IT/Software/Web Applications/NextCloud: Difference between revisions

From msgwiki
Jump to navigation Jump to search
Access restrictions were established for this page. If you see this message, you have no access to this page.
No edit summary
 
(41 intermediate revisions by 3 users not shown)
Line 1: Line 1:
====This is an amazing tool that as of now (May 1 2020) is getting amazingly fast development.====
==== This is an amazing tool that as of now (March 1 2022) is getting amazingly fast development. ====
As with most things of this sort the prices will soon appear and it will become a paid product
As with most things of this sort the prices will soon appear and it will become a paid product


===Install===
===Install===
There are many ways to install.  I prefer the apt method and NOT snap of flatpak.
<code>sudo add-apt-repository ppa:nextcloud-devs/client -y</code>
<code>sudo apt install nextcloud-client -y</code>


===Configure===
===Configure===
Line 8: Line 14:


===Update===
===Update===
This can now(since 17) be done via the gui.
This can now(since 17) be done via the gui. Older versions need:
 
<code>sudo -u www-data php /var/www/html/next.msgcnx/updater/updater.phar</code>
 
You can still update with the above command. (29.04>>29.05) It is far more reliable than the web gui.
 
To Update: Click on the picture of the main admin user. Click on Settings
 
Now you will see "Administration" on the left. Click on "Overview"
 
Read the Update Check notes carefully and attend to them one by one.
 
*php version is the limit from version 19.04 on Ubuntu Server 18.04
 
Sometimes due to a permissions issue it will say in read that .ocdata is not there.
 
*The update will still run.
 
====If your update Hangs or fails.====
Sometimes things happen. 
 
Maybe you get this error:
 
Upgrade stuck at “Step 4 is currently in process. Please reload this page later”
 
Repair with
 
<code>sudo -u www-data php /path/to/occ maintenance:repair</code>
 
The path is typically <code> /var/www/html/next.msgxxx/occ</code>
 
works for me to, but you may need to use:(specify php version)
 
<code>sudo -u www-data php7.2 /path/to/occ maintenance:repair</code>
 
If it is still not working you can try to run the upgrade from occ (you may need to specify phpX.X)
 
<code>sudo -u www-data php /path/to/occ upgrade</code>
 
If you update and then you get nothing.  Just no page loads.
 
Try to go to the site/updater
 
hopefully you will get the Step 4 error message now.
 
There are lots of things to fix when upgrading from 19 to 20.
You should add caching


Older versions need
*Install APCu from the Package Manager
*Add this line to the bottom of your /nextcloud/config/config.php


<code>sudo -u www-data php /var/www/html/next.msgcnx/updater/updater.phar</code>
<code>'memcache.local' => '\OC\Memcache\APCu',</code>
 
Then restart apache
 
Buried in your php config files in mods-available is apcu.ini
 
Add this line
 
<code>apc.enable_cli=1</code>


===Tricks===
===Tricks===
Line 32: Line 93:
*files:scan is the actual command or program that runs.
*files:scan is the actual command or program that runs.


