Différences

Ci-dessous, les différences entre deux révisions de la page.

--- nextcloud_dans_lxc_-_2 [2019/10/29 09:00] – simon
+++ nextcloud_dans_lxc_-_2 [Date inconnue] (Version actuelle) – supprimée - modification externe (Date inconnue) 127.0.0.1
@@ Ligne 1: / Ligne 1: @@
-====== Nextcloud dans lxc - 2 ======
-<WRAP center round important 60%>
-/10/2019 : Essais d'une installation complète en suivant le tutoriel [[https://www.c-rieger.de/nextcloud-installation-guide-debian-9-10/]] et mes notes sur [[lxc]].
-</WRAP>
-===== lxc =====
-<code bash>
-lxc-create -t download -n nextcloud2 -- --dist debian --release buster --arch amd64
-</code>
-On configure ce qu'il faut pour avoir une IP statique (voir [[lxc]]).
-===== prérequis =====
-<code bash>
-# lxc-attach nextcloud2
-root@nextcloud3:/# apt update
-root@nextcloud3:/# apt install curl wget sudo gnupg2 git lsb-release ssl-cert ca-certificates apt-transport-https tree locate software-properties-common dirmngr htop net-tools zip unzip curl ffmpeg ghostscript libfile-fcntllock-perl -y
-</code>
-===== Dépôts pour Nginx, PHP et MariaDB =====
-==== Nginx ====
-<code bash>
-# cd /etc/apt/sources.list.d
-# echo "deb [arch=amd64] http://nginx.org/packages/mainline/debian $(lsb_release -cs) nginx" | tee nginx.list
-# curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add -
-</code>
-==== PHP ====
-<code bash>
-# cd /etc/apt/sources.list.d
-# echo "deb [arch=amd64] https://packages.sury.org/php/ $(lsb_release -cs) main" | tee php.list
-# root@nextcloud3:/etc/apt/sources.list.d# wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
-OK
-</code>
-==== MariaDB ====
-<code bash>
-# cd /etc/apt/sources.list.d
-# echo "deb [arch=amd64] http://mirror2.hs-esslingen.de/mariadb/repo/10.4/debian $(lsb_release -cs) main" | tee mariadb.list
-# apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8
-Executing: /tmp/apt-key-gpghome.RwXWJVNDat/gpg.1.sh --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8
-gpg: clef F1656F24C74CD1D8 : clef publique « MariaDB Signing Key <signing-key@mariadb.org> » importée
-gpg:       Quantité totale traitée : 1
-gpg:                     importées : 1
-</code>
-==== Upgrade ====
-On met à jour :
-<code bash>
-# apt update && apt upgrade -y
-# make-ssl-cert generate-default-snakeoil -y
-# apt remove nginx nginx-extras nginx-common nginx-full -y --allow-change-held-packages
-# apt autoremove
-</code>
-===== Installations et configurations =====
-==== Nginx ====
-<code bash>
-# apt install nginx -y
-# nginx -V
-nginx version: nginx/1.17.5
-# systemctl enable nginx.service
-# mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak && touch /etc/nginx/nginx.conf
-root@nextcloud3:/etc/apt/sources.list.d# ip a
-(...)
-: eth0@if28: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
-(...)
-    inet 10.0.3.162/24 brd 10.0.3.255 scope global dynamic eth0
-(...)
-root@nextcloud3:/etc/apt/sources.list.d# vim /etc/nginx/nginx.conf
-root@nextcloud3:/etc/apt/sources.list.d# cat /etc/nginx/nginx.conf
-user www-data;
-worker_processes auto;
-pid /var/run/nginx.pid;
-events {
-	worker_connections 1024;
-	multi_accept on;
-	use epoll;
-}
-http {
-	server_names_hash_bucket_size 64;
-	upstream php-handler {
-		server unix:/run/php/php7.3-fpm.sock;
-	}
-	set_real_ip_from 127.0.0.1;
-	set_real_ip_from 10.0.3.0/24;
-	real_ip_header X-Forwarded-For;
-	real_ip_recursive on;
-	include /etc/nginx/mime.types;
-	#include /etc/nginx/proxy.conf;
-	#include /etc/nginx/ssl.conf;
-	#include /etc/nginx/header.conf;
-	#include /etc/nginx/optimization.conf;
-	default_type application/octet-stream;
-	access_log /var/log/nginx/access.log;
-	error_log /var/log/nginx/error.log warn;
-	sendfile on;
-	send_timeout 3600;
-	tcp_nopush on;
-	tcp_nodelay on;
-	open_file_cache max=500 inactive=10m;
-	open_file_cache_errors on;
-	keepalive_timeout 65;
-	reset_timedout_connection on;
-	server_tokens off;
-	resolver 10.0.3.162 valid=30s;
-	#resolver 127.0.0.53 valid=30s; is recommended but reuqires a valid resolver configuration
-	resolver_timeout 5s;
-	include /etc/nginx/conf.d/*.conf;
-}
-</code>
-On teste la config et on redémarre nginx :
-<code bash>
-# nginx -t && service nginx restart
-</code>
-On crée le dossier nextcloud et on lui met les bons droits :
-<code bash>
-# mkdir -p /var/nextcloud
-# chown -R www-data:www-data /var/nextcloud/
-</code>
-==== PHP ====
-<code bash>
-# apt update && apt install php7.3-fpm php7.3-gd php7.3-mysql php7.3-curl php7.3-xml php7.3-zip php7.3-intl php7.3-mbstring php7.3-json php7.3-bz2 php7.3-ldap php-apcu imagemagick php-imagick php-smbclient -y
-</code>
-<WRAP center round important 60%>
-Je ne mets pas de "#" devant les commandes suivantes pour simplifier les copier/coller de plusieurs lignes. Elles sont à exécuter en root.
