This is a rewrite of this post original creator which i will make a new updated post on the forum based upon FreeNas 11 and Nextcloud 12.3
Enjoy!!!
This is a how to install Nextcloud 12.3 with all checks passed on FreeNAS 11.
This is a rewrite of the very first post with a few added adjustments where needed to make this fully functional.
I know this works as I have re-emulated this 4 times today to insure its accuracy
Somethings may need to be edited based upon volume name but for the most part plug and play
a great thanks to all of those that have contributed.
Creating the Dataset & Jail
Create Dataset
Within FreeNAS Userspace:
Storage > Create ZFS Dataset
Code:
Dataset Name = files
Compression level = lz4
Enable atime = Off
All other options default
SQL Data
Code:
Dataset Name = db
Compression level = zle
Enable atime = Off
Record Size = 16K (Under Advanced Mode)
All other options default
Add New user in FreeNAS space:
Code:
Username: mysql
Shell: nologin
Full Name: SQL User
Password: anything
From the Storage Tab
Change Permissions On your Storage volume that houses your jail -> should look similar to this>>> /mnt/your drive name/db
Code:
Owner: mysql
Owner: mysql
Set permission recursively
Create a Jail
Jails > Add Jail
Jail Name: nextcloud
Code:
Template: "------"
IPv4 Address: 192.168.1.99
IPv4 Subnet: 255.255.255.0
Leave all else default
Ensure VIMAGE is checked*
*Unless you have and want to use a separate and dedicated NIC for the jail. The MoBo I use comes with additional network ports.
Add Storage to the same jail you just created
Jail: nextcloud
Code:
Source = /mnt/Cloud/files
Destination = /mnt/files
Jail: nextcloud
Code:
Source = /mnt/Cloud/db
Destination = /var/db/mysql
Setting primary cache In FreeNAS UserSpace Shell
$
zfs set primarycache=metadata Cloud/db
F.A.M.P Installation
In this section we are going to install F.A.M.P, an iteration of LAMP (Linux, Apache, MySQL, PHP). I chose this because I, personally, haven't had much luck with nginx or lighttp. Another guide suggested lighttp and sqlite, but those might not hold up to a good amount of users storing a bit of data.
The setup is:
FreeBSD 10.1
Apache 2.4
MariaDB 10.1
PHP 7.0 **Do NOT install PHP7.1 - Nexcloud is absolutely incompatible with this version as of this writing **
This provides the basis for our webserving jail.
via putty ssh into the jail
From FreeNAS user space run command:
JLS
you will then see your jails, the run commander jexec "And the number of you jail" (example) "jexec 2"
Before we get started, let's add a few necessary packages as they aren't currently installed.
$
portsnap fetch extract
$
pkg install nano wget sudo
We will install each part of FAMP one-by-one. FreeBSD is the Operating system so good to go on that!
Apache 2.4
Install
$
pkg install apache24
Setup in rc.conf
$
sysrc apache24_enable=yes
Start Apache
$
service apache24 start
Check that it works
open a web browser on a local machine (preferably the machine your on) on your network
Navigate to
http://your_jails_ip and you should see the text "It Works!"
MariaDB 10.1
Install
$
pkg install mariadb101-server
Setup in rc.conf
$
sysrc mysql_enable=yes
Start MySQL Service
$
service mysql-server start
Run Wizard Script
$
mysql_secure_installation
Read and follow prompts. There is no root password set just hit enter, and answer Y to all the following questions.
Login to MySQL, create Nextcloud DB and User
$
mysql -u root -p
enter password you made for root during MariaDB 10.1 setup.
Enter each of these commands one-by-one, and make sure to include the semi-colon ;
Code:
Code:
CREATE DATABASE nextcloud;
CREATE USER 'nextcloud_admin'@'localhost' IDENTIFIED BY 'MAKEUP-YOUR-OWN-PASSWORD';
GRANT ALL ON nextcloud.* TO 'nextcloud_admin'@'localhost';
FLUSH PRIVILEGES;
exit
Replace MAKEUP-YOUR-OWN-PASSWORD with a password of your choosing. You need this for the NextCloud setup.
PHP 7.0
Install PHP and associated modules
Code:
Code:
pkg install redis php70 php70-bz2 php70-ctype php70-curl php70-dom php70-exif php70-fileinfo php70-filter php70-gd php70-hash php70-iconv php70-intl php70-json php70-mbstring php70-mcrypt php70-pdo_mysql php70-openssl php70-posix php70-session php70-simplexml php70-xml php70-xmlreader php70-xmlwriter php70-xsl php70-wddx php70-zip php70-zlib php70-opcache mod_php70
$
sysrc 'mysql_enable=YES' 'redis_enable=YES'
Configuring Apache for PHP7
Ensure that the rewrite and ssl modules are enabled (uncommented) in /usr/local/etc/apache24/httpd.conf.