==== Maintenance Mode ====
====Maintenance Mode====
You can turn it on and off with the following command.
You can turn it on and off with the following command.
The command below is one of the two.  We hope you can figure out which one it is and which one is the other!<br />
<code>sudo -u www-data php /var/www/html/next.msgcnx/occ maintenance:mode --off
</code>
====Removing Errors====
=====Invalid Modification Times=====
Occasionally you will sync up large unknown directories.  There can be all kinds of problems with the naming and structure of the files.  Two common errors are "Invalid Modification Time" and leading or trailing spaces in file names.
To fix the Modification time you can use the find command described [[IT/Software/Command Line#Find|here]].
=====Strict Transport Headers=====
Add this in the ssl vhosts file.
<code>
    <IfModule mod_headers.c>
      Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
    </IfModule>
</code>
You need to enable mod_headers
sudo a2enmod headers
=====Allow .htaccess to be read=====
You need to enable the reading of and overriding by .htaccess in the vhosts file.
    <Directory /var/www/html/next.msgcnx/>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
You may also need to edit the .htaccess file in the root of your NextCloud instance.  (this is a bit fuzzy)
I changed mine and after adding the redirects below it was changed back.
=====caldav and carddav errors=====
Sometimes these features may work even if the error persists.
Read the above section on .htaccess.  That MUST be done first.
Add the following lines to vhosts ssl.conf
  Redirect 301 /.well-known/carddav <nowiki>https://next.msgcnx.com/remote.php/dav</nowiki>
  Redirect 301 /.well-known/caldav <nowiki>https://next.msgcnx.com/remote.php/dav</nowiki>
=====Caching=====
Install APCu from the package manager
Add this line to your NextCloud config.php at the bottom.
  'memcache.local' => 'OC\Memcache\APCu',
=====Database errors=====
These all have to be handled one at a time.  Follow the onscreen instructions.
=====Integrity Check=====
Sometimes you change a file after an update.  Its hash now doesn't match the one that NC is looking for.
this can happen with htaccess.
<code>sudo -u www-data php /var/www/nextcloud/occ maintenance:update:htaccess<br /></code>
=====php-imagick has no SVG support=====
If you see an error message saying "Module php-imagick in this instance has no SVG support. For better compatibility it is recommended to install it." try to install libmagickcore-6.q16-6-extra with <code>apt-get install libmagickcore-6.q16-6-extra</code>
sources:
https://serverok.in/module-php-imagick-in-this-instance-has-no-svg-support
https://techoverflow.net/2021/08/17/how-to-fix-docker-nextcloud-module-php-imagick-in-this-instance-has-no-svg-support-for-better-compatibility-it-is-recommended-to-install-it/
====== Moving contacts and contact groups from one instance to another ======
To migrate contact groups from one instance to another is very easy. Create a group on the source instance that contains all contacts, and then download that group. This will download all of the contacts on the instance, including all the groups each is a part of. Then on the destination server go to contacts, contacts settings, and choose import contacts and import the file.
===Desktop Client===
One error is the log files fill up the disk too fast.
They are located in /home/user/.config/Nextcloud
<code>find /home/walt/.config/Nextcloud/logs -name '*.gz' -type f -mmin +240  -exec rm {} \;</code>
Note that there are spaces between rm, {}, and \;
Explanation:
*The first argument is the path to the files. I would recommend using the full path, and make sure that you run the command first without the exec rm to make sure you are getting the right results.
*The second argument is -name and that only looks for files matching the pattern.
*The third argument is -type and will only look for files = f (You can use d for directory)
*The fourth argument, -mmin, is used to specify the number of minutes old the file is.
*The fifth argument, -exec, allows you to pass in a command such as rm. The {} \; at the end is required to end the command.
'''WARNING: Don't run crontab tasks that modify Nextcloud files on a schedule. If Nextcloud is running at 100% cpu constantly and the UI is freezing, this is probably why.'''
