Nextcloud

From DaqWiki
Jump to navigation Jump to search

owncloud

Links

Installation (el7)

on el7, upgrade php:

rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum erase php
yum install mod_php71w php71w-opcache
yum install "php71w*" --exclude "*mysql*"

utter selinux incantations:

setsebool -P httpd_can_sendmail=1
setsebool -P httpd_execmem true

install owncloud rpm:

rpm --import https://download.owncloud.org/download/repositories/production/CentOS_7/repodata/repomd.xml.key
wget http://download.owncloud.org/download/repositories/production/CentOS_7/ce:stable.repo -O /etc/yum.repos.d/ce:stable.repo
yum install owncloud-files
rpm -ql owncloud-files

configure apache httpd with ssl and certbot: [SLinstall#Configure_HTTPS_server_.28CentOS7.29]

systemctl restart httpd

open https://daqstore.triumf.ca/owncloud/

if it complains about directory permissions, do this per https://doc.owncloud.org/server/10.0/admin_manual/installation/selinux_configuration.html

semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/data(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/config(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/apps(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/.htaccess'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/.user.ini'
restorecon -Rv '/var/www/html/owncloud/'
semanage fcontext -a -t httpd_sys_rw_content_t '/pool/owncloud/data(/.*)?'
restorecon -Rv /pool/owncloud/data

Self registration

  • check that email notifications work
  • cd /var/www/html/owncloud/apps
  • git clone https://github.com/pellaeon/registration.git
  • cd registration
  • git checkout master ### use latest version
  • go to owncloud settings -> apps -> show disabled apps -> enable "registration"
  • you will be bumped into the "upgrade" page, with luck there will be no errors

To test registration:

  • open browser that does not remember you (firefox)
  • go to owncloud, click on "register"
  • enter email address, send the request, wait for reply email to arrive
  • the reply email has a web link for completing account creation, go there
  • select the new user name, new user password, say yes
  • new account is created automatically, notice is sent to the owncloud administrators

There is no owncloud app for self registration "with approval". If somebody starts creating spam user accounts and filling them with evil contents shared the world, it is only possible to delete the badnicks after the fact.

nextcloud

cd /var/www/html
wget https://download.nextcloud.com/server/releases/nextcloud-12.0.4.tar.bz2
tar xjvf nextcloud-12.0.4.tar.bz2
chown -R apache.apache nextcloud

semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/3rdparty/aws/aws-sdk-php/src/data/logs(/.*)?'
restorecon -Rv '/var/www/html/nextcloud'

zfs create pool/nextcloud

/bin/mv -v nextcloud/data /pool/nextcloud/
/bin/ln -s /pool/nextcloud/data nextcloud/

semanage fcontext -a -t httpd_sys_rw_content_t '/pool/nextcloud/data(/.*)?'
restorecon -Rv /pool/nextcloud/data

Installation

On el6, update php from 5.3 to 5.6:

rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm
yum remove php-common
yum install "php56w*" --exclude "php56w-conflicting" --exclude php56w-mysqlnd

From https://download.owncloud.org/download/repositories/stable/owncloud/ follow instructions for CentOS6 with php5.6: CentOS_6_PHP56 owncloud-8.2.2-1

Note: this will install php5.6 and httpd-2.4 from el6 software collections.

rpm --import https://download.owncloud.org/download/repositories/stable/CentOS_6_PHP56/repodata/repomd.xml.key
wget http://download.owncloud.org/download/repositories/stable/CentOS_6_PHP56/ce:stable.repo -O /etc/yum.repos.d/ce:stable.repo
yum clean expire-cache
yum install owncloud

Actual repo files are here: http://download.owncloud.org/download/repositories/stable/CentOS_6_PHP56/

Restart the web server (this restarts the httpd-2.2)

service httpd restart

Open https://daqshare.triumf.ca/owncloud/index.php

In .htacess, add this:

SSLRequireSSL

<IfModule mod_headers.c>
      Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
</IfModule>