Welcome! Log In Create A New Profile

Advanced

Nextcloud 17 on Pogoplug E02

Posted by alexr 
Nextcloud 17 on Pogoplug E02
October 20, 2020 06:20PM
I thought I'd write a quick guide on installing Nextcloud 17 after seeing the Owncloud thread on this forum. It borrows heavily from a linuxbabe install guide linked here: https://www.linuxbabe.com/ubuntu/install-nextcloud-ubuntu-18-04-nginx-lemp . I've only tried this on a Pogoplug E02 with it's 256MB RAM but i don't see it being an issue on 128MB RAM Kirkwood devices as the system seems to idle around 55MB to 120MB range depending on what you're doing with it.

From my testing the least resource intensive setup involves using:
  • Debian Buster rootfs by bodhi
  • Hard drive of some kind or very fast sd card for the rootfs. (will run on a usb thumb drive but will be slower than it needs to be)
  • Sysv init system
  • PHP 7.3
  • Nginx
  • SQlite for database. Can't speak to it's long term stability but in my limited testing it's fine.

Optional: ZRAM to help in low mem situations. You can use a traditional swapfile or Zswap if you like but some form of swap is highly recommended.

1) Starting from a fresh install of Debian Buster perform the standard new install steps.
rm /etc/ssh/ssh_host*
ssh-keygen -A
passwd
apt-get update && apt-get upgrade

if you see:
update-initramfs: Generating /boot/initrd.img-5.2.9-kirkwood-tld-1
Then regenerate the uInitrd boot file as per bodhi's instructions:
cd /boot
mkimage -A arm -O linux -T ramdisk -C gzip -a 0x00000000 -e 0x00000000 -n initramfs-5.2.9-kirkwood-tld-1 -d initrd.img-5.2.9-kirkwood-tld-1 uInitrd

2) Install a few missing utils:
apt-get install curl ca-certificates locales unzip

configure timezone and locales:
dpkg-reconfigure tzdata
dpkg-reconfigure locales
locales should have at the minimum en_US.UTF-8 selected. This might vary depending on language preference/system config.

3) Optional ZRAM step:

create zram config file
nano /etc/init.d/zram
paste the following into new blank file
# Author: Antonio Galea <antonio.galea@gmail.com>
#
# Thanks to Przemysław Tomczyk for suggesting swapoff parallelization
# Distributed under the GPL version 3 or later, see terms at
# https://gnu.org/licenses/gpl-3.0.txt

### BEGIN INIT INFO
# Provides:          zram
# Required-Start:    $local_fs
# Required-Stop:     $local_fs
# Default-Start:     S
# Default-Stop:      0 1 6
# Short-Description: Use compressed RAM as in-memory swap
# Description:       Use compressed RAM as in-memory swap
### END INIT INFO

FRACTION=75
MEMORY=$(perl -ne '/^MemTotal:\s+(\d+)/ && print $1*1024' < /proc/meminfo)
CPUS=$(nproc)
SIZE=$((MEMORY * FRACTION / 100 / CPUS))

case "$1" in
    start)
        param=$(modinfo zram | grep num_devices | cut -f2 -d: | tr -d ' ')
        modprobe zram $param=$CPUS

        for n in $(seq $CPUS)
        do
            i=$((n - 1))
            echo $SIZE > /sys/block/zram$i/disksize
            mkswap /dev/zram$i
            swapon /dev/zram$i --priority 10
        done
        ;;
    stop)
        for n in $(seq $CPUS)
        do
            i=$((n - 1))
            swapoff /dev/zram$i && echo "zram: disabled disk $n of $CPUS" &
        done

        wait
        sleep .5
        modprobe --remove zram
        ;;
    *)
        echo "Usage: $(basename $0) (start | stop)"
        exit 1
        ;;
esac

# End of file

make it executable:
chmod +x /etc/init.d/zram

There's a slight quirk with the rootfs as it throws up an error complaining about:
insserv: FATAL: service rpcbind is missed in the runlevels 2 3 4 5 to use service nfs-common
in the next step so it is necessary to perform the following actions to fix it:
apt-get remove --purge rpcbind nfs-common
apt-get install rpcbind nfs-common
insserv zram

Now just reboot to enable ZRAM:
shutdown -r now

4) Install Nginx
apt-get install nginx

Remove the default symlink in sites-enabled directory:
rm /etc/nginx/sites-enabled/default

Extend timeout window by editing /etc/nginx/nginx.conf:
nano /etc/nginx/nginx.conf

paste the following into the "http" section:
fastcgi_connect_timeout 60;
fastcgi_send_timeout 1800;
fastcgi_read_timeout 1800;

should look like this:
...
events {
	worker_connections 768;
	# multi_accept on;
}

http {

        fastcgi_connect_timeout 60;
        fastcgi_send_timeout 1800;
        fastcgi_read_timeout 1800;

	##
	# Basic Settings
	##
...

5) Install PHP 7.3
apt-get install php7.3 php7.3-fpm php7.3-mysql php-common php7.3-cli php7.3-common php7.3-json php7.3-opcache php7.3-readline php7.3-mbstring php7.3-xml php7.3-gd php7.3-curl
and
apt-get install php-imagick php7.3-common php7.3-mysql php7.3-fpm php7.3-gd php7.3-json php7.3-curl  php7.3-zip php7.3-xml php7.3-mbstring php7.3-bz2 php7.3-intl php7.3-bcmath php7.3-sqlite3

