `off`, dan hidupkan kembali apache2
sudo -u www-data php /opt/nextcloud/occ files:scan --all
sudo -u www-data php /opt/nextcloud/occ maintenance:mode --off
sudo systemctl start apache2; sudo systemctl status apache2