NextCloud 15 - CentOS 7

Pozdrav,

evo jedno uputstvo koje ce vam mozda biti od koristi (mozda i novcano).
U pitanju je NextCloud[/URL], projekat otvorenog koda ([URL=“https://github.com/nextcloud/server”]nextcloud/server[/URL]) koji instaliramo na [URL=‘https://www.centos.org/’]CentOS 7 [/URL](moze i na[SIZE=5][B] [/B][/SIZE][URL=‘https://www.ubuntu.com/download/server’]Ubuntu 18.04 LTS).
Ovo uputstvo je zapravo moj podsetnik (preuredjen za forum) kada instaliram NextCloud u firmama koje imaju potrebu za takvom vrstom resenja.
Tamo gde naidjete na informaciju poput “mojcloud.org” trebate da postavite vas domenom sa predpostavkom da ce “cloud” biti vas poddomen.
Takodje, jedna vrlo vazna informacija je ta da nextcloud ima aplikaciju za Linux, Windows i MAC operativne sistema kao i za Android i iOS telefone (besplatno).

Nakon standardne instalacije CentOS-a 7, uradimo update:
yum update

-------------------------------------------APACHE---------------------------------------------
Instaliramo Apache - httpd:
yum install httpd

Dodajemo Virtualhost:
touch /etc/httpd/conf.d/cloud.mojcloud.org.http.conf
vi /etc/httpd/conf.d/cloud.mojcloud.org.http.conf

Dodamo sledece:

[CODE]<VirtualHost *:80>
DocumentRoot /var/www/mojcloud.org/cloud
ServerName cloud.mojcloud.org

<Directory “/var/www/mojcloud.org/cloud”>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews

[/CODE]

konf host:
vi /etc/hosts
dodamo:

172.18.241.59  cloud.mojcloud.org

editujemo httpd.conf
vi /etc/httpd/conf/httpd.conf

postavlamo:

DocumentRoot "/var/www"

||||||||||||—SSL—||||||||||

Ako zelimo da instaliramo sertifikat koji mi sami potpisujemo, to mozemo da uradimo na sledeci nacin:
yum install crypto-utils mod_ssl

gasimo Apache tj HTTPD:
systemctl stop httpd

Proveravamo da li je upaljen:
systemctl status httpd

Sledece sto radimo jeste pravljenje sertifikata (preporucuje da se ne radi preko ssh vec direktno na serveru zbog brzeg pravljenja sertifikata) i to sa slecom komandom:
genkey cloud.mojcloud.org
nakon toga pratimo upustva iz GUI-a

Napravimo backup ssl.conf iz foldera /etc/httpd/conf.d
cp ssl.conf ssl.conf.original
mv ssl.conf cloud.mojcloud.org.ssl.conf

U okviru file-a cloud.mojcloud.org.ssl.conf menjamo sledece:

<VirtualHost cloud.mojcloud.org:443> DocumentRoot "/var/www/mojcloud.org/cloud/" ServerName cloud.mojcloud.org:443 SSLCertificateFile /etc/pki/tls/certs/cloud.mojcloud.org.crt SSLCertificateKeyFile /etc/pki/tls/private/cloud.mojcloud.org.key

Da bi redirektovali sav HTPP saobracaj ka HTPPS, menjamo postojeci conf file:
vi cloud.mojcloud.org.http.conf

I u njega ubacmo sledece:

Redirect / https://cloud.mojcloud.org

Stim da to izgleda na sledeci nacin:

[CODE]
DocumentRoot /var/www/mojcloud.org/cloud/
ServerName cloud.mojcloud.org
Redirect / https://cloud.mojcloud.org

<Directory “/var/www/mojcloud.org/cloud/”>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews

[/CODE]

Nakon toga palimo httpd

-------------------------------------------MySQL---------------------------------------------
Stavljamo repo za MySQL:
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
sudo rpm -ivh mysql-community-release-el7-5.noarch.rpm
yum update

Instaliramo MySQL i pokrecemo:
sudo yum install mysql-server
sudo systemctl start mysqld

Pocetno konfigurisemo MySQL:
sudo mysql_secure_installation #Tu ce nas pitati za sifru, novu sifru, brisanje test baze…

Ulazimo u mysql kako bi kreirali bazu:
mysql -u root -p

Proverimo da li postoje neke baze:
SHOW DATABASES;

Proverimo da li postoji user:
select User, Host, Password from mysql.user;

Kreiramo bazu:
CREATE DATABASE nextcloud;

