nextcloud-Tuning on Raspberry Pi3/ODROID C2

nextcloud, php & nginx tuning

In addition of using Redis for nextcloud we created a tmpfs-filesystem to reduce the needed time used by the creation of the serversessions and made changes to the global PHP 7.0 configuration.


July 29th, 2016 – /var/tmp and export XDG_CACHE_HOME to ramdisk
July 23th, 2016 – php and nginx enhancements
July 11th, 2016 – calculation of php.max_children
July 06th, 2016 – php tuning (www.conf)
June 28th, 2016 – we abandon the ‚assett-piplineing‘


Continue reading „nextcloud-Tuning on Raspberry Pi3/ODROID C2“

nextcloud-Tuning on Raspberry Pi3/ODROID C2

Update available: httpoxy can affect nextcloud

Nextcloud-Update 9.0.53 is available

© 2016, rieger::CLOUD

As a precaution and because security and privacy are paramount for nextcloud users, nextcloude released a security update. How to update is described in a previous post.

„… ship Guzzle 5 as part of Nextcloud. This handles http requests and supports HTTP_PROXY environment variable which can be abused, in some special scenario’s, by an attacker to read content. In the worst case, when you use the ajax cron feature, an attacker can potentially see external storage credentials and data….“

© 2016, rieger::CLOUD

Update available: httpoxy can affect nextcloud

BackUp your Raspberry PI3

System BackUp

Once a month or prior to every significant system change we create backups of our system. Those backups are made with the simple <dd> and are stored in the mounted bkup-dir. To know which partition has to be backuped you simply have to look into the fstab.

sudo -s
cat /etc/fstab

Continue reading „BackUp your Raspberry PI3“

BackUp your Raspberry PI3

PHP errors corresponding to quotas

https://help.nextcloud.com/t/php-errors-corresponding-to-quotas/1631

I run nextcloud 9.0.52 based on Ubuntu 16.04, nginx 1.11.2, mariadb 10.0.25, PHP 7.0.4-7ubuntu2.1 on a raspberry pi3.

One User (admin) only uses local data the other users (e.g. user1) have mounted data (synology share) with a lot of available and remaining storage on the share (~ 650GB of 1,5TB in use). The data were mounted in fstab via cifs.

//synology/share /var/nc_data/user1/files cifs user,uid=33,rw,suid,username=user1,password=pwduser1,file_mode=0770,dir_mode=0770 0 0

Everything works as expected in nextcloud but if I restrict the quota to e.g. 1.5 TB for user1 and keep the admin-user with ‚unlimited‘-quota the following errors occurs. Continue reading „PHP errors corresponding to quotas“

PHP errors corresponding to quotas

Update Nginx and add NGX_CACHE_PURGE Module

Prepare your System for the build of NGINX

When you are finished your nextcloud will run on a raspberry pi 3, ubuntu 16.04, php7, redis,  and nginx v. 1.11.2. Nextclouds performance will increase significantly by using ngx_cache_purge. But please be aware, the the structure of nginx has changed.
Neither sites-available nor sites-enabled exists anymore after the default installation. But you just have to copy your previous nginx nextcloud-config-file to the nginx-folder /conf.d, then rename it to nextcloud.conf and it will work faster than before.


July 12th, 2016 – nginx.conf and nextcloud.conf were added


Continue reading „Update Nginx and add NGX_CACHE_PURGE Module“

Update Nginx and add NGX_CACHE_PURGE Module

nextcloud Update to 9.0.53

nextcloud Update from 9.0.5x to 9.0.53

A new release of nextcloud was announced (July, 18th): v 9.0.53. This minor nextcloud update is as easy as the earlierer updates, so please do not hesitate to apply this update! But before starting please backup your nextcloud. Thus set your nextcloud into maintenance mode via config.php or .occ first.


July 20th, 2016 – adjustments to releases, screenshots and working-directory (~/tmp)


Continue reading „nextcloud Update to 9.0.53“

nextcloud Update to 9.0.53

Increase security by harden raspberry

Your server more secure

With only few steps you can increase the security of your environment significantly. We do not use IPv6 thus we disabled IPv6 on the server as well in the ufw Firewall. Let’s harden our ubuntu on raspberry…


July 11th, 2016 – updates on apticron.conf
July 06th, 2016 – ufw ehancements and apticron were added


Continue reading „Increase security by harden raspberry“

Increase security by harden raspberry

nextcloud on Raspberry Pi3 with nginx, ssl & fail2ban

nextcloud Security

We will secure nextcloud using Let’sEncrypt-certificates with the goal to achieve an A+ rating from QUALYS SSL LABS.

&copy; 2016, rieger::CLOUD

It depends on a nextcloud-instance that is reachable and available over the internet using both,  TCP-Port 80 for http and 443 for https. After the successfull implementation of ssl we will forward the default http-port :80 to tcp-port :443 (ssl) … so let’s start.


July 10th, 2016 – Diffie-Hellman-Parameter with 4096 / new score at qualys_ssl_labs
July 07th, 2016 – nginx-configuration prior to the letsencrypt-request renewed, thx to Pseud
July 05th, 2016 – further fail2ban information were added
June 29th, 2016 – new configuration files were provided


Continue reading „nextcloud on Raspberry Pi3 with nginx, ssl & fail2ban“

nextcloud on Raspberry Pi3 with nginx, ssl & fail2ban

nextcloud on Raspberry Pi3 with nginx

nextcloud from scratch

Our goal is having an available nextcloud 9 instance based on a Raspberry Pi 3, ubuntu 16.04 lts, nginx 1.10, PHP 7 and MariaDB 10. We will also mount our NAS (Synology DS214+) to have access to all our personal data using CIFS.


July 20th, 2016 – enhancements for the permission.sh
July 9th, 2016 – new occ example
July 04th, 2016 – removed <noperm> from fstab – thx to Henrik
July 01st, 2016 – removed ‚php7.0-snmp‘ from section <Install PHP 7>
June 30th, 2016 – max upload size


Continue reading „nextcloud on Raspberry Pi3 with nginx“

nextcloud on Raspberry Pi3 with nginx

nextcloud-memcache.local / memcache.locking

Install redis for nextcloud

You can install REDIS-Server directly from the Ubuntu 16.04 LTS repository by using apt-get install. And with few steps only it is ready to use for nextcloud.


July 11th, 2016 – config.php (“ ‚ “ was missed on ‚password‘ => ‚yourpassword‚,)
June 30th, 2016 – security enhancements


Continue reading „nextcloud-memcache.local / memcache.locking“

nextcloud-memcache.local / memcache.locking