Setup nextcloud/owncloud on Gentoo linux

Published on Author Artem ButusovLeave a comment

Configure Portage

Create portage folders for accepted keywords and use flags (if you don’t have them yet):

mkdir -p /etc/portage/package.accept_keywords
mkdir -p /etc/portage/package.use

Setup MySQL

Install the mysql-like server (mysql or mariadb or percona-server):

echo "dev-db/percona-server" > /etc/portage/package.accept_keywords/percona-server
emerge percona-server

Edit: nano /etc/mysql/my.cnf

...
[mysqld]
innodb_data_file_path = ibdata1:10M:autoextend
innodb_buffer_pool_size = 128M
innodb_log_file_size = 32M

Add to auto load and start:

rc-update add mysql default
/etc/init.d/mysql start

Setup PHP / Apache

Configure PHP / Apache options:

echo "dev-lang/php apache2 pdo mysql mysqli zip xmlreader xmlwriter sqlite sockets mhash intl imap ftp gd curl truetype" > /etc/portage/package.use/php
echo "app-eselect/eselect-php apache2" >> /etc/portage/package.use/php

Edit: nano /etc/portage/make.conf

PHP_INI_VERSION="production"
PHP_TARGETS="php7-1"

Edit: nano /etc/conf.d/apache2

APACHE2_OPTS="-D PHP -D SSL -D DEFAULT_VHOST -D SSL_DEFAULT_VHOST"

Install PHP / Apache:

emerge php apache

Setup cron

emerge vixie-cron
rc-update add vixie-cron default
/etc/init.d/vixie-cron start

Setup virtual host

Edit host: nano /etc/apache2/vhosts.d/02_nextcloud.artembutusov.com.conf

<VirtualHost *:80>
    Include /etc/apache2/vhosts.d/nextcloud.artembutusov.com.include
    Redirect "/" "https://nextcloud.artembutusov.com/"
</VirtualHost>

<VirtualHost *:443>
    Include /etc/apache2/vhosts.d/nextcloud.artembutusov.com.include
    Include /etc/apache2/vhosts.d/artembutusov.com_ssl.include
</VirtualHost>

Edit host options: nano /etc/apache2/vhosts.d/nextcloud.artembutusov.com.include

ServerName nextcloud.artembutusov.com
ServerAlias www.nextcloud.artembutusov.com
ServerAlias owncloud.artembutusov.com
ServerAlias www.owncloud.artembutusov.com

ServerAdmin yourname@domain.com

DocumentRoot "/var/www/nextcloud.artembutusov.com/htdocs"

ErrorLog /var/log/apache2/nextcloud.artembutusov.com-error.log
CustomLog /var/log/apache2/nextcloud.artembusutov.com-access.log \
            "%h %l %u %t %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

<Directory "/var/www/nextcloud.artembutusov.com/htdocs">
    Options FollowSymLinks
    AllowOverride All
    Require all granted

    Header set Cache-Control "must-revalidate, max-age=0"
</Directory>

Edit host SSL options: nano /etc/apache2/vhosts.d/artembutusov.com_ssl.include

Include /etc/apache2/vhosts.d/ssl_options.include

SSLCertificateFile  /etc/letsencrypt/live/artembutusov.com/cert.pem
SSLCertificateKeyFile   /etc/letsencrypt/live/artembutusov.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/artembutusov.com/chain.pem

You could use Mozilla SSL configuration recommendations from: https://mozilla.github.io/server-side-tls/ssl-config-generator/

Edit default host SSL options: nano /etc/apache2/vhosts.d/ssl_options.include

# enable SSL
SSLEngine               on

# HSTS (mod_headers is required) (15768000 seconds = 6 months)
Header always set Strict-Transport-Security "max-age=15768000"

# intermediate configuration, tweak to your needs
SSLProtocol             all -SSLv3
SSLCipherSuite          ...
SSLHonorCipherOrder     on
SSLCompression          off
SSLSessionTickets   off

# OCSP Stapling, only in httpd 2.3.3 and later
SSLUseStapling          on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
# line below should be set in /etc/apache2/modules.d/40_mod_ssl.conf
#SSLStaplingCache      shmcb:/var/run/ocsp(128000)

# for ancient IE ?
#<IfModule setenvif_module>
#    BrowserMatch ".*MSIE.*" \
#        nokeepalive ssl-unclean-shutdown \
#        downgrade-1.0 force-response-1.0
#</IfModule>

Edit global SSL options: nano /etc/apache2/modules.d/40_mod_ssl.conf

# we have to put this line here because it can't be inside VirtualHost
SSLStaplingCache    shmcb:/var/run/ocsp(128000)

Enable compression: nano /etc/apache2/modules.d/00_mod_deflate.conf

AddOutputFilterByType DEFLATE text/html text/css application/javascript text/javascript application/x-javascript

Add apache to auto load and start:

rc-update add apache default
/etc/init.d/apache2 start

Setup nextcloud

Configure:

echo www-apps/nextcloud > /etc/portage/package.accept_keywords/nextcloud
echo www-apps/nextcloud mysql > /etc/portage/package.use/nextcloud
emerge nextcloud

Install webapp (where A.B.C is the newest version):

webapp-config --install nextcloud "A.B.C" --host nextcloud.artembutusov.com --dir /

Fix permissions on nextcloud:

chown -R apache:apache /var/www/nextcloud.artembutusov.com/htdocs
chown root:root /var/www/nextcloud.artembutusov.com/htdocs/.webapp*

Enable rewrite for nextcloud (will make URLs easier): add 'htaccess.RewriteBase' => '/' into /var/www/nextcloud.artembutusov.com/htdocs/config/config.php

Update apache .htaccess:

sudo -u apache /var/www/nextcloud.artembutusov.com/htdocs/occ maintenance:update:htaccess

Setup cron: nano /etc/cron.d/nextcloud

*/15 * * * *    apache  php -f /var/www/nextcloud.artembutusov.com/htdocs/cron.php

Update nextcloud (when will be needed)

Merge last version:

emerge nextcloud -1

Update to last version (where A.B.C is the newest version):

webapp-config --upgrade nextcloud "A.B.C" --host nextcloud.artembutusov.com --dir /

Open your nextcloud, in my case it is https://nextcloud.artembutusov.com

Confirm database update.

DONE!

Related posts:

  1. Modify Linux Kernel Font
  2. Gentoo on MacBook Pro Retina Part 1: Base System
  3. Gentoo On MacBook Pro Retina Part 2: Gnome 3
  4. Recover GCC on Gentoo

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.