Nextcloud: Difference between revisions

(3 intermediate revisions by 2 users not shown)

Line 115:

</nowiki>}}

=== ~~Caching~~ ===

=== Data storage ===

Nextcloud stores metadata in the database and files either on a local filesystem, external storage, or in an object storage.

~~[[Redis]] can be enabled as a performant caching backend using following configuration. This will bring faster page loads to your Nextcloud instance.~~

==== Local filesystem ====

Using a filesystem with snapshot support, such as btrfs or zfs, may be useful for backup purposes

~~{{file|/etc/nixos/configuration.nix|nix|<nowiki>~~

~~services.nextcloud~~ = {

~~enable~~ = ~~true;~~

~~configureRedis~~ = ~~true;~~

~~[...]~~

};

~~</nowiki>}}~~

~~Note that APCu will still be used for local caching, as recommended by Nextcloud upstream.~~

==== External storage ====

https://docs.nextcloud.com/server/stable/admin_manual/configuration_files/external_storage_configuration_gui.html

=== ~~Object store~~ ===

==== Object store ====

In this example we'll configure a local S3-compatible object store using Minio and connect it to Nextcloud

Line 266:

Line 260:

** [https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html#passwordsalt passwordsalt]

** [https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html#secret secret]

* To be able to configure TLS for your new instance before you've updated your DNS record, you can use [[ACME#DNS challenge|ACME DNS Challenge]]. Don't forget to clear <code>acmeRoot</code>:

services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {

forceSSL = true;

{{file|/etc/nixos/configuration.nix|nix|<nowiki>

enableACME = true;

services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {

# force DNS-01 validation

forceSSL = true;

acmeRoot = null;

enableACME = true;

};

# force DNS-01 validation

acmeRoot = null;

};

</nowiki>}}

=== Backups ===

You should make backups of both the database and your storage.

For the database, [https://search.nixos.org/options?show=services.mysqlBackup services.mysqlBackup] or [https://search.nixos.org/options?show=services.postgresqlBackup services.postgresqlBackup] may come in handy. For local storage backups, periodically taking a snapshot of a snapshot-enabled filesystem such as btrfs or zfs may be a good first step. Remember to also make off-site copies.

== Clients ==

Line 332:

Line 334:

services.nginx.virtualHosts."${config.services.nextcloud.hostName}".listen = [ { addr = "127.0.0.1"; port = 8080; } ];

</nowiki>}}

=== Enable Two-factor authentication ===

Two-factor authentication can be enabled for your server via the administration interface in your browser. There is no way to declare this setting via nix configuration, so you should follow the [https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/two_factor-auth.html official documentation] to set up Two-factor authentication.

=== Enable HEIC image preview ===

@@ Line 115: / Line 115: @@
 </nowiki>}}
-=== Caching ===
+=== Data storage ===
+Nextcloud stores metadata in the database and files either on a local filesystem, external storage, or in an object storage.
-[[Redis]] can be enabled as a performant caching backend using following configuration. This will bring faster page loads to your Nextcloud instance.
+==== Local filesystem ====
+Using a filesystem with snapshot support, such as btrfs or zfs, may be useful for backup purposes
-{{file|/etc/nixos/configuration.nix|nix|<nowiki>
-services.nextcloud = {
-  enable = true;
-  configureRedis = true;
-  [...]
-};
-</nowiki>}}
-Note that APCu will still be used for local caching, as recommended by Nextcloud upstream.
+==== External storage ====
+https://docs.nextcloud.com/server/stable/admin_manual/configuration_files/external_storage_configuration_gui.html
-=== Object store ===
+==== Object store ====
 In this example we'll configure a local S3-compatible object store using Minio and connect it to Nextcloud
@@ Line 266: / Line 260: @@
 ** [https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html#passwordsalt passwordsalt]
 ** [https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html#secret secret]
 * To be able to configure TLS for your new instance before you've updated your DNS record, you can use [[ACME#DNS challenge|ACME DNS Challenge]]. Don't forget to clear <code>acmeRoot</code>:
- services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
-   forceSSL = true;
+{{file|/etc/nixos/configuration.nix|nix|<nowiki>
-   enableACME = true;
+services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
-   # force DNS-01 validation
+  forceSSL = true;
-   acmeRoot = null;
+  enableACME = true;
- };
+  # force DNS-01 validation
+  acmeRoot = null;
+};
+</nowiki>}}
+=== Backups ===
+You should make backups of both the database and your storage.
+For the database, [https://search.nixos.org/options?show=services.mysqlBackup services.mysqlBackup] or [https://search.nixos.org/options?show=services.postgresqlBackup services.postgresqlBackup] may come in handy. For local storage backups, periodically taking a snapshot of a snapshot-enabled filesystem such as btrfs or zfs may be a good first step. Remember to also make off-site copies.
 == Clients ==
@@ Line 332: / Line 334: @@
 services.nginx.virtualHosts."${config.services.nextcloud.hostName}".listen = [ { addr = "127.0.0.1"; port = 8080; } ];
 </nowiki>}}
+=== Enable Two-factor authentication ===
+Two-factor authentication can be enabled for your server via the administration interface in your browser. There is no way to declare this setting via nix configuration, so you should follow the [https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/two_factor-auth.html official documentation] to set up Two-factor authentication.
 === Enable HEIC image preview ===