Divers/mkdocs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
259b9c6a2429c52b666f93872d09379eed6793d4
mkdocs/docs/Plesk/nextcloud.md
Bruno21 d78f93eed2 14-11-2023
2023-11-14 20:35:51 +01:00

310 lines
8.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Nextcloud sur VPS/Plesk:
https://docs.nextcloud.com/server/18/admin_manual/index.html
### Paramètres PHP:
#### Directives supplémentaires:
```ini
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
[php-fpm-pool-settings]
env[PATH] = /usr/local/bin:/usr/bin:/bin
```
### Paramètres Apache et Nginx:
#### Directives supplémentaires Apache:
```ini
<LocationMatch "(?i:(?:wp-config\\.bak|\\.wp-config\\.php\\.swp|(?:license|changelog|-config|-sample)\\.(?:php|md|txt|htm|html)))">
Require all denied
</LocationMatch>
```
#### Directives supplémentaires Nginx:
```ini
# wordpress
location ~* "(?:wp-config\.bak|\.wp-config\.php\.swp|(?:license|changelog|-config|-sample)\.(?:php|md|txt|htm|html))" {
return 403;
}
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
# HTTP response headers borrowed from Nextcloud `.htaccess`
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make a regex exception for `/.well-known` so that clients can still
# access it despite the existence of the regex rule
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
# for `/.well-known`.
location ^~ /.well-known {
# The rules in this block are an adaptation of the rules
# in the Nextcloud `.htaccess` that concern `/.well-known`.
location = /.well-known/carddav { return 301 /nextcloud/remote.php/dav/; }
location = /.well-known/caldav { return 301 /nextcloud/remote.php/dav/; }
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
# Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 /nextcloud/index.php$request_uri;
}
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Pagespeed is not supported by Nextcloud, so if your server is built
# with the `ngx_pagespeed` module, uncomment this line to disable it.
#pagespeed off;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended
# to have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read
# into this topic first.
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy no-referrer;
add_header X-Content-Type-Options nosniff;
add_header X-Download-Options noopen;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Robots-Tag none;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
try_files $uri /index.php$request_uri;
}
```
### Réparation
Se mettre dans le répertoire de Nextcloud:
```bash
~$ cd ~/httpdocs/nextcloud
```
Activer le mode maintenance:
```bash
~/httpdocs/nextcloud$ sudo -u bruno /opt/plesk/php/8.0/bin/php occ maintenance:mode --on
The current PHP memory limit is below the recommended value of 512MB.
Maintenance mode enabled
```
Lance une réparation:
```bash
~/httpdocs/nextcloud$ sudo -u bruno /opt/plesk/php/8.0/bin/php occ maintenance:repair
```
```bash
~/httpdocs/nextcloud$ sudo -u bruno /opt/plesk/php/8.0/bin/php updater/updater.phar
Nextcloud Updater - version: v16.0.3-3-ga0c2b25 dirty
Current version is 18.0.3.
No update available.
Nothing to do.
```
```bash
~/httpdocs/nextcloud$ sudo -u bruno /opt/plesk/php/8.0/bin/php occ upgrade
The current PHP memory limit is below the recommended value of 512MB.
Nextcloud is already latest version
```
```bash
~/httpdocs/nextcloud$ sudo -u bruno /opt/plesk/php/8.0/bin/php occ maintenance:mode --off
The current PHP memory limit is below the recommended value of 512MB.
Maintenance mode disabled
```
```bash
~/httpdocs/nextcloud$ sudo -u bruno /opt/plesk/php/8.0/bin/php console.php files:scan --all
The current PHP memory limit is below the recommended value of 512MB.
Starting scan for user 1 out of 1 (bruno)
+---------+-------+--------------+
| Folders | Files | Elapsed time |
+---------+-------+--------------+
| 5 | 16 | 00:00:00 |
+---------+-------+--------------+`
```
### Mise-à-jour de Nextcloud:
```bash
~$ ./upgrade_nextcloud.sh
```
Si erreur pendant la m-à-j : PHP Fatal error: Allowed memory size of 134217728 bytes exhausted
```bash
[] Downloading
[ ] Verify integrity ...PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 189370744 bytes) in phar:///var/www/vhosts/maboiteverte.fr/httpdocs/nextcloud/updater/updater.phar/lib/Updater.php on line 652
```
executer la commande avec `-d memory_limit=-1`en paramètre:
```bash
[bruno@localhost nextcloud]$ sudo -u bruno /opt/plesk/php/8.0/bin/php -d memory_limit=-1 updater/updater.phar
Nextcloud Updater - version: v25.0.3-2-gd49ee0d
```
### Erreurs:
#### La base de données a quelques index manquants:
```bash
~/httpdocs/nextcloud$ sudo -u bruno /opt/plesk/php/8.0/bin/php occ db:add-missing-indices
```
#### Le module php-imagick na aucun support SVG dans cette instance (Nextcloud 21.0.1)
Il faut installer `libmagickcore`:
```bash
$ sudo apt install libmagickcore-6.q16-3-extra
```
#### Joplin:
```bash
bruno@localhost:~/.nextcloud/data/9d67e72f9807/bruno/files$ l
total 10728
drwxr-xr-x 5 bruno psacln 4096 Apr 12 08:39 .
drwxr-xr-x 6 bruno psacln 4096 Apr 12 09:59 ..
drwxr-xr-x 2 bruno psacln 4096 Apr 11 19:15 Documents
drwxr-xr-x 5 bruno psacln 16384 Apr 12 12:55 .Joplin
-rw-r--r-- 1 bruno psacln 3963036 Apr 11 19:15 'Nextcloud intro.mp4'
-rw-r--r-- 1 bruno psacln 6933565 Apr 11 19:15 'Nextcloud Manual.pdf'
-rw-r--r-- 1 bruno psacln 50598 Apr 11 19:15 Nextcloud.png
drwxr-xr-x 2 bruno psacln 4096 Apr 11 19:15 Photos
```
#### Logs:
https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/logging_configuration.html
Afficher les logs:
```lo
tail -f /var/www/vhosts/maboiteverte.fr/httpdocs/nextcloud/data/nextcloud.log
```
Configuration:
```bash
# dans config.php:
'loglevel' => 2,
'log_type' => 'file',
'logfile' => 'nextcloud.log',
'logdateformat' => 'F d, Y H:i:s',
```
Problèmes de synchro
Plesk -> Wordpress -> maboiteverte.fr -> Vérifier la sécurité:
Décocher:
- Bloquer l'accès aux fichiers potentiellement sensibles
-
[Nextcloud sur NAS Synology](../Synology/dsm6/nextcloud.md)
[Installer Nextcloud en ligne de commande](../Divers/nextcloud.md)
Reference in New Issue View Git Blame Copy Permalink