welcome: please sign in

The following 355 words could not be found in the dictionary of 7 words (including 7 LocalSpellingWords) and are highlighted below:
3rdparty   access   acme   active   actually   Add   admin   again   age   ajax   always   and   any   anyuser   application   apps   attempt   Authorization   automating   autotest   Available   Base   basename   be   before   best   block   browsers   buffering   build   but   By   by   bz2   Cache   cache   caldav   can   carddav   case   Case   cat   cd   Certificate   challenge   Charset   charset   Clnt   cloud   com   command   Cond   config   configuration   console   Content   context   control   Control   controller   Copy   copyfiles   core   correct   cp   cron   Cross   css   cur   daemon   data   Dav   dav   db   Default   default   deprecated   dir   directories   Directory   directory   disabling   Document   Domain   domtool   download   Download   drop   Drop   echo   elektrubadur   Encoding   end   Engine   env   Env   error   Error   esac   eu   expires   explanation   far   favicon   fcgi   fcgid   Files   files   filesize   fixperms   font   for   from   front   fsr   func   further   generate   get   gif   Grant   gzip   Header   Headers   headers   Here   home   host   htaccess   htdocs   html   https   ico   If   image   img   in   incomplete   Index   index   indexes   Indexes   indie   install   is   issue   it   javascript   jpeg   jpg   js   json   known   last   latest   Let   lib   like   limit   line   location   look   Ls   ls   main   maintenance   manifest   Match   max   mbstring   me   memory   meta   Michel   mime   Mod   mod   mode   Module   module   Multi   multi   mv   my   mysql   Neater   necessary   new   Nextcloud   nextcloud   No   no   none   noopen   nosniff   not   notfound   oc   occ   ocs   Off   off   old   on   one   options   Options   or   output   overload   page   pagespeed   Pagespeed   passthrough   permanent   permissions   Permitted   personal   Php   php   php5   php7   php72   pipefail   pki   please   png   Policies   Policy   populate   post   preserve   preview   privacy   progress   Protection   provided   provider   proxy   public   qsappend   raw   redirect   Referrer   referrer   related   releases   remote   remove   Request   resources   rewrite   Rewrite   rlidwk   rlk   Robots   robots   Root   Rule   Run   Running   sa   script   se   second   section   sections   security   sed   server   service   serving   Set   set   setenvif   settings   should   size   Slash   smichel   so   someone   sort   static   status   Stephen   Stop   string   stuff   svg   svgz   system   tables   Tag   tail   tar   temp   templates   tests   text   that   The   the   this   those   to   To   true   ttf   txt   type   Type   unset   unused   update   updater   updates   Updates   upload   usage   utf   v1   v2   validation   value   Version   version   vhosts   Views   want   wasn   We   web   webdav   webfinger   week   weeks   well   wget   where   will   With   with   without   woff2   work   working   Working   www   xargs   xjf   xml   you   your   zip  

Clear message
Edit

MemberManual / WebApplications / Nextcloud / Talk

1. Neater URLs

Add this line to $NEXTDIR/config/config.php: 

cd $NEXTDIR
php7.2 occ config:system:set htaccess.RewriteBase --type=string --value="/"
php7.2 occ maintenance:update:htaccess

The second command should not be necessary, but it will generate a correct .htaccess for your version, for Nextcloud 15 it will look like this: 

<IfModule mod_headers.c>
  <IfModule mod_setenvif.c>
    <IfModule mod_fcgid.c>
       SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
       RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
    </IfModule>
    <IfModule mod_proxy_fcgi.c>
       SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>
  </IfModule>

  <IfModule mod_env.c>
    # Add security and privacy related headers
    Header set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Robots-Tag "none"
    Header set X-Download-Options "noopen"
    Header set X-Permitted-Cross-Domain-Policies "none"
    Header set Referrer-Policy "no-referrer"
    SetEnv modHeadersAvailable true
  </IfModule>

  # Add cache control for static resources
  <FilesMatch "\.(css|js|svg|gif)$">
    Header set Cache-Control "max-age=15778463"
  </FilesMatch>

  # Let browsers cache WOFF files for a week
  <FilesMatch "\.woff2?$">
    Header set Cache-Control "max-age=604800"
  </FilesMatch>
</IfModule>
<IfModule mod_php5.c>
  php_value upload_max_filesize 511M
  php_value post_max_size 511M
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value always_populate_raw_post_data -1
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_php7.c>
  php_value upload_max_filesize 511M
  php_value post_max_size 511M
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteCond %{HTTP_USER_AGENT}  DavClnt
  RewriteRule ^$         /remote.php/webdav/          [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
  RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
  RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [QSA,L]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
  RewriteRule ^(?:\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
  AddType image/svg+xml svg svgz
  AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
  DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
  ModPagespeed Off
</IfModule>
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 /
ErrorDocument 404 /
<IfModule mod_rewrite.c>
  Options -MultiViews
  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
  RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg)$
  RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
  RewriteCond %{REQUEST_FILENAME} !core/img/manifest.json$
  RewriteCond %{REQUEST_FILENAME} !/remote.php
  RewriteCond %{REQUEST_FILENAME} !/public.php
  RewriteCond %{REQUEST_FILENAME} !/cron.php
  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
  RewriteCond %{REQUEST_FILENAME} !/status.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
  RewriteCond %{REQUEST_FILENAME} !/robots.txt
  RewriteCond %{REQUEST_FILENAME} !/updater/
  RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
  RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
  RewriteRule . index.php [PT,E=PATH_INFO:$1]
  RewriteBase /
  <IfModule mod_env.c>
    SetEnv front_controller_active true
    <IfModule mod_dir.c>
      DirectorySlash off
    </IfModule>
  </IfModule>
</IfModule>

If someone can get this working to remove the 'index.php' stuff from URLs, please update the configuration on the main page.