If the crontab has an entry something like
* * * * * chown -R walt:walt /nextcloudDir && chmod -R 0777 /nextcloudDir
then Nextcloud will be forced to rehash every file in the directory every minute, taking 100% cpu and causing it to fall far behind in sync. Replace with something like this (See the find command)
find /nextcloudDir ! -user walt -o ! -perm 0777 -exec chown walt:walt {} \; -exec chmod 0777 {} \;
This will find all files in the nextcloudDir that are not owned by the user walt (! -user walt) or (-o) are not 0777 permissions (! -perm 0777), then execute both the chown and chmod commands. If necessary (-o ! -group walt) can be added to detect files owned by the walt user but not the walt group.
===Change default page or landing page.===
When you login it goes by default to the dashboard. 
Most of us want access to our files or another app and not the weather. (we get enough of that from our colleagues)
Install the app apporder
Add one line near the bottom of config.php
<code>'defaultapp' => 'apporder'</code>
<br />
<br />
===To run FFMPEG conversion automatically from one dir to another===
This script with some modifications should be put in a root crontab to run every 5 minutes or so. It will compare and convert any files from $source_dir into $destination_dir using ffmpeg, chown them to www-data and sync the Nextcloud instance to recognize the new files. Any .mp4 files found in the destination dir without a matching .mov file will be deleted. Note the shortcut taken near the end with a manual path if using a different location. [[FFMPEG converter script|File]]
=== To setup memcache with Redis, APCU and Memcached ===
Install redis, memcached, and the php modules for redis, apcu and memcached.
sudo apt install redis-server php-redis php-apcu php-memcached memcached; sudo service apache2 restart
Optional but recommended: setup redis to run on a socket. Edit /etc/redis/redis.conf and change the following:
# Change the port from 6379 to 0 (disables port binding)
# Uncomment "unixsocket /var/run/redis/redis-server.sock"
# Uncomment the next line "unixsocketperm 700" and change to "unixsocketperm 770"
Add www-data to the redis group and restart redis:
sudo usermod -a -G redis www-data; sudo service redis restart; sudo service enable redis # Just in case it wasn't automatically enabled
Add the following to the nextcloud config:
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'memcache.distributed' => '\\OC\\Memcache\\Memcached',
'redis' =>
  array (
    'host' => '/run/redis/redis-server.sock',
    'port' => 0,
),
NOTE: not /var/run. . . just /run
Reopen Nextcloud and all should be dandy.
=== Federated shares ===
Federated shares are shares between Nextcloud instances. They are used to keep data sitting on one instance but access it through a user account from another. We use it to share school files across campuses.
To setup, inside administration settings, choose administration -> sharing and add other domains to the federated share trusted servers. After the next cron job, nextcloud will attempt to link and sync address books with the other instance. This should be done on both instances. After the cron runs, check if the color indicator next to the server entry changes. If it is green, you're all set. If it is yellow, the sync failed for some reason.
[https://github.com/nextcloud/server/issues/39941 There is a strange bug relating to this]([https://help.nextcloud.com/t/federated-fail-trusted-servers-all-on-yellow-not-green/164796 forum post]) caused by a mismatch in secret token exchanging between the instances. This can be worked around either by readding one of the trusted servers over and over again until it works (according to the bug report, not tested) or by manually planting a shared_secret in each of the databases and rerunning "occ federation:sync-addressbooks". Micah has synced each of the instances to each other by this method, using this CyberChef [https://gchq.github.io/CyberChef/#recipe=From_Hexdump()To_Base64('A-Za-z0-9%2B/%3D')&input=MDAwMDAwMDAgIGU5IDNlIDU5IGQ1IDRlIDc2IDU5IDNmIGFiIGVjIGY0IGI2IGIzIDc3IDA1IGNiICAKMDAwMDAwMTAgIDRmIDhjIGEyIGU5IDgxIDBkIDQzIDM0ICAgICAgICAgICAgICAgICAgICAgICAgICA recipe] to create new shared_secrets.

