Pemutakhiran versi mayor Nextcloud dan hosting pada mesin baru dengan sistem operasi Ubuntu 18.04¶
Spesifikasi
- MariaDB 10.4.x
- Apache 2.4.4x
- PHP 7.3.x
- NextCloud 18.0.x
Persiapan¶
- Moda pemeliharaan
- Menonaktifkan
crontab - Menghentikan layanan peladen web
apache - Memastikan hak akses sesuai
- Mengaktifkan moda
debug - Snapshot Block Storage
- Dump-restore MariaDB ke MySQL DO Managed DB
- Partisi volume
- Partisi sistem operasi
- Partisi lokasi instalasi Nextcloud
- Partisi data
- Sinkronisasi
Moda pemeliharaan¶
sudo -u www-data php /opt/nextcloud/occ maintenance:mode --on
Menonaktifkan crontab¶
sudo crontab -u www-data -e
Menghentikan layanan peladen web apache¶
sudo systemclt stop apache2
Memastikan hak akses sesuai¶
sudo chown -Rv www-data:www-data nextcloud
Mengaktifkan moda debug¶
sudo -u www-data nano /opt/nextcloud/config/config.php
'debug' => true,
Snapshot Block Storage¶
- Akses app01-agihan
- Pilih menu Volumes, pada bagian kanan tekan tek More, maka akan tampil pilihan Take snapshot
- Tunggu sampai proses selesai
Dump-restore MariaDB ke MySQL DO Managed DB¶
Periksa ukuran tabel DB¶
SELECT
TABLE_NAME "Nama tabel",
TABLE_ROWS "Jumlah baris",
ROUND(((DATA_LENGTH + INDEX_LENGTH)/1024/1024),2) "Ukuran tabel (MB)"
FROM information_schema.TABLES
WHERE TABLE_SCHEMA = "proxsis_nc13"
ORDER BY (DATA_LENGTH + INDEX_LENGTH)
DESC;
MySQL dump¶
# melalui db01-mariadb-102
mysqldump -h localhost \
-u dbackup -p proxsis_nc13 > proxsis_nc13_`date +"%Y%m%d"`.sql
# mengintip isi berkas hasil dump
head -n 25 proxsis_nc13_`date +"%Y%m%d"`.sql
MySQL restore¶
mysql -h db06-mysql-8-do-user-2087952-0.a.db.ondigitalocean.com -P 25060 -u pgs_nc13 -p proxsis_nc13 < proxsis_nc13_`date +"%Y%m%d"`.sql
Menonaktifkan domain¶
Sementara menggunakan IP untuk mengakses
Menonaktifkan plugin¶
Menonaktifkan integrasi¶
Instalasi Apache2, MariaDB 10.4, & PHP 7.3¶
Apache2 & PHP 7.3¶
apt-get remove --purge apache2 libapache2-mod-php7.2 php7.2-cli
# tambah repositori
add-apt-repository ppa:ondrej/apache2
add-apt-repository ppa:ondrej/php
# memeriksa pembaruan hasil penambahan repositori
apt-get update
# instalasi apache2 dan php7.3
apt-get install -y apache2 libapache2-mod-php7.3
# mengaktifkan modul dasar yang diperlukan untuk instalasi Nextcloud
a2enmod rewrite headers env dir mime
a2dismod dav
# instalasi modul tambahan php untuk optimasi instalasi Nextcloud
apt-get install -y \
php7.3-{bz2,curl,gd,imap,intl,ldap,mbstring,mysql,xml,zip}
apt-get install -y php-imagick php-apcu redis-server php-redis
# menjalankan ulang layanan peladen web apache2
systemctl restart apache2
# menguji apache2 dan php7.3 sudah terintegrasi
echo "<?php phpinfo();?>" | sudo tee /var/www/html/infonih.php
# berkas konfigurasi php-fpm utama
nano /etc/php/7.3/apache2/php.ini
# berkas konfigurasi php-cli digunakan oleh Nextcloud CRON
nano /etc/php/7.3/cli/php.ini
Apache2 - self signed SSL¶
a2enmod ssl
a2ensite default-ssl
apache2ctl configtest
systemctl restart apache2
MariaDB¶
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://sgp1.mirrors.digitalocean.com/mariadb/repo/10.4/ubuntu bionic main'
apt-get update
apt-get install -y mariadb-client-10.4
Konfigurasi¶
Nextcloud - direktori aplikasi & data¶
lsblk
ln -s /mnt/vol03_agihan11/nextcloud /opt
ln -s /mnt/vol04_agihan12/data /opt
ls -lisah /opt/
Nextcloud - konfigurasi utama¶
Penyesuaian konfigurasi utama paska migrasi¶
sudo -u www-data nano /opt/nextcloud/config/config.php
<?php
$CONFIG = array (
'trusted_domains' =>
array (
0 => '1agihan.proxsis.co.id',
),
// Log
'log_type' => 'owncloud',
'logfile' => '/var/log/nextcloud/nextcloud.log',
'log_rotate_size' => 1024 * 1024 * 1024,
'loglevel' => 3,
'logdateformat' => 'F d, Y H:i:s',
'logtimezone' => 'Asia/Jakarta',
'log.condition' => [
'users' => ['ncmin'],
],
'datadirectory' => '/opt/data',
// Basis data
'dbtype' => 'mysql',
'version' => '14.0.14.1',
