--- Alias: ["Nextcloud server"] Tag: ["Computer", "Web", "Server", "Privacy", "Security"] Date: 2021-09-03 DocType: "Server" Hierarchy: "NonRoot" location: [48.8570517, 2.3677354] TimeStamp: 2021-09-23 CPU: 1Core RAM: 512MB StorageCapa: 128GB StorageType: HDD Bandwidth: 500GB Speed: 1Gbps OS: Ubuntu 20.04 Domiciliation: BG IPv4: 82.118.235.70 Hostname: sofstorage14 Host: AlphaVPS SubDomain: cloud UsedDiskSpace: 20% --- Parent:: [[mfxm Website Scope|mfxm.fr]] ---   ```button name Edit Server parameters type command action MetaEdit: Run MetaEdit id EditMetaData ``` ^button-CloudServerEdit ```button name Save type command action Save current file id Save ``` ^button-CloudServerSave   # Cloud Server   ```ad-abstract title: Summary collapse: open Server for Cloud storage and device syncing. ```   ```toc style: number ```   ---   ### Server parameters   ```ad-quote title: Dashboard access [https://alphavps.com/clients/](https://alphavps.com/clients/) ```   ```ad-quote title: Address The service will be located under **[cloud.mfxm.fr](https://cloud.mfxm.fr)** . ```   ---   ### Service   ```ad-abstract title: Nextcloud [[Nextcloud]] is a cloud storage management service offering a variety of Apps to manage data online. ```   #### Installation guide ```ad-info title: Installation [Tutorial](https://www.techrepublic.com/article/how-to-install-nextcloud-22-on-ubuntu-server-20-04/) ```   #### Installed dependencies   ##### Apache2 Webserver for [[Nextcloud]]. Apache2 has notorious issues with over-clogging memory usage (topping 100% of memory usage). In order to minimise memory usage, [[#APCu]] has been installed as a cache manager. In addition, Appache has been paired with: - **[php-fpm](https://www.php.net/manual/en/install.fpm.php)** for php7.4, enabling faster interaction between apache and backend. - the '**event**' multi-processing module ([MPM](https://tecadmin.net/apache-mpm-prefork-and-worker-and-event/)) enabling decluttering of processing between ports & Apache All relevant dependencies have been installed and the set-up tested. A comprehensive tutorial on the MPM switch can be found [here](https://www.digitalocean.com/community/tutorials/how-to-configure-apache-http-with-mpm-event-and-php-fpm-on-ubuntu-18-04) or [here](https://askubuntu.com/questions/1319861/how-to-configure-apache-http-to-php-fpm-on-ubuntu-20-10). **php.ini** files can be found at: ``` /etc/php/7.4/fpm/php.ini /etc/php/7.4/apache2/php.ini /etc/php/7.4/cli/php.ini ```   ##### Certbot Provides SSL certification from **Let's Encrypt**. Installation dependencies are different from Nginx and explained [here](https://linuxhint.com/secure-apache-lets-encrypt-ubuntu/)   ##### MySQL Nothing particular to note on MySQL apart from initial set-up and user management. Configuration file is under: `/etc/mysql/mysql.conf.d/mysqld.cnf` ```ad-tip title: Optimise memory usage of mysql In the conf file under the **_[mysqld]_** tag, add:   % Disable performance schema to hugely reduce RAM usage performance_schema = OFF ``` In order to restart mysql, the command is: `sudo service mysql restart`   ##### Security | Program name | Type | Description |----------------|------|------------- | **fail2ban** | Daemon | Blocks suspicious attempts to login | **unattended-upgrades** | Program | Enables automatic updates of installed programs and OS | **logwatch** | Daemon | Monitors activity on server and sends activity logs   ##### Postfix Mail Transfer Agent. Configuration is standard to allow for emails to be sent by programs / deamons / [[Nextcloud]] or others. Such a [[Postfix config|system]] is required for every server to work correctly.   ##### APCu Memory caching addon for Nextcloud. Memory caching management is provided by Nextcloud and needs to be set up as a system cron job. After installing APCu, the webserver needs to be **restarted** and the cron job defined: 1. **Define the cronjob** `sudo crontab -u www-data -e` 2. **Add cronjob** > \*/5 * * * * php -f /var/www/html/nextcloud/cron.php --define apc.enable_cli=1 3. **Verify that the cron job is added** `sudo crontab -u www-data -l`   ##### SVG support SVG support is installed in the form of a package. ``` sudo apt-get update -y sudo apt-get install -y libmagickcore-6.q16-6-extra ``` ##### UFW Firewall management.   ---   #### Server-side monitoring [Monit](https://mmonit.com/monit/documentation/monit.html) is a process and daemon monitoring tool. More information on operating the software can be found [[Monit config|here]]. List of monitored services: - System - SSH - Fail2ban - cron - Postfix - MySQL - Apache   ---   #### Service management Nextcloud offers two alternatives for manaing the service: 1. An admin webpanel 2. A command line tool   ##### Admin webpanel Accessed through login into the service with admin credentials. Sertings offer an admin section.   ##### Nextcloud command line tool From the server's command line, Nextcloud offers the ability to perform some tasks like user management.   ###### Introduction to the command [[Nextcloud]] offers a command-line tool which permission needs to be set to "executable". It is located here: `/var/www/html/nextcloud/occ` The tool needs to be invoked by the "www-data" user and compiled with PHP: `sudo -u www-data php /var/www/html/nextcloud/occ`   ###### Generic commands [[Nextcloud]] offers a simple description of all commands [here](https://docs.nextcloud.com/server/22/admin_manual/configuration_server/occ_command.html)   ---   #### Data transfer After each data transfer, run the following command to refresh [[Nextcloud]]'s webapp: `sudo -u www-data php /var/www/html/nextcloud/occ files:scan --all` More info can be found [here](https://docs.nextcloud.com/server/22/admin_manual/configuration_server/occ_command.html)   ##### Cloud2Cloud ```ad-bug title: Data transfer tool [rclone](https://autoize.com/moving-data-from-cloud-to-cloud-with-rclone/) ``` rClone uses a simple config interface to configure remote hosts (including [[Nextcloud]]): `rclone config` The config data can be password-protected for security. 1. **Copy data** ``` rclone copy source:'datapath' dest:'datapath' ``` 2. **Sync data** ``` rclone sync source:'datapath' dest:'datapath' ```   ##### Upload from local ```ad-bug [Curl](https://cylab.be/blog/33/how-to-upload-your-files-to-nextcloud-file-drop-using-curl) [Nextcloud help](https://help.nextcloud.com/t/how-to-upload-and-share-file-automatically/19202) ```   ##### Directories 1. **Local file structure** `/var/www/html/nextcloud/data/USERNAME/files` 2. **Webdav file structure** `/remote.php/dav/files/USERNAME`   ---   #### Nextcloud server hardening ```ad-bug title: Nextcloud tutorial [Here](https://docs.nextcloud.com/server/latest/admin_manual/installation/harden_server.html) ```   ---   ### Pricing   Cloud Server | One-off cost | Recurring subscription p.a. --------|---------------|:----------------------:

**Server hosting**

|   | *€15* ^CloudServerCost   ---   ### Tasks & Further steps   - [ ] [[Cloud Server]]: Backup server 🔁 every 6 months on the 1st Tuesday 📅 2021-09-15 - [x] [[Cloud Server]]: Backup server 🔁 every 6 months on the 1st Tuesday ✅ 2021-09-14 - [x] Set-up landing page