Kreiramo usera:
GRANT ALL PRIVILEGES ON nextcloud.* TO ‘nextcloud’@‘localhost’ IDENTIFIED BY ‘ognjen’;

Osvezavamo informacije:
FLUSH PRIVILEGES;

exit;

-------------------------------------------PHP---------------------------------------------
Postavimo/instaliramo SCL repo:
yum install centos-release-scl

Nakon toga instaliramo PHP 7.0
yum install rh-php70 rh-php70-php rh-php70-php-gd rh-php70-php-mbstring

Install php7.0 modul za mysql i mariadb:
yum install rh-php70-php-mysqlnd

Ako budemo koristili nexcloud ldap app, onda instaliramo i sledece:
yum install rh-php70-php-ldap

Disable-ujemo stare apache module ako uopste postoje time sto im menjamo imena:
mv /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php54.off
mv /etc/httpd/conf.modules.d/10-php.conf /etc/httpd/conf.modules.d/10-php54.off

Symlinkujemo PHP 7.0 Apache module
ln -s /opt/rh/httpd24/root/etc/httpd/conf.d/rh-php70-php.conf /etc/httpd/conf.d/
ln -s /opt/rh/httpd24/root/etc/httpd/conf.modules.d/15-rh-php70-php.conf /etc/httpd/conf.modules.d/
ln -s /opt/rh/httpd24/root/etc/httpd/modules/librh-php70-php7.so /etc/httpd/modules/

Restartujemo apache:
service httpd restart

-------------------------------------------NEXTCLOUD---------------------------------------------
Otvorimo link: Install – Nextcloud , kliknemo Download for server, desni klik na Download Nextcloud i kopiramo lokaciju file-a
Skinemo instalaciju sledecom komandom:
wget https://download.nextcloud.com/server/releases/nextcloud-15.0.2.zip

unzip-ujemo file u /var/www/:
unzip nextcloud-15.0.2.zip -d /var/www/

Dodeljujemo sva prava apache-a za taj folder:
chown apache:apache -R /var/www/mojcloud.org/cloud/

--------------------------------------------SELinux---------------------------------------------------

SELinux je po default-u upaljen i u enforce mod-u.
Kako bi dozvolili procesu httpd da pristupi file-oovima, trebamo da izmenimo context na sledeci nacin:

semanage fcontext -a -t httpd_sys_rw_content_t ‘/var/www/mojcloud.org/cloud/data(/.)?’
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/mojcloud.org/cloud/config(/.
)?’
semanage fcontext -a -t httpd_sys_rw_content_t ‘/var/www/mojcloud.org/cloud/apps(/.)?’
semanage fcontext -a -t httpd_sys_rw_content_t ‘/var/www/mojcloud.org/cloud/.htaccess’
semanage fcontext -a -t httpd_sys_rw_content_t ‘/var/www/mojcloud.org/cloud/.user.ini’
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/mojcloud.org/cloud/3rdparty/aws/aws-sdk-php/src/data/logs(/.
)?’

restorecon -Rv ‘/var/www/mojcloud.org/cloud/’

Da bi dozvolili update preko Web interface-a, onda odradimo sledecu komandu:
setsebool -P httpd_can_network_connect on

Ako ne postoji komanda semanage onda je trazimo putem sledece komande:
yum provides /usr/sbin/semanage

I nakon toga instaliramo:
yum install policycoreutils-python

U koliko su potrebna neka dodatna objasnjenja, otvoriti link:
SELinux configuration — Nextcloud 15 Administration Manual 15 documentation

--------------------------------------------Firewall----------------------------------------------------------
Dodajemo firewall pravila da bi prisli serveru preko http i https-:

firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-service=https --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-service=http --permanent
firewall-cmd --reload

----------------------------------------Web instalacija---------------------------------------------
Pre svega treba postaviti domen u trust:
vi /var/www/mojcloud.org/cloud/config/config.php

[PHP] ‘trusted_domains’ =>
array (
0 => ‘172.18.241.59’,
1 => ‘cloud.mojcloud.org’,
),[/PHP]

Otvorimo pretrazivac i upisemo IP adresu ili domen (domen ce raditi kada postavite dns zapis):
http://172.18.241.59/ ili
https://172.18.241.59/

Nakon toga izacice nam pocetna strana gde cemo napraviti user-a.
Kad upisemo user/pass dole oznacimo MySQL/mariadb.
U dole polja stavimo podatke vezane za mysql (ime baze: nextcloud, user: nextcloud , pass: ognjen)

Mislim da je uputstvo kompletno.
Uzivajte :slight_smile: