Nextcloud

Ependi Silalahi · Jun 18, 2017

I need help.
I have freebsd 11, nginx, PHP 71, and mariadb all latest have installed on my server.
I tried to run nextcloud 12 but it wouldnt install. I have done this on linux and no problem.
I put nextcloud root on /usr/www/nextcloud and created database and user but when tried to launch installation http://ipserver it wouldn't launch the installation and this what I normally do in Linux. What else do I need to do?
Thanks

rigoletto@ · Jun 18, 2017

First, the default place to install it, as almost everything on FreeBSD, would be /usr/local/, then /usr/local/www. You can deviate, of course, but then you should expect things to break sometimes...

Also, there is www/nextcloud in ports, and so no need to install it manually unless you have a reason.

Other than that, it is difficult to help without knowing exactly what is going on. What error messages you got, relevant config files contents etc?

Ependi Silalahi · Jun 18, 2017

lebarondemerde said:
First, the default place to install it, as almost everything on FreeBSD, would be /usr/local/, then /usr/local/www. You can deviate, of course, but then you should expect things to break sometimes...

Also, there is www/nextcloud in ports, and so no need to install it manually unless you have a reason.

Other than that, it is difficult to help without knowing exactly what is going on. What error messages you got, relevant config files contents etc?

Thanks for helping out. I put nextcloud on /usr/local/www/ but still not launch the installation.
Here is the nginx.conf
"
user www;
worker_processes 2;
error_log /var/log/nginx/error.log info;

events {
worker_connections 1024;
}

http {
include mime.types;
default_type application/octet-stream;

access_log /var/log/nginx/access.log;

sendfile on;
keepalive_timeout 65;

server {
listen 80;
server_name 10.0.0.11;
root /usr/local/www/nginx;
#root /bigpool/nextcloud/nextcloud;
index index.php index.html index.htm;

location / {
try_files $uri $uri/ =404;
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
}
There is no error it message when i tried to point http://myipserver. I was hoping by typing that then then the installation will start.
I want to use nginx and mariadb thats is the reason I do manually.

Thanks

rigoletto@ · Jun 18, 2017

I am not well versed on nginx and php, however with nextcloud 12 I had to do some changes on my config in order to get it working properly - I do not remember what that were..

Have you started the php-fpm service?

/etc/rc.conf

Code:

php_fpm_enable="YES"

neither I see, or similar, in your config:

Code:

upstream php-handler {
    server 127.0.0.1:9000;
}

That said, you may want to take a look on here too.

abishai · Jun 18, 2017

Ependi Silalahi said:
There is no error it message

Usually this indicates fatal php error during script execution. Default php settings have display_errors off. Turn it on and you'll see something.

Ependi Silalahi · Jun 19, 2017

My nginx run ok. I can run phpinfo.php . Yes I enable php_fpm on rc.conf
This is so confusing. I tried to install nextcloud from the port. It installed php5 and mysql56. I dont want that I just want to use mariadb (latest) and php71. Thats why I installed manually.

Ependi Silalahi · Jun 19, 2017

abishai said:
Usually this indicates fatal php error during script execution. Default php settings have display_errors off. Turn it on and you'll see something.

I will try that thanks

rigoletto@ · Jun 19, 2017

To set those specific ports versions you should add to your make.conf:

Code:

DEFAULT_VERSIONS+=php=71
DEFAULT_VERSIONS+=mysql=10.1m

Of course, it does not work for pkgs, just for ports.

EDIT: and take a look on the WIKI.

metsuke · Jun 19, 2017

Here is my config for nginx and also some lines in php-fpm.conf that I set.

/usr/local/www/nginx/nginx.conf

Code:

user  www;
worker_processes 4;
events {
   worker_connections  1024;
}

http {
        access_log off;
        client_body_buffer_size 128k;
        client_header_buffer_size 1m;
        client_max_body_size 0;
        default_type application/octet-stream;
        error_log /dev/null;
        fastcgi_buffers 512 16k;
        fastcgi_max_temp_file_size 0;
        gzip on;
        gzip_min_length 1100;
        gzip_buffers 4 32k;
        gzip_types text/plain application/x-javascript text/xml text/css;
        include mime.types;
        keepalive_timeout 65;
        large_client_header_buffers 4 64k;
        real_ip_header X-Forwarded-For;
        real_ip_recursive on;
        sendfile on;
        server_names_hash_bucket_size 64;
        set_real_ip_from 127.0.0.1;
        set_real_ip_from 10.0.0.16; #reverse proxy ip
        tcp_nodelay on;
        tcp_nopush on;

        index index.php;

    server {
        listen 80;
        server_name servername;
        return  301 https://$server_name$request_uri;
    }

    server {
        listen 443 ssl http2;
        server_name servername;

        ssl_certificate /certs/certs/servername.com/fullchain1.pem;
        ssl_certificate_key /certs/certs/servername.com/privkey1.pem;

        root   /usr/local/www/nextcloud;

