HOW-TO: NextCloud 10 w/ Apache, PHP, and MariaDB

[EsTaF]

cd /usr/ports/www/pecl-APC
make install clean
===> pecl-APC-3.1.14_1 cannot be installed: doesn't work with lang/php56
port (doesn't support PHP 5.5 5.6).
*** Error code 1
Stop.
make: stopped in /usr/ports/www/pecl-APC

Google show ( pecl-APCu "doesn't support PHP 5.5 5.6" ) nothing.

 

[Randy Smyth]

Thanks for the writeup, managed to get to the end with a lot of trial and error and few changes

-Could not get a separate DB dataset to work, failed permissions after a jail restart, so just installed the DB into the jail.
- I never turned on ssh, did it all within jail shell in freenas, and some editing and such with Cyberduck
- php70-APCu I never found and never installed, php70-redis also never found but system worked without, it must be included now in base package?
- adding "pkg install mod_php70" was needed
- certbot setup, I could not get the certificates to create with "certbot certonly --webroot -w /usr/local/www/apache24/data/nextcloud -d YOURSITE.COM" and instead used "certbot certonly --standalone --email your@email.com -d server.domain.com" which I got from https://www.reddit.com/r/sysadmin/comments/41wlj2/installing_a_signed_ssl_certificate_in_an/

Then, after finally getting it working, and an F on ssl labs, and using your guide on rebuilding ssl and apache, ssl labs reports A+.

Thanks again !

 

[DigitalShadow]

Also, when I do service apache24 restart, I get the following warnings (3 times):
WARNING: number of probes fixed does not match the number of defined probes (12 != 13, respectively)
WARNING: some probes might not fire or your program might crash

This, can anyone help?

 

[GarryL]

Hi nathank 1989 and all the other contributors to this post, I’m a newbie at FreeNAS and not very good at it with very little experience with FreeNAS or Linux. The fact that I have followed your guide and installed Nextcloud with an A+ SSL cert shows how great your guide is. Thanks so much.

In the installation I did four things to get me through:-

I left out installing php70-APCu and php70-redis and installed mod_php70

In setting up reds for caching I left off the first line ending in APCu as I couldn’t load php70-APCu

The cron commands didn’t run in my CLI so I used nano for setting cron with following
setenv VISUAL /usr/local/bin/nano
setenv EDITOR /usr/local/bin/nano

Finally certbot would not work until I did pkg upgrade.

I hope this info will help.

Plex next

 

[hoxide]

I'm having the same problem as the last 2 posters. there is no php70-APCu or php70-redis packages.

Also, when I do service apache24 restart, I get the following warnings (3 times):
WARNING: number of probes fixed does not match the number of defined probes (12 != 13, respectively)
WARNING: some probes might not fire or your program might crash
When I comment out the line, LoadModule php7_module libexec/apache24/libphp7.so, from httpd.conf, the warnings go away. Anyone know what's up?

I am having the exactly the same warning.

 

[rodofrn]

Hello, awesome guide. I ran into some issues at the end. I was able to log into the nextcloud, and set up and stuff, issue is with SSL.
I was able to create the certificate, and I checked with certlabs and it gave me an A+. But, when I go to the local IP, or the domain.com, i get : "This page isn't working blank page." This is my .conf file:

Code:

<VirtualHost *:80>
DocumentRoot "/usr/local/www/apache24/data/nextcloud"
ServerName MYDOMAIN.ddns.net
  RewriteEngine on
  RewriteCond %{SERVER_NAME} =MYDOMAIN.ddns.net
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /usr/local/www/apache24/data/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /usr/local/www/apache24/data/nextcloud
SetEnv HTTP_HOME /usr/local/www/apache24/data/nextcloud
Satisfy Any
</Directory>
</VirtualHost>

<VirtualHost *:443>
  ServerAdmin MYEMAIL
  ServerName MYDOMAIN.ddns.net
  DirectoryIndex index.php
  DocumentRoot /usr/local/www/apache24/data/nextcloud
  SSLCertificateFile /usr/local/etc/letsencrypt/live/freecloudnas.ddns.net/fullchain.pem
  SSLCertificateKeyFile /usr/local/etc/letsencrypt/live/freecloudnas.ddns.net/privkey.pem
  SSLEngine on
  # Intermediate configuration, tweak to your needs
  SSLProtocol  all -SSLv2 -SSLv3
  SSLCipherSuite  ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AE$
  SSLHonorCipherOrder  on
  SSLCompression  off
  SSLOptions +StrictRequire
  <Directory /usr/local/www/apache24/data/nextcloud>
  AllowOverride all
  </Directory>
  <IfModule mod_headers.c>
  Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
  </IfModule>
  </VirtualHost>

I have put in MYDOMAIN in my reply for security measure :) Also, instead of nextcloud 10, i installed 12 (i hope there are no issues?)
What is going on? Its like not pointing to the nextcloud server. Also, I have forwarded 80 and 443 on the router to the nextcloud jail IP. Any ideas what is wrong?