Here is my best attempt so far: 

web "cloud" where
    PhpVersion = php72;
    DocumentRoot = home "www/cloud.elektrubadur.se";
    SSL = elektrubadurCertificate;
with
    expiresByType "text/css" access 1 weeks;
    expiresByType "application/javascript" access 1 weeks;
    expiresByType "image/svg" access 1 weeks;
    expiresByType "image/gif" access 1 weeks;
    expiresByType "application/font-woff2" access 1 weeks;

    setEnv "front_controller_active" "true";
    setEnv "htaccessWorking" "true";
    setEnvIfNoCase "^Authorization$" "(.+)" ["XAUTHORIZATION=$1"];

    location "/" with
        unset_options [indexes, multiViews];
        directoryIndex ["index.php", "index.html"];
        errorDocument "403" "/";
        errorDocument "404" "/";
    end;

    rewriteCond "%{HTTP_USER_AGENT}" "DavClnt" [];
    rewriteRule "^$" "/remote.php/webdav/" [redirectWith temp, last];

    rewriteRule ".*" "-" [env "HTTP_AUTHORIZATION" "%{HTTP:Authorization}"];
    rewriteRule "^\.well-known/host-meta" "/public.php?service=host-meta" [qsappend, last];
    rewriteRule "^\.well-known/host-meta\.json" "/public.php?service=host-meta-json" [qsappend, last];
    rewriteRule "^\.well-known/webfinger" "/public.php?service=webfinger" [qsappend, last];
    rewriteRule "^\.well-known/carddav" "/remote.php/dav/" [redirectWith permanent, last];
    rewriteRule "^\.well-known/caldav" "/remote.php/dav/" [redirectWith permanent, last];
    rewriteRule "^remote/(.*)" "remote.php" [qsappend, last];
    rewriteRule "^(?:build|tests|config|lib|3rdparty|templates)/.*" "-" [redirectWith notfound, last];
    rewriteCond "%{REQUEST_URI}" "!^/\.well-known/(acme-challenge|pki-validation)/.*" [];
    rewriteRule "^(?:\.|autotest|occ|issue|indie|db_|console).*" "-" [redirectWith notfound, last];

    directory elektrubadurRoot with
        rewriteRule "^core/js/oc.js$" "index.php" [passthrough, env "PATH_INFO" "$1"];
        rewriteRule "^core/preview.png$" "index.php" [passthrough, env "PATH_INFO" "$1"];
        rewriteCond "%{REQUEST_FILENAME}" "!\.(css|js|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg)$" [];
        rewriteCond "%{REQUEST_FILENAME}" "!core/img/favicon.ico$" [];
        rewriteCond "%{REQUEST_FILENAME}" "!core/img/manifest.json$" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/remote.php" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/public.php" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/cron.php" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/core/ajax/update.php" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/status.php" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/ocs/v1.php" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/ocs/v2.php" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/robots.txt" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/updater/" [];
        rewriteCond "%{REQUEST_FILENAME}" "!/ocs-provider/" [];
        rewriteCond "%{REQUEST_URI}" "!^/\.well-known/(acme-challenge|pki-validation)/.*" [];
        rewriteRule "." "index.php" [passthrough, env "PATH_INFO" "$1"];

        rewriteBase "/";
    end;

    web "cloud" with
        rewriteRule "^(.*)$" "https://cloud.elektrubadur.se$1" [redirectWith permanent];
    end;

=== Drop unused tables ==

We should drop those deprecated tables from before, this wasn't actually working for me. 

mysql-fixperms
mysql -h mysql -p ${USER}_cloud

DROP TABLE admin_sections;
DROP TABLE admin_settings);
DROP TABLE personal_sections;
DROP TABLE 'personal_settings;

1.1. Running Updates

Here is incomplete, work-in-progress script by StephenMichel for automating updates, provided without context or further explanation :P 

#!/usr/bin/env bash

# set -x

set -eu -o pipefail

nextcloud_dir="$HOME/vhosts/nextcloud.smichel.me"
v_new="19.0.8"
v_cur="$(ls "$nextcloud_dir"/config-*.php | sort | tail -n 1 | xargs basename \
    | sed -e '
        s/^config-//
        s/\.php$//
    ')"

echo cur: $v_cur
echo new: $v_new

usage() {
cat <<EOF
USAGE: $0 OPTION

OPTIONS:

  --copyfiles   Download and install the latest version ($v_new).

  --fixperms    Grant your daemon permissions on the new directories.

To update nextcloud:
1. Stop serving nextcloud by disabling that section in your domtool config.
2. Run this script with --copyfiles.
3. Copy any apps that you want to preserve from the old location to the new one.
4. Run this script again with --fixperms.
EOF
}

copyfiles() {
    # cd "$nextcloud_dir"
    wget "https://download.nextcloud.com/server/releases/nextcloud-$v_new.tar.bz2"
    # tar -xjf "nextcloud-$v_new.zip"
    # cp htdocs/config/config.php nextcloud/config/config.php

    # mv htdocs{,-$v_cur}
    # mv nextcloud htdocs

    # cp htdocs/config/config.php ./config-$v_cur.php
}

fixperms() {
    cd "$nextcloud_dir"/htdocs
    fsr sa . system:anyuser none
    fsr sa . $USER.daemon rlk
    fsr sa config $USER.daemon rlidwk
    fsr sa apps $USER.daemon rlidwk
}

case "${1:-}" in
    ("--copyfiles") copyfiles ;;
    ("--fixperms") fixperms ;;
    (*) usage ;;
esac

MemberManual/WebApplications/Nextcloud/Talk (last edited 2021-02-24 18:59:50 by StephenMichel)