        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        add_header X-Content-Type-Options nosniff;
        add_header X-Robots-Tag none;
        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
        add_header X-XSS-Protection "1; mode=block";

        location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
              deny all;
        }

        location / {
                allow all;
                fastcgi_buffers 64 4K;
                error_page 403 = /core/templates/403.php;
                error_page 404 = /core/templates/404.php;

                rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
                rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
                rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
                rewrite ^/(/core/doc[^\/]+/)$ /$1/index.html;
                try_files $uri $uri/ =404;
        }

        location ~ /(.*\.php)(?:$|/) {
                include fastcgi_params;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                fastcgi_param HTTPS on;
                fastcgi_intercept_errors on;
                fastcgi_pass unix:/var/run/php-fpm.sock;
                fastcgi_param modHeadersAvailable true;
        }

        location ~ /.*\.(?:css|js)$ {
                add_header Cache-Control "public, max-age=7200";
        }
    }
}

/usr/local/www/php-fpm.conf

Code:

listen = /var/run/php-fpm.sock

listen.owner = www
listen.group = www
listen.mode = 0660

rigoletto@ · Jun 19, 2017

Since we are sharing config files, this is my nextcloud configuration:

Code:

upstream php-handler {
    server unix:/var/run/php-fpm.sock;
}


server {
    listen        80;
    listen        127.0.0.254:80 accept_filter=httpready;
    server_name    SERVERADDRESS;
    return 301    https://$server_name$request_uri;
}

server {
    listen                443 ssl http2;
    listen                127.0.0.254:443 ssl accept_filter=dataready;
    server_name            SERVERADDRESS;

        ssl_certificate            /usr/local/etc/ssl/certs/nextcloud.crt;
        ssl_certificate_key        /usr/local/etc/ssl/keys/nextcloud.key;
        ssl_dhparam            /usr/local/etc/ssl/certs/dhparam.pem;

    ssl_ecdh_curve            X25519:secp521r1:secp384r1:prime256v1;
    ssl_protocols            TLSv1.2;
    ssl_session_cache        shared:SSL:10m;
    ssl_stapling            on;
    ssl_stapling_verify        on;
    ssl_session_tickets        off;
    ssl_prefer_server_ciphers    on;
    ssl_ciphers            EECDH+CHACHA20:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;

    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

    root                /usr/local/www/nextcloud;

        location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
        }

        location = /.well-known/carddav {
            return 301 $scheme://$host/remote.php/dav;
        }

        location = /.well-known/caldav {
            return 301 $scheme://$host/remote.php/dav;
        }

        client_max_body_size 512M;
        fastcgi_buffers 64 4K;

        gzip                     on;
        gzip_vary            on;
        gzip_comp_level  4;
        gzip_min_length  256;
        gzip_proxied       expired no-cache no-store private no_last_modified no_etag auth;
        gzip_types    application/atom+xml application/javascript application/json  application/ld+json \
                           application/manifest+json application/rss+xml application/vnd.geo+json \
                           application/vnd.ms-fontobject application/x-font-ttf \
                           application/x-web-app-manifest+json application/xhtml+xml \
                           application/xml font/opentype image/bmp image/svg+xml image/x-icon \
                           text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc \
                           text/vtt text/x-component text/x-cross-domain-policy;


        location / {
            rewrite ^ /index.php$uri;
        }

        location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
            deny all;
        }

        location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
            deny all;
        }

        location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {

            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param HTTPS on;
            fastcgi_param modHeadersAvailable true;
            fastcgi_param front_controller_active true;
            fastcgi_pass php-handler;
            fastcgi_intercept_errors on;
            fastcgi_request_buffering off;

        }

        location ~ ^/(?:updater|ocs-provider)(?:$|/) {
            try_files $uri/ =404;
            index index.php;
        }

        location ~ \.(?:css|js|woff|svg|gif)$ {
            try_files $uri /index.php$uri$is_args$args;
            add_header Cache-Control "public, max-age=15778463";
            add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
            add_header X-Content-Type-Options nosniff;
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Robots-Tag none;
            add_header X-Download-Options noopen;
            add_header X-Permitted-Cross-Domain-Policies none;
            access_log off;
        }

        location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
            try_files $uri /index.php$uri$is_args$args;
            access_log off;
        }
}

PS: I use libressl and not the base openssl.