 

[Vigorio]

Hi, for all of you afflicted: php70 is great but it doesn´t have the APCu in it at least since 01.08.2017 anymore as it was removed from the repositories. To use APCu you HAVE to use php56. I successfully installed everything meant in this guide but on php56 instead of php70. NGINX seems to me working faster than Apache as I´ve tried both. Hope my info helps.

 

[Jailer]

If your going to use php56 you might as well just install the owncloud package.

 

[Kebba]

cd /usr/ports/www/pecl-APC
make install clean
===> pecl-APC-3.1.14_1 cannot be installed: doesn't work with lang/php56
port (doesn't support PHP 5.5 5.6).
*** Error code 1
Stop.
make: stopped in /usr/ports/www/pecl-APC

Google show ( pecl-APCu "doesn't support PHP 5.5 5.6" ) nothing.

I am a bit late, but in case someone finds this thread or you still need the help.

Your error can be fixed by first updating the port tree

portsnap fetch extract update

Then you need to make sure pecl-APCu is compiled for the right version. php56 is standard. Open/create the make config file
nano /etc/make.conf
And add the following line

Code:

DEFAULT_VERSIONS+=php7.0

And then compile. I have gotten Nextcloud 12.01 to work with php7.1 and APCu caching. I seen something about "ignore php7.0" in the release notes for pecl-APCu, so an upgrade to php7.1 might be needed for it to work. But it is worth a try without

 

[trentk10]

Thanks for this thread !!! (and a couple of others) Have a secured nextcloud 12.02 with apache24, mariaDB101, and php7.1

 

[cristiancel]

Hello.
I almost there... I've all up an running but I'm getting an issue with SSL.

certbot certonly --webroot -w /usr/local/www/apache24/data/nextcloud -d mydomain.com
Traceback (most recent call last):
File "/usr/local/bin/certbot", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3038, in <module>
@_call_aside
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3022, in _call_aside
f(*args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3051, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 659, in _build_master
return cls._build_from_requirements(__requires__)
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 672, in _build_from_requirements
dists = ws.resolve(reqs, Environment())
File "/usr/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 862, in resolve
raise VersionConflict(dist, req).with_context(dependent_req)
pkg_resources.ContextualVersionConflict: (cryptography 1.7.2 (/usr/local/lib/python2.7/site-packages), Requirement.parse('cryptography>=1.9'), set(['PyOpenSSL']))


Somebody saw that error ??

Regrads

Cristian

 

[dureal99d]

This is a rewrite of this post original creator which i will make a new updated post on the forum based upon FreeNas 11 and Nextcloud 12.3

Enjoy!!!

This is a how to install Nextcloud 12.3 with all checks passed on FreeNAS 11.

This is a rewrite of the very first post with a few added adjustments where needed to make this fully functional.
I know this works as I have re-emulated this 4 times today to insure its accuracy
Somethings may need to be edited based upon volume name but for the most part plug and play
a great thanks to all of those that have contributed.

Creating the Dataset & Jail
Create Dataset
Within FreeNAS Userspace:

Storage > Create ZFS Dataset

Code:

Dataset Name = files
Compression level = lz4
Enable atime = Off
All other options default

SQL Data

Code:

Dataset Name = db
Compression level = zle
Enable atime = Off
Record Size = 16K (Under Advanced Mode)
All other options default

Add New user in FreeNAS space:

Code:

Username: mysql
Shell: nologin
Full Name: SQL User
Password: anything

From the Storage Tab
Change Permissions On your Storage volume that houses your jail -> should look similar to this>>> /mnt/your drive name/db

Code:

Owner: mysql
Owner: mysql
Set permission recursively

Create a Jail
Jails > Add Jail

Jail Name: nextcloud

Code:

Template: "------"
IPv4 Address: 192.168.1.99
IPv4 Subnet: 255.255.255.0
Leave all else default

Ensure VIMAGE is checked*
*Unless you have and want to use a separate and dedicated NIC for the jail. The MoBo I use comes with additional network ports.