Latest revision as of 07:51, 8 November 2024

This is an amazing tool that as of now (March 1 2022) is getting amazingly fast development.

As with most things of this sort the prices will soon appear and it will become a paid product

Install

There are many ways to install. I prefer the apt method and NOT snap of flatpak.

sudo add-apt-repository ppa:nextcloud-devs/client -y


sudo apt install nextcloud-client -y

Configure

Make sure you have a big directory outside of www AND that the directory is web-writeable and mounted at boot.

Update

This can now(since 17) be done via the gui. Older versions need:

sudo -u www-data php /var/www/html/next.msgcnx/updater/updater.phar

You can still update with the above command. (29.04>>29.05) It is far more reliable than the web gui.

To Update: Click on the picture of the main admin user. Click on Settings

Now you will see "Administration" on the left. Click on "Overview"

Read the Update Check notes carefully and attend to them one by one.

  • php version is the limit from version 19.04 on Ubuntu Server 18.04

Sometimes due to a permissions issue it will say in read that .ocdata is not there.

  • The update will still run.

If your update Hangs or fails.

Sometimes things happen.

Maybe you get this error:

Upgrade stuck at “Step 4 is currently in process. Please reload this page later”

Repair with

sudo -u www-data php /path/to/occ maintenance:repair

The path is typically /var/www/html/next.msgxxx/occ

works for me to, but you may need to use:(specify php version)

sudo -u www-data php7.2 /path/to/occ maintenance:repair

If it is still not working you can try to run the upgrade from occ (you may need to specify phpX.X)

sudo -u www-data php /path/to/occ upgrade

If you update and then you get nothing. Just no page loads.

Try to go to the site/updater

hopefully you will get the Step 4 error message now.

There are lots of things to fix when upgrading from 19 to 20. You should add caching

  • Install APCu from the Package Manager
  • Add this line to the bottom of your /nextcloud/config/config.php

'memcache.local' => '\OC\Memcache\APCu',

Then restart apache

Buried in your php config files in mods-available is apcu.ini

Add this line

apc.enable_cli=1

Tricks

Syncing Files

  • This very important in the self hosted world. How do we put and get files outside of the app itself.
  • This can easily be done though you need root access.
  • Use rsync or similar to sync or copy programs right into the directories.
  • Then you need to run an occ (OwnCloudCommand) program with php to rescan for files. Then it will add all the files to the database.

sudo -u www-data php /var/www/html/mir.next.msgvte/occ --verbose --unscanned files:scan --all

  • -u will specify the user
  • php runs the current version of php.
  • --verbose or -V tell you more as it happens.
  • --unscanned will only check what has not been scanned. HUGE time savings.
  • files:scan is the actual command or program that runs.

Maintenance Mode

You can turn it on and off with the following command.

The command below is one of the two. We hope you can figure out which one it is and which one is the other!
sudo -u www-data php /var/www/html/next.msgcnx/occ maintenance:mode --off

Removing Errors

Invalid Modification Times

Occasionally you will sync up large unknown directories. There can be all kinds of problems with the naming and structure of the files. Two common errors are "Invalid Modification Time" and leading or trailing spaces in file names.

To fix the Modification time you can use the find command described here.

Strict Transport Headers

Add this in the ssl vhosts file.

    <IfModule mod_headers.c>

      Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"

    </IfModule>

You need to enable mod_headers

sudo a2enmod headers

Allow .htaccess to be read

You need to enable the reading of and overriding by .htaccess in the vhosts file.

    <Directory /var/www/html/next.msgcnx/>

        Options Indexes FollowSymLinks

        AllowOverride All

        Require all granted

    </Directory>

You may also need to edit the .htaccess file in the root of your NextCloud instance. (this is a bit fuzzy)

I changed mine and after adding the redirects below it was changed back.

caldav and carddav errors

Sometimes these features may work even if the error persists.

Read the above section on .htaccess. That MUST be done first.

Add the following lines to vhosts ssl.conf

  Redirect 301 /.well-known/carddav https://next.msgcnx.com/remote.php/dav

  Redirect 301 /.well-known/caldav https://next.msgcnx.com/remote.php/dav

Caching

Install APCu from the package manager

Add this line to your NextCloud config.php at the bottom.

  'memcache.local' => 'OC\Memcache\APCu',

Database errors

These all have to be handled one at a time. Follow the onscreen instructions.

Integrity Check

Sometimes you change a file after an update. Its hash now doesn't match the one that NC is looking for.

this can happen with htaccess.

sudo -u www-data php /var/www/nextcloud/occ maintenance:update:htaccess

php-imagick has no SVG support

If you see an error message saying "Module php-imagick in this instance has no SVG support. For better compatibility it is recommended to install it." try to install libmagickcore-6.q16-6-extra with apt-get install libmagickcore-6.q16-6-extra

sources: https://serverok.in/module-php-imagick-in-this-instance-has-no-svg-support

https://techoverflow.net/2021/08/17/how-to-fix-docker-nextcloud-module-php-imagick-in-this-instance-has-no-svg-support-for-better-compatibility-it-is-recommended-to-install-it/

Moving contacts and contact groups from one instance to another

To migrate contact groups from one instance to another is very easy. Create a group on the source instance that contains all contacts, and then download that group. This will download all of the contacts on the instance, including all the groups each is a part of. Then on the destination server go to contacts, contacts settings, and choose import contacts and import the file.