$
nano /usr/local/etc/apache24/httpd.conf
Search the conf file for "ssl_module"
Code:
Code:
ctrl+w
ssl_module
ENTER
Uncomment (delete the # at the start of the line) so it looks like this:
LoadModule ssl_module libexec/apache24/mod_ssl.so
Repeat for
LoadModule rewrite_module libexec/apache24/mod_rewrite.so
Remove php5 add php7:
Code:
Find & Remove this >> LoadModule php5_module libexec/apache24/libphp5.so
Replace with >> LoadModule php7_module libexec/apache24/libphp7.so
If you can't find libphp5.so, just add
LoadModule php7_module libexec/apache24/libphp7.so
to the last of the LoadModule section; right above
# Third party modules
IncludeOptional ...
Also, after you save, double check that you see libphp7.so in /usr/local/libexec/apache24
$
find /usr -name libphp7.so
In httpd.conf Right after libphp7.so line add
Code:
Code:
<IfModule php7_module>
<FilesMatch "\.(php|phps|php7|phtml)$">
SetHandler php7-script
</FilesMatch>
DirectoryIndex index.php
</IfModule>
in httpd.conf FIND
Code:
<IFModule mime_module>
Then Insert this code After:
Code:
AddType application/x-httpd-php-source .phps
AddType application/x-httpd-php .php
Save & quit
Add a PHP handler to /usr/local/etc/apache24/modules.d
Code:
# cd /usr/local/etc/apache24/modules.d
# touch /usr/local/etc/apache24/modules.d/001_mod_php.conf
# nano /usr/local/etc/apache24/modules.d/001_mod_php.conf
Paste this test in the 001_mod_php.conf file:
Code:
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
Save & Exit
Once you're done save and close CTRL+x, Y, ENTER
service apache24 restart
Configure PHP.INI
Code:
$ cd /usr/local/etc
$ cp php.ini-production php.ini
$ nano /usr/local/etc/php.ini
Code:
find cgi.fix_pathinfo=0 change from =0 to =1
find date.timezone = Change to your timezone (America/New_York) [ SEE: http://php.net/manual/en/timezones.php ]
find post_max_size= change it to 1999M
find upload_max_size= change to 1999M
then uncomment and update the below values to match: (uncomment means to remove the # symbol before any line
Code:
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
CTRL+X, Y, ENTER
Restart Apache
$
service apache24 restart
Testing with PHPINFO()
Navigate to /usr/local/www/apache24/data/
Code:
$ cd /usr/local/www/apache24/data
$ touch info.php
$ nano info.php
Paste this into the info.php file
Code:
<?php
// Show all information, defaults to INFO_ALL
phpinfo();
?>
Save & Exit
Navigate to
http://your jails ip/info.php
You should see a full page with all the information regarding your PHP installation.
Now lets Configure REDIS
Update /usr/local/etc/redis.conf to run on local socket
Code:
nano /usr/local/etc/redis.conf
in the redis.conf file find the value
Code:
"port" and change it from its default value to 0
then uncomment by removing the ; symbol from in front of the below values and edit to match
Code:
unixsocket /tmp/redis.sock
unixsocketperm 777
Add REDIS to rc.conf
$
Code:
sysrc redis_enable=yes
Start REDIS
$
Run
ls -al /tmp
to run on local socket,
you should see redis.sock and mysql.sock in the list.
If you see those two, you're ALMOST DONE!!
Now lets Install NextCloud 12.3
before downloading NextCloud 12.3 navigate to the default apache data directory
$
Code:
cd /usr/local/www/apache24/data
Download Nextcloud:
wget https://download.nextcloud.com/server/releases/nextcloud-12.0.3.zip
Unzip Nextcloud:
$
unzip nextcloud-12.0.3.zip
Give correct owner/ or rather modify the folder permissions:
Code:
chown -R www:www /usr/local/www/apache24/data/nextcloud /mnt/files
Add virtual Host info :
Navigate to: /usr/local/etc/apache24/Includes
Code:
cd /usr/local/etc/apache24/Includes
Touch file: (I used a cloud.* subdomain, if you're not using a sub, remove the 'cloud.')
$ touch YOURDOMAIN.com.conf
$ nano YOURDOMAIN*
make your secure file in this format (simply copy and paste):
Code:
<VirtualHost *:80>
DocumentRoot "/usr/local/www/apache24/data/nextcloud"
ServerName YOURSITE.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =YOURSITE.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /usr/local/www/apache24/data/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /usr/local/www/apache24/data/nextcloud
SetEnv HTTP_HOME /usr/local/www/apache24/data/nextcloud
Satisfy Any
</Directory>
</VirtualHost>
Restart apache... again...
$
service apache24 restart
Navigate to the website
http://your jails ip/
You should now see the setup screen for NextCloud!!
If you do, give yourself a pat on the back. Now for the last steps...
NextCloud WebUI
Set up your admin account with a username and password you choose.