Add Storage to the same jail you just created

Jail: nextcloud

Code:

Source = /mnt/Cloud/files
Destination = /mnt/files

Jail: nextcloud

Code:

Source = /mnt/Cloud/db
Destination = /var/db/mysql

Setting primary cache In FreeNAS UserSpace Shell

$ zfs set primarycache=metadata Cloud/db

F.A.M.P Installation
In this section we are going to install F.A.M.P, an iteration of LAMP (Linux, Apache, MySQL, PHP). I chose this because I, personally, haven't had much luck with nginx or lighttp. Another guide suggested lighttp and sqlite, but those might not hold up to a good amount of users storing a bit of data.
The setup is:
FreeBSD 10.1
Apache 2.4
MariaDB 10.1
PHP 7.0 **Do NOT install PHP7.1 - Nexcloud is absolutely incompatible with this version as of this writing **
This provides the basis for our webserving jail.

via putty ssh into the jail

From FreeNAS user space run command: JLS
you will then see your jails, the run commander jexec "And the number of you jail" (example) "jexec 2"

Before we get started, let's add a few necessary packages as they aren't currently installed.

$ portsnap fetch extract

$ pkg install nano wget sudo

We will install each part of FAMP one-by-one. FreeBSD is the Operating system so good to go on that!

Apache 2.4
Install
$ pkg install apache24

Setup in rc.conf
$ sysrc apache24_enable=yes

Start Apache
$ service apache24 start

Check that it works
open a web browser on a local machine (preferably the machine your on) on your network

Navigate to http://your_jails_ip and you should see the text "It Works!"

MariaDB 10.1
Install

$ pkg install mariadb101-server

Setup in rc.conf
$ sysrc mysql_enable=yes


Start MySQL Service
$ service mysql-server start

Run Wizard Script
$ mysql_secure_installation

Read and follow prompts. There is no root password set just hit enter, and answer Y to all the following questions.

Login to MySQL, create Nextcloud DB and User
$ mysql -u root -p

enter password you made for root during MariaDB 10.1 setup.

Enter each of these commands one-by-one, and make sure to include the semi-colon ;

Code:

Code:

CREATE DATABASE nextcloud;

CREATE USER 'nextcloud_admin'@'localhost' IDENTIFIED BY 'MAKEUP-YOUR-OWN-PASSWORD';

GRANT ALL ON nextcloud.* TO 'nextcloud_admin'@'localhost';

FLUSH PRIVILEGES;

exit

Replace MAKEUP-YOUR-OWN-PASSWORD with a password of your choosing. You need this for the NextCloud setup.

PHP 7.0
Install PHP and associated modules
Code:

Code:

pkg install redis php70 php70-bz2 php70-ctype php70-curl php70-dom php70-exif php70-fileinfo php70-filter php70-gd php70-hash php70-iconv php70-intl php70-json php70-mbstring php70-mcrypt php70-pdo_mysql php70-openssl php70-posix php70-session php70-simplexml php70-xml php70-xmlreader php70-xmlwriter php70-xsl php70-wddx php70-zip php70-zlib php70-opcache mod_php70

$ sysrc 'mysql_enable=YES' 'redis_enable=YES'

Configuring Apache for PHP7
Ensure that the rewrite and ssl modules are enabled (uncommented) in /usr/local/etc/apache24/httpd.conf.

$ nano /usr/local/etc/apache24/httpd.conf


Search the conf file for "ssl_module"

Code:

Code:

ctrl+w
ssl_module
ENTER

Uncomment (delete the # at the start of the line) so it looks like this:

LoadModule ssl_module libexec/apache24/mod_ssl.so

Repeat for

LoadModule rewrite_module libexec/apache24/mod_rewrite.so

Remove php5 add php7:

Code:

Find & Remove this >> LoadModule php5_module libexec/apache24/libphp5.so
Replace with >> LoadModule php7_module libexec/apache24/libphp7.so
If you can't find libphp5.so, just add
LoadModule php7_module		libexec/apache24/libphp7.so
to the last of the LoadModule section; right above
# Third party modules
IncludeOptional ...