-</WRAP>
-Backup des configurations :
-<code bash>
-cp /etc/php/7.3/fpm/pool.d/www.conf /etc/php/7.3/fpm/pool.d/www.conf.bak
-cp /etc/php/7.3/cli/php.ini /etc/php/7.3/cli/php.ini.bak
-cp /etc/php/7.3/fpm/php.ini /etc/php/7.3/fpm/php.ini.bak
-cp /etc/php/7.3/fpm/php-fpm.conf /etc/php/7.3/fpm/php-fpm.conf.bak
-cp /etc/ImageMagick-6/policy.xml /etc/ImageMagick-6/policy.xml.bak
-</code>
-<code bash>
-cp /etc/php/7.3/fpm/pool.d/www.conf /etc/php/7.3/fpm/pool.d/www.conf.bak
-cp /etc/php/7.3/cli/php.ini /etc/php/7.3/cli/php.ini.bak
-cp /etc/php/7.3/fpm/php.ini /etc/php/7.3/fpm/php.ini.bak
-cp /etc/php/7.3/fpm/php-fpm.conf /etc/php/7.3/fpm/php-fpm.conf.bak
-cp /etc/ImageMagick-6/policy.xml /etc/ImageMagick-6/policy.xml.bak
-sed -i "s/;env\[HOSTNAME\] = /env[HOSTNAME] = /" /etc/php/7.3/fpm/pool.d/www.conf
-sed -i "s/;env\[TMP\] = /env[TMP] = /" /etc/php/7.3/fpm/pool.d/www.conf
-sed -i "s/;env\[TMPDIR\] = /env[TMPDIR] = /" /etc/php/7.3/fpm/pool.d/www.conf
-sed -i "s/;env\[TEMP\] = /env[TEMP] = /" /etc/php/7.3/fpm/pool.d/www.conf
-sed -i "s/;env\[PATH\] = /env[PATH] = /" /etc/php/7.3/fpm/pool.d/www.conf
-sed -i "s/output_buffering =.*/output_buffering = 'Off'/" /etc/php/7.3/cli/php.ini
-sed -i "s/max_execution_time =.*/max_execution_time = 3600/" /etc/php/7.3/cli/php.ini
-sed -i "s/max_input_time =.*/max_input_time = 3600/" /etc/php/7.3/cli/php.ini
-sed -i "s/post_max_size =.*/post_max_size = 10240M/" /etc/php/7.3/cli/php.ini
-sed -i "s/upload_max_filesize =.*/upload_max_filesize = 10240M/" /etc/php/7.3/cli/php.ini
-sed -i "s/;date.timezone.*/date.timezone = Europe\/\Brussels/" /etc/php/7.3/cli/php.ini
-sed -i "s/memory_limit = 128M/memory_limit = 512M/" /etc/php/7.3/fpm/php.ini
-sed -i "s/output_buffering =.*/output_buffering = 'Off'/" /etc/php/7.3/fpm/php.ini
-sed -i "s/max_execution_time =.*/max_execution_time = 3600/" /etc/php/7.3/fpm/php.ini
-sed -i "s/max_input_time =.*/max_input_time = 3600/" /etc/php/7.3/fpm/php.ini
-sed -i "s/post_max_size =.*/post_max_size = 10240M/" /etc/php/7.3/fpm/php.ini
-sed -i "s/upload_max_filesize =.*/upload_max_filesize = 10240M/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;date.timezone.*/date.timezone = Europe\/\Berlin/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;session.cookie_secure.*/session.cookie_secure = True/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;opcache.enable=.*/opcache.enable=1/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;opcache.enable_cli=.*/opcache.enable_cli=1/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;opcache.memory_consumption=.*/opcache.memory_consumption=128/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;opcache.interned_strings_buffer=.*/opcache.interned_strings_buffer=8/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;opcache.max_accelerated_files=.*/opcache.max_accelerated_files=10000/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;opcache.revalidate_freq=.*/opcache.revalidate_freq=1/" /etc/php/7.3/fpm/php.ini
-sed -i "s/;opcache.save_comments=.*/opcache.save_comments=1/" /etc/php/7.3/fpm/php.ini
-sed -i "s/rights=\"none\" pattern=\"PS\"/rights=\"read|write\" pattern=\"PS\"/" /etc/ImageMagick-6/policy.xml
-sed -i "s/rights=\"none\" pattern=\"EPI\"/rights=\"read|write\" pattern=\"EPI\"/" /etc/ImageMagick-6/policy.xml
-sed -i "s/rights=\"none\" pattern=\"PDF\"/rights=\"read|write\" pattern=\"PDF\"/" /etc/ImageMagick-6/policy.xml
-sed -i "s/rights=\"none\" pattern=\"XPS\"/rights=\"read|write\" pattern=\"XPS\"/" /etc/ImageMagick-6/policy.xml
-</code>
-<code bash>
-# service php7.3-fpm restart
-# service nginx restart
-</code>