9.3 KiB
Alias | Tag | Date | DocType | Hierarchy | location | Performance | Characteristics | Disk | CollapseMetaTable | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
2021-09-03 | Server | NonRoot |
|
|
|
|
yes |
Parent:: mfxm Website Scope, Storage and Syncing
^Top
name Edit Server parameters
type command
action MetaEdit: Run MetaEdit
id EditMetaData
^button-CloudServerEdit
name Save
type command
action Save current file
id Save
^button-CloudServerSave
Cloud Server
title: Summary
collapse: open
Server for Cloud storage and device syncing.
style: number
Server parameters
title: Dashboard access
[https://alphavps.com/clients/](https://alphavps.com/clients/)
title: Address
The service will be located under **[cloud.mfxm.fr](https://cloud.mfxm.fr)** .
Service
title: Nextcloud
[[Nextcloud]] is a cloud storage management service offering a variety of Apps to manage data online.
Installation guide
title: Installation
[Tutorial](https://www.techrepublic.com/article/how-to-install-nextcloud-22-on-ubuntu-server-20-04/)
[Tutorial2](https://nextcloud.com/athome/)
[Tutorial3](https://blog.ssdnodes.com/blog/installing-nextcloud-docker/)
Installed dependencies
Apache2
Webserver for Nextcloud. Apache2 has notorious issues with over-clogging memory usage (topping 100% of memory usage). In order to minimise memory usage, #APCu has been installed as a cache manager. In addition, Appache has been paired with:
- php-fpm for php7.4, enabling faster interaction between apache and backend.
- the 'event' multi-processing module (MPM) enabling decluttering of processing between ports & Apache
All relevant dependencies have been installed and the set-up tested. A comprehensive tutorial on the MPM switch can be found here or here.
php.ini files can be found at:
/etc/php/7.4/fpm/php.ini
/etc/php/7.4/apache2/php.ini
/etc/php/7.4/cli/php.ini
Certbot
#^Top Provides SSL certification from Let's Encrypt. Installation dependencies are different from Nginx and explained here
MySQL
Nothing particular to note on MySQL apart from initial set-up and user management.
Configuration file is under:
/etc/mysql/mysql.conf.d/mysqld.cnf
title: Optimise memory usage of mysql
~~~yaml
[mysqld]
% Disable performance schema to hugely reduce RAM usage
performance_schema = OFF
~~~
In order to restart mysql, the command is:
~~~bash
sudo service mysql restart
~~~
Security
Program name | Type | Description |
---|---|---|
**[[Configuring Fail2ban | fail2ban]]** | Daemon |
unattended-upgrades | Program | Enables automatic updates of installed programs and OS |
logwatch | Daemon | Monitors activity on server and sends activity logs |
fail2ban
#^Top Classic Configuring Fail2ban installation with a dedicated configuration:
~~~bash
sudo nano /etc/fail2ban/jail.d/sshd.local
~~~
With the following parameters:
~~~yaml
[sshd]
enabled = true
port=2227
maxretry = 10
bantime = 1m
~~~
Please refer to the Configuring Fail2ban for a detailed description.
Postfix
Mail Transfer Agent. Configuration is standard to allow for emails to be sent by programs / deamons / Nextcloud or others. Such a Configuring Postfix is required for every server to work correctly.
APCu
#^Top Memory caching addon for Nextcloud. Memory caching management is provided by Nextcloud and needs to be set up as a system cron job. After installing APCu, the webserver needs to be restarted and the cron job defined:
- Define the cronjob
~~~bash
sudo crontab -u www-data -e
~~~
- Add cronjob
~~~bash
*/5 * * * * php -f /var/www/html/nextcloud/cron.php --define apc.enable_cli=1
~~~
- Verify that the cron job is added
~~~bash
sudo crontab -u www-data -l
~~~
SVG support
#^Top SVG support is installed in the form of a package.
~~~bash
sudo apt-get update -y
sudo apt-get install -y libmagickcore-6.q16-6-extra
~~~
&emsp
UFW
Firewall management, see Configuring UFW for more details.
Server-side monitoring
#^Top Monit is a process and daemon monitoring tool. More information on operating the software can be found Configuring Monit.
List of monitored services:
- System
- SSH
- Configuring Fail2ban
- cron
- Postfix
- MySQL
- Apache
Configuring Telegram bots are also being implemented to receive logs from logwatch & Configuring Monit.
Service management
#^Top Nextcloud offers two alternatives for managing the service:
- An admin webpanel
- A command line tool
Admin webpanel
Accessed through login into the service with admin credentials. Settings offer an admin section.
Nextcloud command line tool
#^Top From the server's command line, Nextcloud offers the ability to perform some tasks like user management.
Introduction to the command
Nextcloud offers a command-line tool which permission needs to be set to "executable". It is located here:
/var/www/html/nextcloud/occ
The tool needs to be invoked by the "www-data" user and compiled with PHP:
~~~bash
sudo -u www-data php /var/www/html/nextcloud/occ
~~~
Generic commands
Nextcloud offers a simple description of all commands here
Data transfer
#^Top After each data transfer, run the following command to refresh Nextcloud's webapp:
~~~bash
sudo -u www-data php /var/www/html/nextcloud/occ files:scan --all
~~~
More info can be found here
Cloud2Cloud
title: Data transfer tool
[rclone](https://autoize.com/moving-data-from-cloud-to-cloud-with-rclone/)
rClone uses a simple config interface to configure remote hosts (including Nextcloud):
~~~bash
rclone config
~~~
The config data can be password-protected for security.
- Copy data
~~~bash
rclone copy source:'datapath' dest:'datapath'
~~~
- Sync data
~~~bash
rclone sync source:'datapath' dest:'datapath'
~~~
Upload from local
[Curl](https://cylab.be/blog/33/how-to-upload-your-files-to-nextcloud-file-drop-using-curl)
[Nextcloud help](https://help.nextcloud.com/t/how-to-upload-and-share-file-automatically/19202)
Directories
- Local file structure
/var/www/html/nextcloud/data/USERNAME/files
- Webdav file structure
/remote.php/dav/files/USERNAME
Nextcloud server hardening
title: Nextcloud tutorial
[Here](https://docs.nextcloud.com/server/latest/admin_manual/installation/harden_server.html)
Pricing
Cloud Server | One-off cost | Recurring subscription p.a. |
---|
**Server hosting**
| | *€15* ^CloudServerCost
Tasks & Further steps
-
Server Cloud: Backup server %%done_del%% 🔁 every 6 months on the 1st Tuesday 📅 2022-09-06
-
Server Cloud: Backup server 🔁 every 6 months on the 1st Tuesday 📅 2022-03-11 ✅ 2022-03-11
-
Server Cloud: Backup server 🔁 every 6 months on the 1st Tuesday 📅 2021-09-15 ✅ 2022-01-08
-
Server Cloud: Backup server 🔁 every 6 months on the 1st Tuesday ✅ 2021-09-14
-
Set-up landing page
-
Selfhosting, Server Cloud: Upgrader & Health checks %%done_del%% 🔁 every 4 months 📅 2022-09-01
-
Selfhosting, Server Cloud: Upgrader & Health checks 🔁 every 4 months 📅 2022-05-01 ✅ 2022-05-05