Also, after you save, double check that you see libphp7.so in /usr/local/libexec/apache24

$ find /usr -name libphp7.so

In httpd.conf Right after libphp7.so line add

Code:

Code:

<IfModule php7_module>
<FilesMatch "\.(php|phps|php7|phtml)$">
	 SetHandler php7-script
</FilesMatch>
DirectoryIndex index.php
</IfModule>

in httpd.conf FIND

Code:

<IFModule mime_module>

Then Insert this code After:

Code:

AddType application/x-httpd-php-source .phps
AddType application/x-httpd-php		.php

Save & quit


Add a PHP handler to /usr/local/etc/apache24/modules.d

Code:

# cd /usr/local/etc/apache24/modules.d
# touch /usr/local/etc/apache24/modules.d/001_mod_php.conf
# nano /usr/local/etc/apache24/modules.d/001_mod_php.conf

Paste this test in the 001_mod_php.conf file:

Code:

<FilesMatch "\.php$">
		SetHandler application/x-httpd-php
	</FilesMatch>
	<FilesMatch "\.phps$">
		SetHandler application/x-httpd-php-source
	</FilesMatch>

Save & Exit

Once you're done save and close CTRL+x, Y, ENTER
service apache24 restart


Configure PHP.INI

Code:

$ cd /usr/local/etc
$ cp php.ini-production php.ini
$ nano /usr/local/etc/php.ini

Code:

find cgi.fix_pathinfo=0 change from =0 to =1

find date.timezone = Change to your timezone (America/New_York) [ SEE: http://php.net/manual/en/timezones.php ]

find post_max_size= change it to 1999M

find upload_max_size= change to 1999M

then uncomment and update the below values to match: (uncomment means to remove the # symbol before any line

Code:

opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

CTRL+X, Y, ENTER

Restart Apache

$ service apache24 restart

Testing with PHPINFO()
Navigate to /usr/local/www/apache24/data/

Code:

$ cd /usr/local/www/apache24/data
$ touch info.php
$ nano info.php

Paste this into the info.php file

Code:

<?php
// Show all information, defaults to INFO_ALL
phpinfo();
?>

Save & Exit

Navigate to http://your jails ip/info.php

You should see a full page with all the information regarding your PHP installation.

Now lets Configure REDIS
Update /usr/local/etc/redis.conf to run on local socket

Code:

nano /usr/local/etc/redis.conf

in the redis.conf file find the value

Code:

"port" and change it from its default value to 0

then uncomment by removing the ; symbol from in front of the below values and edit to match

Code:

unixsocket /tmp/redis.sock
unixsocketperm 777

Add REDIS to rc.conf
$

Code:

sysrc redis_enable=yes

Start REDIS
$

Code:

service redis start

Run ls -al /tmp to run on local socket,

you should see redis.sock and mysql.sock in the list.

If you see those two, you're ALMOST DONE!!

Now lets Install NextCloud 12.3

before downloading NextCloud 12.3 navigate to the default apache data directory
$

Code:

cd /usr/local/www/apache24/data

Download Nextcloud:

wget https://download.nextcloud.com/server/releases/nextcloud-12.0.3.zip

Unzip Nextcloud:

$ unzip nextcloud-12.0.3.zip

Give correct owner/ or rather modify the folder permissions:

Code:

chown -R www:www /usr/local/www/apache24/data/nextcloud /mnt/files

Add virtual Host info :

Navigate to: /usr/local/etc/apache24/Includes

Code:

cd /usr/local/etc/apache24/Includes

Touch file: (I used a cloud.* subdomain, if you're not using a sub, remove the 'cloud.')

$ touch YOURDOMAIN.com.conf

$ nano YOURDOMAIN*

make your secure file in this format (simply copy and paste):

Code:

<VirtualHost *:80>
DocumentRoot "/usr/local/www/apache24/data/nextcloud"
ServerName YOURSITE.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =YOURSITE.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /usr/local/www/apache24/data/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /usr/local/www/apache24/data/nextcloud
SetEnv HTTP_HOME /usr/local/www/apache24/data/nextcloud
Satisfy Any
</Directory>
</VirtualHost>

Restart apache... again...

$ service apache24 restart

Navigate to the website

http://your jails ip/

You should now see the setup screen for NextCloud!!

If you do, give yourself a pat on the back. Now for the last steps...

NextCloud WebUI
Set up your admin account with a username and password you choose.