'dbname' => 'proxsis_nc13',
'dbhost' => 'private-db06-mysql-8-do-user-2087952-0.a.db.ondigitalocean.com:25060',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'pgs_nc13',
'dbpassword' => '',
// Tautan
'overwrite.cli.url' => 'https://1agihan.proxsis.co.id',
'overwriteprotocol' => 'https',
// Surel
'mail_from_address' => 'agihan',
'mail_smtpmode' => 'smtp',
'mail_smtpauthtype' => 'LOGIN',
'mail_domain' => 'proxsis.co.id',
'maintenance' => true,
'mail_smtpauth' => 1,
'mail_smtphost' => 'smtp.mailgun.org',
'mail_smtpport' => '2525',
'mail_smtpname' => '[email protected]',
'mail_smtppassword' => '',
'mail_smtpsecure' => 'tls',
// Keamanan
'lost_password_link' => 'http://layanan.proxsis.co.id',
'remember_login_cookie_lifetime' => 60*60*6,
'login_form_autocomplete' => false,
// Pengguna
'allow_user_to_change_display_name' => false,
'default_language' => 'id',
'activity_expire_days' => 365,
);
Pembuatan ulang berkas log¶
mkdir -p /var/log/nextcloud
touch /var/log/nextcloud/nextcloud.log
chown -Rv www-data:www-data /var/log/nextcloud
Apache - FQDN¶
nano /etc/apache2/sites-available/1agihan.proxsis.co.id.conf
Alias / "/opt/nextcloud/"
<Directory /opt/nextcloud/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
Satisfy Any
<IfModule mod_dav.c>
Dav off
</IfModule>
# <IfModule mod_headers.c>
# Header always set Strict-Transport-Security "max-age=31536000; preload"
# </IfModule>
# SetEnv HOME /opt/nextcloud
# SetEnv HTTP_HOME /opt/nextcloud
</Directory>
a2ensite 1agihan.proxsis.co.id
systemctl reload apache2
Apache - Let’s Encrypt SSL¶
Tambah repo PPA dan instalasi Certbot¶
add-apt-repository universe
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install -y certbot python-certbot-apache
Mendapatkan sertifikat SSL¶
# stagging
certbot --apache -m [email protected] --agree-tos --test-cert -d 1agihan.proxsis.co.id
# live
certbot --apache -m [email protected] --agree-tos -d 1agihan.proxsis.co.id
HTTP Strict Transport Security - 000-default-le-ssl.conf¶
nano /etc/apache2/sites-enabled/000-default-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName 1agihan.proxsis.co.id
# 20200425-032200 [AL]: Tambahan konfigurasi untuk HTTP Strict Transport Security
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; preload"
</IfModule>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/1agihan.proxsis.co.id/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/1agihan.proxsis.co.id/privkey.pem
</VirtualHost>
systemctl reload apache2
systemctl restart apache2
MySQL - SSL CA¶
nano /opt/nextcloud/config/config.php
'dbdriveroptions' => array(
PDO::MYSQL_ATTR_SSL_CA => '/file/path/to/ca_cert.pem',
),
Cron¶
crontab -u www-data -e
*/5 * * * * /usr/bin/php -f /opt/nextcloud/cron.php
crontab -u www-data -l
# jika perlu
chmod -v u+x /opt/nextcloud/cron.php
sudo -u www-data /usr/bin/php -f /opt/nextcloud/cron.php
Nextcloud - occ¶
Alias¶
nano ~/.zshrc
alias occ="sudo -u www-data php /opt/nextcloud/occ"
Mendapatkan informasi Nextcloud melalui CLI¶
#
occ config:system:get trusted_domains
Menentukan pengaturan Nextcloud melalui CLI¶
#
occ config:system:set maintenance --value=true --type=boolean
#
occ config:system:set trusted_domains 2 --value=gugus.proxsis.co.id
Menghapus pengaturan Nextcloud melalui CLI¶
occ config:system:delete lalala --error-if-not-exists
Pemeliharaan Nextcloud melalui CLI¶
#
occ maintenance:mode --on
#
occ db:add-missing-indices
occ db:convert-filecache-bigint
#
occ files:scan --all
occ files:cleanup
#
occ log:file --enable --file=/var/log/nextcloud/nextcloud.log --rotate-size=1Gb
#
occ maintenance:data-fingerprint
occ maintenance:mimetype:update-db
occ maintenance:mimetype:update-js
occ maintenance:update:htaccess
occ maintenance:repair
#
occ integrity:check-core
#
occ trashbin:cleanup --all-users
#
occ versions:cleanup --all-users
#
occ user:delete user.name
#
occ maintenance:mode --off
Pemutakhiran Nextcloud melalui CLI¶
occ check
occ status
occ upgrade -v
14.0 - 15.0.11¶
occ db:add-missing-indices
15.0.11 - 15.0.14¶
occ db:convert-filecache-bigint
15.0.14 - 16.0.10¶
mysql -h db06-mysql-8-do-user-2087952-0.a.db.ondigitalocean.com -P 25060 -u pgs_nc13 -p proxsis_nc13
DROP TABLE proxsis_nc13.oc_login_flow_v2;
16.0.10 - 17.0.6¶
occ db:add-missing-indices
17.0.6 - 18.0.4¶
occ db:add-missing-indices
PHP 7.3¶
nano /etc/php/7.3/apache2/php.ini
;memory_limit = 128M
memory_limit = 1024M
PHP OPcache¶
# max_accelerated_files
find /opt/nextcloud/ -type f -print | grep php | wc -l
nano /etc/php/7.3/apache2/conf.d/10-opcache.ini
; configuration for php opcache module
; priority=10
zend_extension=opcache.so
; 20200425-025700 [AL]: Tambahan konfigurasi untuk meningkatkan performa
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
APCu & Redis¶
nano /etc/php/7.3/apache2/conf.d/20-apcu.ini
extension=apcu.so
; 20200423-004600 [AL]: Tambahan konfigurasi untuk meningkatkan performa
apc.enable_cli=1
ps aux | egrep redis
nano /opt/nextcloud/config/config.php
'memcache.local' => '\OC\Memcache\APCu',
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => [
'host' => 'localhost',
'port' => 6379,
'dbindex' => 0,
'timeout' => 0.0,
],
usermod -aG redis www-data
systemctl restart apache2
ONLYOFFICE - Community Document Server¶
Jika terkendala untuk terhubung ke ONLYOFFICE, coba ubah sesuikan nilai parameter Document Editing Service address pada menu Administration > ONLYOFFICE menjadi:
# jika diperlukan
https://1agihan.proxsis.co.id/index.php/apps/documentserver_community/
ClamAV¶
apt-get install clamav clamav-daemon
systemctl enable clamav-daemon clamav-freshclam
systemctl restart clamav-daemon clamav-freshclam
Pengaturan ada pada menu Administration > Security
youtube-dl¶
curl -L https://yt-dl.org/downloads/latest/youtube-dl -o /usr/local/bin/youtube-dl
chmod a+rx /usr/local/bin/youtube-dl
ARIA2¶
#
apt-get install aria2 curl php7.3-curl
#
mkdir /var/log/aria2c /var/local/aria2c
touch /var/log/aria2c/aria2c.log
touch /var/local/aria2c/aria2c.sess
chown www-data.www-data -R /var/log/aria2c /var/local/aria2c
chmod 770 -R /var/log/aria2c /var/local/aria2c
sudo -u www-data aria2c --enable-rpc --rpc-allow-origin-all -c -D \
--log=/var/log/aria2c/aria2c.log \
--check-certificate=false \
--save-session=/var/local/aria2c/aria2c.sess \
--save-session-interval=2 \
--continue=true \
--input-file=/var/local/aria2c/aria2c.sess \
--rpc-save-upload-metadata=true \
--force-save=true \
--log-level=warn \
--rpc-listen-all=false
Automated PDF conversion¶
apt-cache policy libreoffice
apt-get install libreoffice
which libreoffice soffice
nano /opt/nextcloud/config/config.php
'preview_libreoffice_path' => '/usr/bin/libreoffice',
Rujukan¶
- https://www.howtogeek.com/175159/an-introduction-to-the-z-file-system-zfs-for-linux/
- How To Configure an Encrypted ZFS Pool with DigitalOcean Block Storage on FreeBSD
- How To Import and Export Databases in MySQL or MariaDB
- How to Check MySQL Database & Tables Size
- https://help.nextcloud.com/t/how-to-reduce-oc-activitiy-table/12269
- Nextcloud 14 - Configuration Parameters
- Nextcloud 18 - How to upgrade
- Nextcloud 18 - Backup
- https://help.nextcloud.com/t/cant-get-rid-of-ldap-users-and-files-from-them/22178/5
- https://help.nextcloud.com/t/can-i-delete-the-activities-list/33879
- https://websiteforstudents.com/install-the-latest-apache2-2-4-34-on-ubuntu-16-04-17-10-18-04-lts-servers/
- https://launchpad.net/~ondrej/+archive/ubuntu/apache2
- https://launchpad.net/~ondrej/+archive/ubuntu/php/
- Nextcloud 18 - Installation on Linux
- Nextcloud 18 - Memory caching
- How To Secure Apache with Let’s Encrypt on Ubuntu 18.04
- Best Zend OpCache Settings/Tuning/Config
- https://github.com/YunoHost-Apps/nextcloud_ynh/issues/287
- Nextcloud 18 - Antivirus scanner
- Nextcloud 18 - Using the occ command
- Installing LibreOffice on Linux