Storage & database
Code:
Data folder = /mnt/files
Database user = nextcloud_admin
Database password = MADEUP_PASSWORD_FROM_BEFORE
Database name = nextcloud
Database host = localhost:/tmp/mysql.sock
Then navigate back to: /usr/local/etc/apache24/Includes
Code:
cd /usr/local/etc/apache24/Includes
nano YOURDOMAIN*
YOURDOMAIN*<<<<<<<replace with whatever you domain name is
(for example) if your domain name is coolp.to.org you wwould enter "nano coolp.to.org*"
then add the below to your file and be sure to replace the yoursite.com bits with your coolp.to.org info
Code:
<VirtualHost *:443>
ServerAdmin YOUREMAIL
ServerName YOURSITE.COM
DirectoryIndex index.php
DocumentRoot /usr/local/www/apache24/data/nextcloud
SSLCertificateFile /usr/local/etc/letsencrypt/live/YOURSITE.COM/fullchain.pem
SSLCertificateKeyFile /usr/local/etc/letsencrypt/live/YOURSITE.COM/privkey.pem
SSLEngine on
# Intermediate configuration, tweak to your needs
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
<Directory /usr/local/www/apache24/data/nextcloud>
AllowOverride all
</Directory>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
</VirtualHost>
to setup a complete cache with redis and apcu:
Code:
cd
make config-recursive install -C /usr/ports/databases/pecl-redis
make config-recursive install -C /usr/ports/devel/pecl-APCu
the execute the following commands:
Code:
$ su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set memcache.local --value="\OC\Memcache\APCu"'
$ su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set memcache.locking --value="\OC\Memcache\Redis"'
$ su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set redis host --value="/tmp/redis.sock"'
$ su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set redis port --value=0 --type=integer'
to get rid of the below error message when restarting apache do the following:
Code:
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Stopping apache24.
Waiting for PIDS: 80591.
Performing sanity check on apache24 configuration:
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Starting apache24.
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message when stating apache do the following:
Run command:
nano /usr/local/etc/apache24/httpd.conf"
In the httpd.conf file under this section which reads:
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
ServerName your jails ip:80
<<<<<<<put your serving machines ip address and uncomment the line (uncomment simply means to remove the # symbol from the front of any line) and wala message will be fixed.
restart apache using the following command:
service apache24 restart
To add Domains that can connect from outside the lan:
navigate to: /usr/local/www/apache24/data/nextcloud/config/config.php
Code:
cd /usr/local/www/apache24/data/nextcloud/config/config.php
The file will look like the below:
Code:
<?php
$CONFIG = array (
'instanceid' => 'ocwo6kfuc3ve',
'passwordsalt' => '9s6vbvue6FZ3g2AklNJS4Y3S4Y3FG1',
'secret' => 'gzWPI+QgwkIKkYQwmgfGk7oGW87N/jaytyODIEgVfBjCek0y',
'trusted_domains' =>
array (
0 => '192.168.1.30',
1 => 'coolp.to.org',<<<add just like this
),
'datadirectory' => '/usr/local/www/apache24/data/nextcloud/data',
'overwrite.cli.url' => 'http://192.168.1.30',
'dbtype' => 'mysql',
'version' => '12.0.3.3',
'dbname' => 'nextcloud',
'dbhost' => 'localhost:/tmp/mysql.sock',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud_admin',
'dbpassword' => 'maria10 database password',
'installed' => true,
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '/tmp/redis.sock',
restart apache using the following command:
service apache24 restart
I cant use VI, its too cryptic so i choose to use nano to set cron jobs, to do so execute the following:
Code:
setenv VISUAL /usr/local/bin/nano
setenv EDITOR /usr/local/bin/nano
Setup NC's cron jobs:
crontab -u www -e
Code:
*/15 * * * * /usr/local/bin/php -f /usr/local/www/apache24/data/nextcloud/cron.php
And VOILA! YOU ARE DONE!!!!!
Now let secure this server so you can share with whoever you choose!!!!!!!!!!!!!
EXTRAS
SSL using Certbot
Download/Install Certbot
pkg install py27-certbot
certbot certonly --webroot -w /usr/local/www/apache24/data/nextcloud -d YOURSITE.COM
Navigate to /usr/local/etc/apache24/httpd.conf
Code:
cd /usr/local/etc/apache24/httpd.conf
in the httpd.conf file
Find
Listen 80
and add underneath
Listen 443
I don't know what the below command does but it works:
run command
nano /etc/make.conf
Then add to the 2nd line of the file
Code:
DEFAULT_VERSIONS+=php7.0
Restart Apache:
service apache24 restart
Add Cron Job:
crontab -e
Code:
* 1 * * 1 ./usr/local/bin/certbot renew --quiet
Using NC on separate NIC
Shut down the jail
Click Edit
Uncheck VIMAGE and select the NIC from the NIC drop down. Make sure your IP info didn't change.
Start jail and try to access your cloud. If all went well you'd basically see nothing changed as it will work as expected.
helpful commands and notes from install
to find a file:
enter command: find /usr -name "filename"