Storage & database

Code:

Data folder = /mnt/files
Database user = nextcloud_admin
Database password = MADEUP_PASSWORD_FROM_BEFORE
Database name = nextcloud
Database host = localhost:/tmp/mysql.sock

Then navigate back to: /usr/local/etc/apache24/Includes

Code:

cd /usr/local/etc/apache24/Includes
nano YOURDOMAIN*

YOURDOMAIN*<<<<<<<replace with whatever you domain name is
(for example) if your domain name is coolp.to.org you wwould enter "nano coolp.to.org*"

then add the below to your file and be sure to replace the yoursite.com bits with your coolp.to.org info

Code:

<VirtualHost *:443>
  ServerAdmin YOUREMAIL
  ServerName YOURSITE.COM
  DirectoryIndex index.php
  DocumentRoot /usr/local/www/apache24/data/nextcloud
  SSLCertificateFile /usr/local/etc/letsencrypt/live/YOURSITE.COM/fullchain.pem
  SSLCertificateKeyFile /usr/local/etc/letsencrypt/live/YOURSITE.COM/privkey.pem
  SSLEngine on
  # Intermediate configuration, tweak to your needs
  SSLProtocol  all -SSLv2 -SSLv3
  SSLCipherSuite  ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
  SSLHonorCipherOrder  on
  SSLCompression  off
  SSLOptions +StrictRequire
  <Directory /usr/local/www/apache24/data/nextcloud>
  AllowOverride all
  </Directory>
  <IfModule mod_headers.c>
  Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
  </IfModule>
  </VirtualHost>

to setup a complete cache with redis and apcu:

Code:

cd
make config-recursive install -C /usr/ports/databases/pecl-redis
make config-recursive install -C /usr/ports/devel/pecl-APCu

the execute the following commands:

Code:

$ su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set memcache.local --value="\OC\Memcache\APCu"'
$ su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set memcache.locking --value="\OC\Memcache\Redis"'
$ su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set redis host --value="/tmp/redis.sock"'
$ su -m www -c 'php /usr/local/www/apache24/data/nextcloud/occ config:system:set redis port --value=0 --type=integer'

to get rid of the below error message when restarting apache do the following:

Code:

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Stopping apache24.
Waiting for PIDS: 80591.
Performing sanity check on apache24 configuration:
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Starting apache24.
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message when stating apache do the following:

Run command:
nano /usr/local/etc/apache24/httpd.conf"

In the httpd.conf file under this section which reads:
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
ServerName your jails ip:80 <<<<<<<put your serving machines ip address and uncomment the line (uncomment simply means to remove the # symbol from the front of any line) and wala message will be fixed.

restart apache using the following command:
service apache24 restart

To add Domains that can connect from outside the lan:
navigate to: /usr/local/www/apache24/data/nextcloud/config/config.php

Code:

cd /usr/local/www/apache24/data/nextcloud/config/config.php

The file will look like the below:

Code:

<?php
$CONFIG = array (
'instanceid' => 'ocwo6kfuc3ve',
'passwordsalt' => '9s6vbvue6FZ3g2AklNJS4Y3S4Y3FG1',
'secret' => 'gzWPI+QgwkIKkYQwmgfGk7oGW87N/jaytyODIEgVfBjCek0y',
'trusted_domains' =>
array (
	0 => '192.168.1.30',
	1 => 'coolp.to.org',<<<add just like this
),
'datadirectory' => '/usr/local/www/apache24/data/nextcloud/data',
'overwrite.cli.url' => 'http://192.168.1.30',
'dbtype' => 'mysql',
'version' => '12.0.3.3',
'dbname' => 'nextcloud',
'dbhost' => 'localhost:/tmp/mysql.sock',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud_admin',
'dbpassword' => 'maria10 database password',
'installed' => true,
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
	'host' => '/tmp/redis.sock',

restart apache using the following command:
service apache24 restart


I cant use VI, its too cryptic so i choose to use nano to set cron jobs, to do so execute the following:

Code:

setenv VISUAL /usr/local/bin/nano
setenv EDITOR /usr/local/bin/nano

Setup NC's cron jobs:
crontab -u www -e

Code:

*/15 * * * * /usr/local/bin/php -f /usr/local/www/apache24/data/nextcloud/cron.php

And VOILA! YOU ARE DONE!!!!!

Now let secure this server so you can share with whoever you choose!!!!!!!!!!!!!

EXTRAS
SSL using Certbot

Download/Install Certbot
pkg install py27-certbot

certbot certonly --webroot -w /usr/local/www/apache24/data/nextcloud -d YOURSITE.COM

Navigate to /usr/local/etc/apache24/httpd.conf

Code:

cd /usr/local/etc/apache24/httpd.conf

in the httpd.conf file

Find Listen 80 and add underneath Listen 443

I don't know what the below command does but it works:

run command
nano /etc/make.conf

Then add to the 2nd line of the file

Code:

DEFAULT_VERSIONS+=php7.0

Restart Apache:
service apache24 restart

Add Cron Job:

crontab -e

Code:

* 1 * * 1 ./usr/local/bin/certbot renew --quiet

Using NC on separate NIC
Shut down the jail
Click Edit
Uncheck VIMAGE and select the NIC from the NIC drop down. Make sure your IP info didn't change.
Start jail and try to access your cloud. If all went well you'd basically see nothing changed as it will work as expected.


helpful commands and notes from install
to find a file:
enter command: find /usr -name "filename"

 

[Randy Smyth]

I have had this system up and going, with a few changes as mentioned in post #82.

Now I went to update the Certbot certificate I get errors.

"pkg_resources.DistributionNotFound: The 'acme==0.19.0' distribution was not found and is required by certbot"

All packages report they are upgraded and the newest release.

If I try to reinstall some of the packages I get

"make: "/usr/ports/Mk/bsd.port.mk" line 1173: UNAME_r (11.0-STABLE) and OSVERSION (1003000) do not agree on major version number."

I did update my freenass system from 10 to 11 a while ago. How do I go about fixing or updating my system so I can reissue a Certbot cert?

 

[ml99]

First off, thanks for this thread and to those who have contributed!

I'm looking for some help with the apache config, or at least that's where I believe my issue lies. Between the initial post and dureal99d's rewrite I've been able to get everything up and working, except for accessing nextcloud from my domain. I can access via internal and external ips, but whenever I use my domain it will not load.

Verified it's resolving to the external ip. Using wireshark it looks like it's getting redirected from http to https, which is not setup yet. I do plan on using https so I tried to set it up using certbot but it error'ed out saying that it could not connect to the site, I'm guessing for the same reason.

Noticed that it looks like there is a redirect setup on lines 5-6 below. I don't have a lot of experience with apache, but I went ahead and tried to simply remove the retwrite portions, set "Rewrite engine" to off, or change the "rewrite rule" to http but no luck.

Code:

<VirtualHost *:80>
DocumentRoot "/usr/local/www/apache24/data/nextcloud"
ServerName cloud.mydomain.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =cloud.mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /usr/local/www/apache24/data/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /usr/local/www/apache24/data/nextcloud
SetEnv HTTP_HOME /usr/local/www/apache24/data/nextcloud
Satisfy Any
</Directory>
</VirtualHost>

An advice on how to bypass the redirect, at least long enough to set up https? Or as to what else may be going on?

Thanks!

 

[dureal99d]

First off, thanks for this thread and to those who have contributed!

I'm looking for some help with the apache config, or at least that's where I believe my issue lies. Between the initial post and dureal99d's rewrite I've been able to get everything up and working, except for accessing nextcloud from my domain. I can access via internal and external ips, but whenever I use my domain it will not load.

Verified it's resolving to the external ip. Using wireshark it looks like it's getting redirected from http to https, which is not setup yet. I do plan on using https so I tried to set it up using certbot but it error'ed out saying that it could not connect to the site, I'm guessing for the same reason.

Noticed that it looks like there is a redirect setup on lines 5-6 below. I don't have a lot of experience with apache, but I went ahead and tried to simply remove the retwrite portions, set "Rewrite engine" to off, or change the "rewrite rule" to http but no luck.

Code:

<VirtualHost *:80>
DocumentRoot "/usr/local/www/apache24/data/nextcloud"
ServerName cloud.mydomain.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =cloud.mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /usr/local/www/apache24/data/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /usr/local/www/apache24/data/nextcloud
SetEnv HTTP_HOME /usr/local/www/apache24/data/nextcloud
Satisfy Any
</Directory>
</VirtualHost>

An advice on how to bypass the redirect, at least long enough to set up https? Or as to what else may be going on?

Thanks!

can you post the error feedback you get from the cli

 

[ml99]

When I try and setup certbot I get the following:

 

[dureal99d]

When I try and setup certbot I get the following:

View attachment 21572

on our router do you have port 80 and 443 open or forwarded to your freenas nextcloud jails IP? remember these 2 ports cannot be in use by anything.

 

[ml99]

I do have both of those forwarded to my Nextcloud jail. :/

 

[dureal99d]

I do have both of those forwarded to my Nextcloud jail. :/

im at work right now but when i get home i can do a teamviewer session to see if we can solve your issue

 

[ml99]

Thanks. Still not sure why it wouldn't connect over http, but I was able to get around it by setting up a self signed cert and then running the certbot config.