2021-03-02 16:38:38 +00:00
# Nextcloud
2020-06-26 23:47:19 +00:00
2021-03-02 17:55:58 +00:00
[![Build Status ](https://drone.autonomic.zone/api/badges/coop-cloud/nextcloud/status.svg )](https://drone.autonomic.zone/coop-cloud/nextcloud)
2020-09-27 23:21:14 +00:00
2022-03-16 11:46:34 +00:00
Fully automated luxury Nextcloud via docker-swarm.
2020-09-08 23:21:30 +00:00
2021-03-02 16:38:38 +00:00
<!-- metadata -->
* **Category**: Apps
2021-11-23 10:19:05 +00:00
* **Status**: 2, beta
* **Image**: [`nextcloud` ](https://hub.docker.com/_/nextcloud ), 4, upstream
2021-03-02 16:38:38 +00:00
* **Healthcheck**: Yes
* **Backups**: No
2021-11-23 10:19:05 +00:00
* **Email**: 3
* **Tests**: 2
* **SSO**: 1 (OAuth)
2021-03-02 16:38:38 +00:00
<!-- endmetadata -->
2023-03-22 16:47:06 +00:00
## Quick start
2020-09-08 00:38:09 +00:00
2021-03-02 16:38:38 +00:00
2023-03-22 16:47:06 +00:00
* `abra app new nextcloud`
* `abra app config <app-name>`
* `abra app secret insert <app-name> smtp_password v1 <SMTP_PASSWORD>`
* `abra app secret generate -a <app-name>`
* `abra app deploy <app-name>`
2023-03-13 18:07:49 +00:00
2023-03-22 16:47:06 +00:00
### Onlyoffice Integration
2023-03-13 18:07:49 +00:00
2023-03-22 16:47:06 +00:00
`abra app config <app-name>`
2023-03-13 18:07:49 +00:00
Configure the following envs:
```
COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yml"
ONLYOFFICE_URL=https://onlyoffice.example.com
SECRET_ONLYOFFICE_JWT_VERSION=v1
```
2023-03-22 16:47:06 +00:00
`abra app secret insert <app-name> onlyoffice_jwt v1 <jwt_secret>`
`abra app cmd <app-name> app install_onlyoffice`
2023-03-13 18:07:49 +00:00
2023-03-22 16:47:06 +00:00
### BBB Integration
2023-03-13 18:07:49 +00:00
2023-03-22 16:47:06 +00:00
`abra app config <app-name>`
2023-03-13 18:07:49 +00:00
Configure the following envs:
```
COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yml"
BBB_URL=https://talk.example.org/bigbluebutton/ # trailing slash!
SECRET_BBB_SECRET_VERSION=v1
```
2023-03-22 16:47:06 +00:00
`abra app secret insert <app-name> bbb_secret v1 <bbb_secret>`
`abra app cmd <app-name> app install_bbb`
### Authentik Integration
`abra app config <app-name>`
Configure the following envs:
```
COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yml"
AUTHENTIK_USER_PREFIX=authentik
AUTHENTIK_DOMAIN=authentik.example.com
AUTHENTIK_SECRET_NAME=authentik_example_com_nextcloud_secret_v1 # the same as in authentik
AUTHENTIK_ID_NAME=authentik_example_com_nextcloud_id_v1 # the same as in authentik
```
`abra app cmd <app-name> app set_authentik`
### Disable Dashboard
Disable dashboard app since it is so corporate:
`abra app config <app-name>`
Configure the following envs:
```
OCC_CMDS="app:disable dashboard"
```
`abra app cmd <app-name> app post_install_occ`
## Running `occ`
`abra app cmd <app-name> app run_occ '"user:list --help"'`
## Default user files
- Follow [these docs ](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/default_files_configuration.html ) to set the default files list for each user in the Files app
## Default App
- Configure a `defaultapp` in your `config.php` or use [apporder ](https://apps.nextcloud.com/apps/apporder )
## Upgrading Nextcloud apps
`abra app cmd <app-name> app run_occ '"app:update --all"'`
2023-03-13 18:07:49 +00:00
2021-10-30 15:40:00 +00:00
2022-03-24 01:17:29 +00:00
## How do I fix a Nextcloud version snafu?
`Exception: Updates between multiple major versions and downgrades are unsupported.`
Solution:
- Look at log files to determine the old Nextcloud version
- Change your local `~/.abra/recipes/nextcloud/compose.yml` to the highest minor
version in the old version -- e.g. choose `22.2.5` for `22` , if you're
upgrading to `23` .
- Then, do one of (both bad):
1. `abra app deploy --chaos ...` , then `app run` to go in and manually lower the version number in PHP (shell in, `apt install vim-core && vi version.php` ), then try `php ./occ upgrade`
2. `abra app undeploy ...` , `abra volume rm` , CAREFULLY only choose the volume
ENDING `_nextcloud` , then `abra app deploy --chaos ...` , then edit the
`compose.yml` to add `entrypoint: ['tail', '-f', '/dev/null']` to `app` ,
then `app deploy --chaos` again, then `app run --user=www-data ... app bash` to get in and run `./occ maintenance:repair` , and `./occ upgrade` .
- Change `compose.yml` to the new version number; `git checkout compose.yml`
- `abra app deploy --force`
- This wasn't even multiplle major versions was it 😾
2021-10-30 15:40:00 +00:00
## How do I integrate with Keycloak SSO?
Use [this plugin ](https://github.com/pulsejet/nextcloud-oidc-login ). Unlike the plugin it's forked from, there is no configuration UI, so you'll need to edit `/var/www/html/config/config.php` :
```
'oidc_login_client_id' => 'nextcloud',
'oidc_login_client_secret' => 'mysecret',
2023-04-07 20:40:58 +00:00
'oidc_login_provider_url' => 'https://example.com/realms/myrealm',
2021-10-30 15:40:00 +00:00
'oidc_login_disable_registration' => false,
'oidc_login_hide_password_form' => true,
'oidc_login_button_text' => 'Log in with your myssodomain',
'oidc_login_default_group' => 'mygroup',
'oidc_login_attributes' =>
array (
'id' => 'sub',
'name' => 'name',
'mail' => 'email',
),
'oidc_create_groups' => true,
```
You can use [this trick ](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/ ) (see "Cryptic Usernames" work-around) to get proper usernames.
If you ever need to change the realm, you'll need to reset the cache with:
```
docker exec -u www-data < container-id > php occ config:app:delete oidc_login last_updated_well_known
docker exec -u www-data < container-id > php occ config:app:delete oidc_login last_updated_jwks
```
2022-03-16 11:46:34 +00:00
## How do I enable multiple SSO login buttons?
We've been able to get this setup by using the [social login ](https://apps.nextcloud.com/apps/sociallogin ) plugin.
If using Keycloak, you'll want to do [this trick ](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/ ) also.
2021-10-30 15:40:00 +00:00
## How can I customise the CSS?
There is some basic stuff in the admin settings.
To go a little deeper, you can use [this handy app ](https://apps.nextcloud.com/apps/theming_customcss ).
Here is an example CSS config which hides the local login and makes space for a central image:
```css
#body-login .wrapper main form[name="login"],
#body-login .wrapper main form[name="login"] ~ a {
display: none;
}
#body-login .logo {
visibility: hidden;
}
#body-login #alternative-logins a.button[href*="oidc"] {
background: #233b4a ;
color: #fff ;
transition: all 0.2s ease-in-out;
}
#body-login #alternative-logins a.button[href*="oidc"]:hover {
background: linear-gradient(-35deg, #233b4a 40%, #486c83 100%);
}
#body-login #alternative-logins a.button[href*="/sociallogin/oauth/google"] {
border: 0;
color: #db4437 !important;
background-color: #fff ;
}
#body-login
#alternative -logins
a.button[href*="/sociallogin/oauth/google"]::before {
width: 25px;
background-color: #db4437 ;
border-radius: 100%;
background-size: 60%;
background-position: center;
height: 25px;
vertical-align: middle;
margin-right: 4px;
}
#body-login main {
padding: 50vh 0 0 0;
}
#body-login a[href*="#body-login"] {
visibility: hidden;
}
#body-login footer a,
#body-login footer p {
color: #233b4a ;
}
#body-login footer a:hover {
color: #fff ;
}
#body-login footer p.info {
text-shadow: none;
}
```
2021-06-06 17:35:20 +00:00
2020-09-08 23:21:30 +00:00
[nextcloud-docker]: https://hub.docker.com/_/nextcloud/
2020-09-27 23:21:14 +00:00
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
2021-03-02 17:55:58 +00:00
[`coop-cloud/traefik`]: https://git.autonomic.zone/coop-cloud/traefik
2022-08-03 08:50:15 +00:00
## Using [`previewgenerator`](https://github.com/nextcloud/previewgenerator) app
2022-08-03 10:39:31 +00:00
> Beware, this appp has been known to not work...
2022-08-03 08:50:15 +00:00
After you install, enable etc. then you need to run the generation (**warning**: it can take a long time!):
```
abra app run < domain > app bash -u www-data
./occ preview:generate-all
```
To set up the cron to run again, there is [no clear solution in the context of
containers](https://github.com/nextcloud/previewgenerator/issues/1). So, a
pretty dodgy hack is to run it from the system directly:
```
root@foo.com /etc/cron.hourly $ cat foo-com-preview-generate
#!/bin/bash
2022-08-03 08:51:35 +00:00
docker exec -u www-data $(docker ps -f name=foo_com_app -q) ./occ preview:pre-generate
2022-08-03 08:50:15 +00:00
```
This app will improve performance of image browsing at the cost of storage space.