Nextcloud 13.0.2 for Odroid C2 (Nextcloud1302.img)

OdroidC2 image with Nextcloud 13.0.2


First download my Nextcloud 13.0.2 image for OdroidC2 from here: Nextcloud 13.0.2 image for Odroid C2 version 2.1new (487 MB)

The image consists of:

  • Ubuntu 16.04.4 LTS 64 Bit
  • NGINX 1.14
  • Nextcloud 13.0.2 (stable)
    • Nextcloud cronjobs enabled
    • cronjob for a regulary, daily backup enabled
    • several scripts are stored in the /root directory
  • PHP 7.2.x
  • MariaDB (utf8mb4)
  • Redis
  • fail2ban
  • ufw (:80 http // :443 https // :2211 SSH)
  • letsencrypt
  • openssl 1.1.0h
  • htop
  • cronjobs
  • 2.2 GB on eMMC are in use

Updated: May, 07th, 2018:
– updated to NGINX 1.14, PHP 7.2.5 and applied all changes from the Nextcloud 13 Installation guide


Plug your eMMC to your Desktop and search for your eMMC via

sudo -s
fdisk -l

At my environment the eMMC is called “/dev/mmcblk0“. Extract the previously downloaded image:

unxz Nextcloud1302.img.xz

Then prepare your eMMC for acting as your server, therefore clone the image to your eMMC:

dd if=Nextcloud1302.img of=/dev/mmcblk0 status=progress

Wait a few minutes until the prompt will be back again and the card was already written for you. Now unplug the eMMC module from your desktop and plug the card to your ODROID-C2.

From Windows you can prepare the Odroid C2 using the Win32 Disk Imager Tool:

The ODROID-C2 will be reachable via ssh. Please search for the dhcp adress given by your router.

Examplarily you can connect using ssh as that (substitute 192.168.2.118 to your IP!)

ssh nextcloud@192.168.2.118 -p2211

or using putty

or (if your monitor and keyboard are plugged in to your Odroid C2) connect directly.

Login as user “nextcloud” using the password “nextcloud“. Please be aware, the user “root” is disabled for security reasons, but nextcloud is a member of the sudoers group. So please use sudo -s to act as a privileged user.

First logon with the following user credentials:

user: nextcloud
password: nextcloud

Please consider to change the nextcloud password directly:

sudo passwd nextcloud

Now change from your current dhcp IP to a static IP adress. An example can be found at

cat /etc/network/interfaces.d/eth0.example

Backup your etho and substitute the network values properly

cp  /etc/network/interfaces.d/eth0 /etc/network/interfaces.d/eth0.bak
vi  /etc/network/interfaces.d/eth0

to examplarily these:

auto eth0
iface eth0 inet static
 address 192.168.2.118
 netmask 255.255.255.0
 gateway 192.168.2.1
 dns-nameservers 192.168.2.1

Then reboot your server

shutdown -r now

and re-connect to your server using your new static IP.

The image was written to a ~ 2.7 GB partition. Regardless of whether your eMMC has 8GB, 16GB or more GB your partition will be resized using my two scripts:

sudo -s
/root/01resize.sh

Your server will reboot automatically. Please login again and execute the second script by issuing:

sudo -s
cd /root/
./02resize.sh

Verify that the entire Disk space is used:

df -h

After the last automatic reboot your partition has been expanded to the entire available disk space. Your Nextcloud is already reachable at

https://odroid64/login
(or https://your-ip/login)

Logon to your Nextcloud as Administrator (nextcloud_root)

user: nextcloud_root
password: nextcloud_root 

and change the password directly. Then re-logon to your Nextcloud and have a look at all the pre-enabled apps:

Enabled:
– admin_audit: 1.3.0
– apporder: 0.4.1
– bruteforcesettings: 1.0.3
– calendar: 1.6.1
– comments: 1.3.0
– contacts: 2.1.3
– dav: 1.4.6
– federatedfilesharing: 1.3.1
– files: 1.8.0
– files_downloadactivity: 1.2.0
– files_pdfviewer: 1.2.1
– files_sharing: 1.5.0
– files_texteditor: 2.5.1
– files_trashbin: 1.3.0
– files_versions: 1.6.0
– files_videoplayer: 1.2.0
– gallery: 18.0.0
– logreader: 2.0.0
– lookup_server_connector: 1.1.0
– nextcloud_announcements: 1.2.0
– notifications: 2.1.2
– oauth2: 1.1.0
– password_policy: 1.3.0
– provisioning_api: 1.3.0
– serverinfo: 1.3.0
– sharebymail: 1.3.0
– systemtags: 1.3.0
– theming: 1.4.1
– twofactor_backupcodes: 1.2.3
– twofactor_totp: 1.4.1
– updatenotification: 1.3.0
– workflowengine: 1.3.0
Disabled:
– activity
– encryption
– federation
– files_external
– firstrunwizard
– survey_client
– user_external
– user_ldap


If you have a dyndns for your server and your router already forwards port 80 and 443 to your server, you could request ssl-certificates by running

letsencrypt certonly -a webroot --webroot-path=/var/www/letsencrypt --rsa-key-size 4096 -d YOUR.DEDYN.IO

Replace YOUR.DEDYN.IO to your DYNDNS properly!

Adjust the ssl.conf

vi /etc/nginx/ssl.conf

and replace the self-signed certificates to the letsencrypt-certificates

#ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
#ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
ssl_certificate /etc/letsencrypt/live/YOUR.DEDYN.IO/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/YOUR.DEDYN.IO/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/YOUR.DEDYN.IO/fullchain.pem;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!AES128';
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;

Replace YOUR.DEDYN.IO to your DYNDNS properly!

Then amend your config.php

sudo -u www-data vi /var/www/nextcloud/config/config.php

with regards to the trusted domains.

array (
0 => 'odroid64',
1 => 'YOUR.DEDYN.IO',
),

Replace YOUR.DEDYN.IO to your DYNDNS properly!

Then restart nginx

service nginx restart

and your Nextcloud is reachable from outside and has an A+ ranking! From this point you should disable the graphical environment to release hundrets of MB RAM.

sudo -s cp /media/boot/boot.ini /media/boot/boot.ini.bak
vi /media/boot/boot.ini

Set setenv nographics from „0“ to “1”

# Server Mode (aka. No Graphics)
# Setting nographics to 1 will disable all video subsystem
# This mode is ideal of server type usage. (Saves ~300Mb of RAM)
setenv nographics "1"

 

Reboot your Server and the GUI will be disabled. Only round about 300MB of 1.7 GB available RAM are allocated.

The MariaDB-Root password isn’t set yet. Please perform

mysql_secure_installation

and set a root password as simple as that. If you want to restart all Nextcloud related services in an ordered scenario, just call

sudo /root/restart.sh

and all relevant Services

will be restarted. You will either find other scripts in /root

  • 01resize.sh (for initial usage only)
  • 02resize.sh (for initial usage only)
  • backup.sh (regulary backup, cronjob daily at 00:01)
  • fail2ban.sh (overview of ssh and nextcloud status)
  • permissions.sh (apply all permissions required by Nextcloud)
  • renewal.sh (to renew your letsencrypt-certificates)
  • restart.sh (restart all relevant services)
  • stop.sh (stop all services)
  • update.sh (update, upgrade and cleaning)

Hope you will enjoy Nextcloud on your Odroid C2!

Don’t forget to Backup your Nextcloud

Find more instructions here: Nextcloud Backup and Restore



Carsten Rieger

Carsten Rieger

Carsten Rieger is a senior system engineer in full-time and also working as an IT freelancer. He is working with linux environments for more than 13 years, an Open Source enthusiast and highly motivated on linux installation and troubleshooting. Mostly working with Debian/Ubuntu Linux, Nginx and Apache web server, MariaDB/MySQL/PostgreSQL, PHP, Cloud infrastructure (e.g. Nextcloud) and other open source projects (e.g. Roundcube) and in voluntary work for the Dr. Michael & Angela Jacobi Stiftung for more than 6 years.

18 Responses

  1. laurent says:

    hello , your work is nice ! I would install it but I have probleme with my eMMc ,

    last years If I remember , I erase partition on emmc because I don’t know it need boot …

    maybe do you have an idea ? I can’t open it with cfdisk, gparted, etcher not work too, partition table will be wrong and I don’t know how acces it or made it

    actually I have

    mmcblk1 179:0 0 7,3G 0 disk
    mmcblk1boot0 179:8 0 4M 1 disk
    mmcblk1boot1 179:16 0 4M 1 disk

    If I launch “dd if=img.. ” on /dev/mmcblk1 , I don’t have error but odroid won’t start

    thanks

  2. Albrecht says:

    Wondering why I wasn’t able to ssh into the Odroid C2 nextcloud box I found the ssh service listening on port 2211 instead of the usual port 22. So “ssh nextcloud@my_ip -p 2211” did the trick.

  3. Dim83fr says:

    Hi,

    Big thanks for your work.
    Is there a way to make it work on a SD card inside ODroidC2 ?

    • Sure, just replace the value in this statement dd if=Nextcloud1302.img of=/dev/mmcblk0 status=progress accordingly to your sd-card. Should work similar but i recommend a eMMC.

  4. Wayne Gregori says:

    Letsencrypt problem: I get an error that I may have a firewall problem… I think the problem is that nginx is not configured to accept calls to port 80..

    this command fails: curl -IkL -m20 http://cloud.gregorigroup.com/test
    this one works: curl -IkL -m20 http://cloud.gregorigroup.com:443/test

    Any ideas?

  5. wayne says:

    Carsten,
    I’ve downloaded the image using wget… I needed to use the –continue restart a couple of times but I’ve got it now. I burned the imaged to the emmc drive and booted. It booted fine but there is no cursor in my command line interface… I went online to see how I can clear this up but I did not find much info. Any ideas?

  6. wayne says:

    I’m afraid that I cannot get the download to complete properly. Is there another source I can try?

  7. wayne says:

    Thank you!

  8. Derber Mohikaner says:

    This is what the Founding Fathers meant by “concise” and “helpful”!
    This is the first “how to” I followed which worked like a charm and delivered!
    Thanks Carsten!

  9. piet says:

    Does this work on a Raspberry Pi2?

Leave a Reply

Your email address will not be published. Required fields are marked *