-
In your Opalstack dashboard create a new "Nginx Proxy Port" application and attach it to a site with Let's Encrypt enabled on the site. Make a note of the app's name and port assignment, and the site domain.
-
In your Opalstack dashboard create a new MariaDB database and user. Make a note of the DB name, DB user name, and password.
-
SSH to your app's shell user and run the following commands:
cd ~/apps/appname git clone -b opalstack https://github.com/rsanden/userspace-fpm-installer.git cd userspace-fpm-installer -
In the
~/apps/appname/userspace-fpm-installerdirectory editconfigto resemble the following, replacing the app name, port assignment, and domain with your own:#!bash STACKNAME="appname" PREFIX="$HOME/apps/$STACKNAME/server" LOGDIR="$HOME/logs/apps/$STACKNAME" PORT="55555" DOMAIN1="domain.com" APPDIR1="$HOME/apps/$STACKNAME/nextcloud" SERVER_TYPE="nginx" PHP_VERSION="8.0" -
Still in the
~/apps/appname/userspace-fpm-installerdirectory execute the following command. This will set up the config and control scripts for a private Nginx+PHP-FPM stack:./install.bash -
Edit
~/apps/appname/server/conf/nginx.confto resemble the following, replacing the shell user name, app name, port assignment, and domain with your own:pid /home/shelluser/apps/appname/server/var/run/nginx.pid; error_log /home/shelluser/apps/appname/server/log/nginx_nc_error.log; events {} http { include /etc/nginx/mime.types; default_type application/octet-stream; client_body_temp_path /home/shelluser/apps/appname/server/tmp/client_body; fastcgi_temp_path /home/shelluser/apps/appname/server/tmp/fastcgi_temp; proxy_temp_path /home/shelluser/apps/appname/server/tmp/proxy_temp; scgi_temp_path /home/shelluser/apps/appname/server/tmp/scgi_temp; uwsgi_temp_path /home/shelluser/apps/appname/server/tmp/uwsgi_temp; log_format main '$http_x_forwarded_for - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'; access_log /home/shelluser/apps/appname/server/log/nginx_nc_access.log main; server { listen 55555; server_name domain.com; port_in_redirect off; # set max upload size client_max_body_size 512M; fastcgi_buffers 64 4K; # Enable gzip but do not remove ETag headers gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; # HTTP response headers borrowed from Nextcloud `.htaccess` add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; add_header Strict-Transport-Security "max-age=15552000" always; # Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; # Path to the root of your installation root /home/shelluser/apps/appname/nextcloud; index index.php index.html /index.php$request_uri; location = / { if ( $http_user_agent ~ ^DavClnt ) { return 302 /remote.php/webdav/$is_args$args; } } location = /robots.txt { allow all; log_not_found off; access_log off; } location ^~ /.well-known { location = /.well-known/carddav { return 301 https://$server_name/remote.php/dav; } location = /.well-known/caldav { return 301 https://$server_name/remote.php/dav; } location ^~ /.well-known { return 301 https://$server_name/index.php$uri; } try_files $uri $uri/ =404; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } location ~ \.php(?:$|/) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice fastcgi_param front_controller_active true; # Enable pretty urls fastcgi_pass unix:/home/shelluser/apps/appname/server/var/run/php-fpm.sock; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ \.(?:css|js|svg|gif)$ { try_files $uri /index.php$request_uri; expires 6M; # Cache-Control policy borrowed from `.htaccess` access_log off; # Optional: Don't log access to assets } location ~ \.woff2?$ { try_files $uri /index.php$request_uri; expires 7d; # Cache-Control policy borrowed from `.htaccess` access_log off; # Optional: Don't log access to assets } location / { try_files $uri $uri/ /index.php$request_uri; } } } -
Execute the following commands to download Nextcloud:
wget wget https://download.nextcloud.com/server/releases/nextcloud-24.0.4.tar.bz2 tar -jxf nextcloud-24.0.4.tar.bz2 -
Restart the stack:
~/apps/appname/server/bin/restart -
Visit the site you created in step 1 - the Nextcloud installation wizard will guide you through the rest of the setup.
Last active
August 24, 2022 01:49
-
-
Save defulmere/1e43e3cea9d0cefaae49e34b19f21d79 to your computer and use it in GitHub Desktop.
Nextcloud on Opalstack
@defulmere Well I sort it out back then. Honestly don't remember how it got solved.
Thanks for asking.
Updated to use latest Nextcloud and PHP 8, plus a couple of tweaks to the Nginx config to solve some errors that were appearing in the NC admin overview.
Updated to use correct scheme for redirects on caldav/cardav URLs.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks a lot!