Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédenteDernière révisionLes deux révisions suivantes | ||
fr:kloud [2019/09/26 10:59] – [LEMP] Deed | fr:kloud [2020/12/30 09:59] – [Voir aussi] Ajout de personnalisation zatalyz | ||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
- | ====== | + | ====== Nextcloud ====== |
Nous avons installé une instance Nextcloud, disponible à cette adresse : [[https:// | Nous avons installé une instance Nextcloud, disponible à cette adresse : [[https:// | ||
Ligne 8: | Ligne 8: | ||
Mais je n'ai pas changé les captures d' | Mais je n'ai pas changé les captures d' | ||
+ | |||
+ | Edit au 23/09/2020 : ça serait bien de refaire ces captures, quand même... Car Nextcloud a évolué. | ||
</ | </ | ||
- | ===== Installer le client Nextcloud | + | ===== Côté utilisatrice ===== |
+ | |||
+ | ==== Installer le client Nextcloud ==== | ||
Nextcloud est à présent dans la plupart des dépôts sur Linux. Vous trouverez aussi toutes les possibilités sur [[https:// | Nextcloud est à présent dans la plupart des dépôts sur Linux. Vous trouverez aussi toutes les possibilités sur [[https:// | ||
Ligne 18: | Ligne 22: | ||
Pour les autres OS (**Mac**, **Windows**), | Pour les autres OS (**Mac**, **Windows**), | ||
- | ===== Connecter le client à Khaganat | + | ==== Connecter le client à Khaganat ==== |
Lors de la première installation, | Lors de la première installation, | ||
Ligne 32: | Ligne 36: | ||
{{ : | {{ : | ||
- | ===== Partager un dossier | + | ==== Partager un dossier ==== |
Passez par l' | Passez par l' | ||
Ligne 39: | Ligne 43: | ||
{{ : | {{ : | ||
- | ====== Installation Nexcloud | + | ===== Installation |
- | **BROUILLON** | + | |
- | **DEBIAN 10 NEXTCLOUT 16 ** | + | ==== LEMP ==== |
- | ===== LEMP ===== | + | |
Installation: | Installation: | ||
apt install nginx | apt install nginx | ||
- | apt install php-fpm php-curl php-cli | + | apt install |
- | apt install postgresql postgresql-contrib php-pgsql | + | apt install postgresql postgresql-contrib php-pgsql |
Configuration: | Configuration: | ||
Ligne 56: | Ligne 59: | ||
pm.start_servers = 12 | pm.start_servers = 12 | ||
pm.min_spare_servers = 6 | pm.min_spare_servers = 6 | ||
- | pm.max_spare_servers = 18 | + | pm.max_spare_servers = 18 |
+ | |||
+ | clear_env = no | ||
+ | |||
+ | | ||
nano / | nano / | ||
Ligne 70: | Ligne 77: | ||
opcache.save_comments=1 | opcache.save_comments=1 | ||
opcache.revalidate_freq=1 | opcache.revalidate_freq=1 | ||
- | ===== Nexcloud | + | ==== Nexcloud ==== |
Outils: | Outils: | ||
apt install wget unzip p7zip p7zip-full | apt install wget unzip p7zip p7zip-full | ||
Téléchargement de Nextcloud | Téléchargement de Nextcloud | ||
cd /var/www | cd /var/www | ||
- | wget https:// | + | wget https:// |
- | | + | 7z x latest.zip |
+ | chown -R www-data: | ||
+ | |||
+ | Database: | ||
+ | sudo -u postgres createuser -P kloud_user | ||
+ | sudo -u postgres createdb -O kloud_user kloud_prod | ||
+ | |||
+ | ==== Nginx ==== | ||
+ | === Conf === | ||
+ | nano / | ||
+ | |||
+ | <code bash> | ||
+ | upstream php-handler { | ||
+ | server 127.0.0.1:9000; | ||
+ | #server unix:/ | ||
+ | } | ||
+ | |||
+ | server { | ||
+ | listen 80; | ||
+ | listen [::]:80; | ||
+ | server_name kloud.khaganat.net; | ||
+ | # enforce https | ||
+ | return 301 https:// | ||
+ | } | ||
+ | |||
+ | server { | ||
+ | listen 443 ssl http2; | ||
+ | listen [::]:443 ssl http2; | ||
+ | server_name kloud.khaganat.net; | ||
+ | |||
+ | # Use Mozilla' | ||
+ | # https:// | ||
+ | # NOTE: some settings below might be redundant | ||
+ | ssl_certificate / | ||
+ | ssl_certificate_key / | ||
+ | |||
+ | |||
+ | # Add headers to serve security related headers | ||
+ | # Before enabling Strict-Transport-Security headers please read into this | ||
+ | # topic first. | ||
+ | add_header Strict-Transport-Security " | ||
+ | # | ||
+ | # WARNING: Only add the preload option once you read about | ||
+ | # the consequences in https:// | ||
+ | # will add the domain to a hardcoded list that is shipped | ||
+ | # in all major browsers and getting removed from this list | ||
+ | # could take several months. | ||
+ | add_header Referrer-Policy " | ||
+ | add_header X-Content-Type-Options " | ||
+ | add_header X-Download-Options " | ||
+ | add_header X-Frame-Options " | ||
+ | add_header X-Permitted-Cross-Domain-Policies " | ||
+ | add_header X-Robots-Tag " | ||
+ | add_header X-XSS-Protection "1; mode=block" | ||
+ | |||
+ | # Remove X-Powered-By, | ||
+ | fastcgi_hide_header X-Powered-By; | ||
+ | |||
+ | # Path to the root of your installation | ||
+ | root / | ||
+ | |||
+ | location = /robots.txt { | ||
+ | allow all; | ||
+ | log_not_found off; | ||
+ | access_log off; | ||
+ | } | ||
+ | |||
+ | # The following 2 rules are only needed for the user_webfinger app. | ||
+ | # Uncomment it if you're planning to use this app. | ||
+ | #rewrite ^/ | ||
+ | #rewrite ^/ | ||
+ | |||
+ | # The following rule is only needed for the Social app. | ||
+ | # Uncomment it if you're planning to use this app. | ||
+ | #rewrite ^/ | ||
+ | |||
+ | location = / | ||
+ | return 301 $scheme:// | ||
+ | } | ||
+ | location = / | ||
+ | return 301 $scheme:// | ||
+ | } | ||
+ | |||
+ | # set max upload size | ||
+ | client_max_body_size 512M; | ||
+ | fastcgi_buffers 64 4K; | ||
+ | |||
+ | # Enable gzip but do not remove ETag headers | ||
+ | gzip on; | ||
+ | gzip_vary on; | ||
+ | gzip_comp_level | ||
+ | gzip_min_length 256; | ||
+ | gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; | ||
+ | gzip_types application/ | ||
+ | |||
+ | # Uncomment if your server is build with the ngx_pagespeed module | ||
+ | # This module is currently not supported. | ||
+ | #pagespeed off; | ||
+ | |||
+ | location / { | ||
+ | rewrite ^ / | ||
+ | } | ||
+ | |||
+ | location ~ ^\/ | ||
+ | deny all; | ||
+ | } | ||
+ | location ~ ^\/ | ||
+ | deny all; | ||
+ | } | ||
+ | |||
+ | location ~ ^\/ | ||
+ | fastcgi_split_path_info ^(.+? | ||
+ | set $path_info $fastcgi_path_info; | ||
+ | try_files $fastcgi_script_name =404; | ||
+ | include fastcgi_params; | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | fastcgi_param PATH_INFO $path_info; | ||
+ | fastcgi_param HTTPS on; | ||
+ | # Avoid sending the security headers twice | ||
+ | fastcgi_param modHeadersAvailable true; | ||
+ | # Enable pretty urls | ||
+ | fastcgi_param front_controller_active true; | ||
+ | fastcgi_pass php-handler; | ||
+ | fastcgi_intercept_errors on; | ||
+ | fastcgi_request_buffering off; | ||
+ | } | ||
+ | |||
+ | location ~ ^\/ | ||
+ | try_files $uri/ =404; | ||
+ | index index.php; | ||
+ | } | ||
+ | |||
+ | # Adding the cache control header for js, css and map files | ||
+ | # Make sure it is BELOW the PHP block | ||
+ | location ~ \.(?: | ||
+ | try_files $uri / | ||
+ | add_header Cache-Control " | ||
+ | # Add headers to serve security related headers (It is intended to | ||
+ | # have those duplicated to the ones above) | ||
+ | # Before enabling Strict-Transport-Security headers please read into | ||
+ | # this topic first. | ||
+ | add_header Strict-Transport-Security " | ||
+ | # | ||
+ | # WARNING: Only add the preload option once you read about | ||
+ | # the consequences in https:// | ||
+ | # will add the domain to a hardcoded list that is shipped | ||
+ | # in all major browsers and getting removed from this list | ||
+ | # could take several months. | ||
+ | add_header Referrer-Policy " | ||
+ | add_header X-Content-Type-Options " | ||
+ | add_header X-Download-Options " | ||
+ | add_header X-Frame-Options " | ||
+ | add_header X-Permitted-Cross-Domain-Policies " | ||
+ | add_header X-Robots-Tag " | ||
+ | add_header X-XSS-Protection "1; mode=block" | ||
+ | |||
+ | # Optional: Don't log access to assets | ||
+ | access_log off; | ||
+ | } | ||
+ | |||
+ | location ~ \.(?: | ||
+ | try_files $uri / | ||
+ | # Optional: Don't log access to other assets | ||
+ | access_log off; | ||
+ | } | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | | ||
+ | |||
+ | === Certificat === | ||
+ | apt install certbot | ||
+ | service nginx stop | ||
+ | certbot certonly --standalone -d kloud.kagouille.fr | ||
+ | service nginx start | ||
+ | |||
+ | Lancer votre Nextcloud sur votre navigateur | ||
+ | |||
+ | ==== Cache ==== | ||
+ | Ajouter le cache : | ||
+ | nano / | ||
+ | |||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | array ( | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ' | ||
+ | ), | ||
+ | |||
+ | source : https:// | ||
+ | |||
+ | ==== Voir aussi ==== | ||
+ | Très bon tuto pour une super install ici : [[https:// | ||
+ | |||
+ | ==== Personnalisation ==== | ||
+ | === Fichiers par défaut === | ||
+ | Lorsqu' | ||
+ | |||
+ | Autant changer ça ! | ||
+ | |||
+ | Modifier le contenu du dossier est une solution temporaire, mais ce sera remis à zéro à chaque mise à jour. Une solution plus durable consiste à changer le dossier à prendre en compte pour le squelette dans le placard. | ||
+ | |||
+ | Doc officielle : https:// | ||
+ | |||
+ | Résumé en français : modifiez le fichier '' | ||
+ | |||
+ | < | ||
+ | |||
+ | Laissez vide si vous ne voulez pas de squelette : | ||
+ | |||
+ | < | ||
+ | |||
+ | La variable '' | ||
+ | |||
+ | <WRAP center round todo 60%> | ||
+ | À tester ! | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | |||
+ | === Changer la langue par défaut === | ||
+ | Source : https:// | ||
+ | |||
+ | Nextcloud devrait détecter la langue du navigateur pour décider de l' | ||
+ | < | ||
+ | ' | ||
+ | ' | ||
+ | </ | ||
- | {{tag> | + | {{tag> |