Desktop Client

One error is the log files fill up the disk too fast.

They are located in /home/user/.config/Nextcloud

find /home/walt/.config/Nextcloud/logs -name '*.gz' -type f -mmin +240  -exec rm {} \;

Note that there are spaces between rm, {}, and \;

Explanation:

  • The first argument is the path to the files. I would recommend using the full path, and make sure that you run the command first without the exec rm to make sure you are getting the right results.
  • The second argument is -name and that only looks for files matching the pattern.
  • The third argument is -type and will only look for files = f (You can use d for directory)
  • The fourth argument, -mmin, is used to specify the number of minutes old the file is.
  • The fifth argument, -exec, allows you to pass in a command such as rm. The {} \; at the end is required to end the command.

WARNING: Don't run crontab tasks that modify Nextcloud files on a schedule. If Nextcloud is running at 100% cpu constantly and the UI is freezing, this is probably why.

If the crontab has an entry something like

* * * * * chown -R walt:walt /nextcloudDir && chmod -R 0777 /nextcloudDir

then Nextcloud will be forced to rehash every file in the directory every minute, taking 100% cpu and causing it to fall far behind in sync. Replace with something like this (See the find command)

find /nextcloudDir ! -user walt -o ! -perm 0777 -exec chown walt:walt {} \; -exec chmod 0777 {} \;

This will find all files in the nextcloudDir that are not owned by the user walt (! -user walt) or (-o) are not 0777 permissions (! -perm 0777), then execute both the chown and chmod commands. If necessary (-o ! -group walt) can be added to detect files owned by the walt user but not the walt group.

Change default page or landing page.

When you login it goes by default to the dashboard.

Most of us want access to our files or another app and not the weather. (we get enough of that from our colleagues)

Install the app apporder

Add one line near the bottom of config.php

'defaultapp' => 'apporder'

To run FFMPEG conversion automatically from one dir to another

This script with some modifications should be put in a root crontab to run every 5 minutes or so. It will compare and convert any files from $source_dir into $destination_dir using ffmpeg, chown them to www-data and sync the Nextcloud instance to recognize the new files. Any .mp4 files found in the destination dir without a matching .mov file will be deleted. Note the shortcut taken near the end with a manual path if using a different location. File

To setup memcache with Redis, APCU and Memcached

Install redis, memcached, and the php modules for redis, apcu and memcached.

sudo apt install redis-server php-redis php-apcu php-memcached memcached; sudo service apache2 restart

Optional but recommended: setup redis to run on a socket. Edit /etc/redis/redis.conf and change the following:

  1. Change the port from 6379 to 0 (disables port binding)
  2. Uncomment "unixsocket /var/run/redis/redis-server.sock"
  3. Uncomment the next line "unixsocketperm 700" and change to "unixsocketperm 770"

Add www-data to the redis group and restart redis:

sudo usermod -a -G redis www-data; sudo service redis restart; sudo service enable redis # Just in case it wasn't automatically enabled

Add the following to the nextcloud config:

'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'memcache.distributed' => '\\OC\\Memcache\\Memcached',
'redis' => 
  array (
    'host' => '/run/redis/redis-server.sock',
    'port' => 0,
),

NOTE: not /var/run. . . just /run

Reopen Nextcloud and all should be dandy.

Federated shares

Federated shares are shares between Nextcloud instances. They are used to keep data sitting on one instance but access it through a user account from another. We use it to share school files across campuses.

To setup, inside administration settings, choose administration -> sharing and add other domains to the federated share trusted servers. After the next cron job, nextcloud will attempt to link and sync address books with the other instance. This should be done on both instances. After the cron runs, check if the color indicator next to the server entry changes. If it is green, you're all set. If it is yellow, the sync failed for some reason.

There is a strange bug relating to this(forum post) caused by a mismatch in secret token exchanging between the instances. This can be worked around either by readding one of the trusted servers over and over again until it works (according to the bug report, not tested) or by manually planting a shared_secret in each of the databases and rerunning "occ federation:sync-addressbooks". Micah has synced each of the instances to each other by this method, using this CyberChef recipe to create new shared_secrets.