6) Download / Install Nextcloud
wget https://download.nextcloud.com/server/releases/nextcloud-17.0.10.zip
Other versions can be obtained at nextcloud.com/changelog

Extract zip to /usr/share/nginx/:
unzip nextcloud-17.0.10.zip -d /usr/share/nginx/

change ownership of nextcloud directory to www-data user:
chown -R www-data:www-data /usr/share/nginx/nextcloud/

Create nextcloud.conf:
nano /etc/nginx/conf.d/nextcloud.conf

paste the following into it:
server {
    listen 80;
    listen [::]:80;
    server_name _;

    # Add headers to serve security related headers
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    add_header Referrer-Policy no-referrer;

    #I found this header is needed on Ubuntu, but not on Arch Linux. 
    add_header X-Frame-Options "SAMEORIGIN";

    # Path to the root of your installation
    root /usr/share/nginx/nextcloud/;

    access_log /var/log/nginx/nextcloud.access;
    error_log /var/log/nginx/nextcloud.error;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;

    location = /.well-known/carddav {
        return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
       return 301 $scheme://$host/remote.php/dav;
    }

    location ~ /.well-known/acme-challenge {
      allow all;
    }

    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;

    # Disable gzip to avoid the removal of the ETag header
    gzip off;

    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;

    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    location / {
       rewrite ^ /index.php;
    }

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
       deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
       deny all;
     }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
       include fastcgi_params;
       fastcgi_split_path_info ^(.+\.php)(/.*)$;
       try_files $fastcgi_script_name =404;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param PATH_INFO $fastcgi_path_info;
       #Avoid sending the security headers twice
       fastcgi_param modHeadersAvailable true;
       fastcgi_param front_controller_active true;
       fastcgi_pass unix:/run/php/php7.3-fpm.sock;
       fastcgi_intercept_errors on;
       fastcgi_request_buffering off;
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
       try_files $uri/ =404;
       index index.php;
    }

    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=7200";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        add_header Referrer-Policy no-referrer;
        # Optional: Don't log access to assets
        access_log off;
   }

   location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log off;
   }
}

verify conf file with:
nginx -t
which should respond with:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

finally reload nginx:
service nginx reload

7) Nextcloud Data Directory
The final-ish step in the install process is setting the location of the data directory for nextcloud. Essentially where your files will live when uploaded to your nextcloud install. For security purposes you'll want to have it live outside of /usr/share/nginx/nextcloud. Once you have decided on the location change the directories ownership:
chown -R www-data:www-data /LOCATION/YOU/CHOSE

8) Finalizing Install
With your web browser visit http://PogoPlugIP/nextcloud. Create your admin user and give it a password. Make sure to specify where your data directory is and to choose SQlite as your database (should already be selected). Click "Finish Setup". Don't panic if it times out and goes to a 504 Gateway Timeout page the install will continue without issue. It's helpful to run 'htop' on the pogoplug while the install process is going. Once you see the cpu activity subside, that's a good sign the install process is done.

Visit http://PogoPlugIP/login and login with the admin user you created.

9) Performance Tweaks
The main culprits i can identify as taxing the CPU/RAM are:

- Thumbnail generation (tip via hacksome's thread)
- Video playback

Disable thumbnails:
nano /usr/share/nginx/nextcloud/config/config.php
add the following to near the bottom of config file:
'enable_previews' => false,

Should look like this:
<?php
$CONFIG = array (
  'instanceid' => 'ocp#######',
  'passwordsalt' => 'c0##########################',
  'secret' => 'Jx5############################################',
  'trusted_domains' => 
  array (
    0 => 'Pogo.Plug.IP',
  ),
  'datadirectory' => 'NextCloud/Data/Directory',
  'dbtype' => 'sqlite3',
  'version' => '17.0.10.1',
  'overwrite.cli.url' => 'http://Pogo.Plug.IP';,
  'installed' => true,
  'enable_previews' => false,
);

Reload Nginx:
service nginx reload

Disable Video playback:

This one can be done from within the UI: Click on the gear on the top right, choose 'Apps' and then disable the "video player" app.

That should do it, If you have any questions or notice any errors please let me know.



Edited 4 time(s). Last edit at 10/21/2020 01:18AM by alexr.
Re: Nextcloud 17 on Pogoplug E02
October 20, 2020 11:18PM
alexr,

Very well done :) Thanks.

Added to the Wiki:

Quote

Home Cloud

OwnCloud optimization
Owncloud 10 on Debian Buster - Pogo V3 OXNAS
Nextcloud 17 on Pogoplug E02

-bodhi
===========================
Forum Wiki
bodhi's corner
Author:

Your Email:


Subject:


Spam prevention:
Please, enter the code that you see below in the input field. This is for blocking bots that try to post this form automatically. If the code is hard to read, then just try to guess it right. If you enter the wrong code, a new image is created and you get another chance to enter it right.
Message: