Difference between revisions of "User:Pineadmin/OpenMediaVault"
m |
m (Fxc moved page OpenMediaVault to User:Pineadmin/OpenMediaVault: stub and outdated) |
||
(51 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
Please go through the [http://files.syabas.com/popcornhour/download/PopcornHourTransformerNAS_UserManual-20180122.pdf OpenMediaVault Basic Setup and all following chapters about OpenMediaVault] before proceed to the more advance setup below. | |||
== Dynamic DNS == | |||
[YOU CAN SKIP THIS IF YOU ARE USING STATIC IP ON YOUR INTERNET WAN OR YOU ALREADY KNOW HOW TO SETUP DYNAMIC DNS ON YOUR INTERNET MODEM/ROUTER] | |||
1. SSH to the device | |||
2. # apt-get install ddclient (no-ip.com example) | |||
* Dynamic DNS service provider: other | |||
* Dynamic DNS server: dynupdate.no-ip.com | |||
* Dynamic DNS update protocol: dyndns2 | |||
* Username for dynamic DNS service: <<<USERNAME/EMAIL>>> | |||
* Password for dynamic DNS service: <<<PASSWORD>>> | |||
* Re-enter password to verify: <<<PASSWORD>>> | |||
* Network interface used for dynamic DNS service: web | |||
* DynDNS fully qualified domain names: <<<CNAME>>>.ddns.net | |||
* Run ddclient on PPP connect? No | |||
* Run ddclient as daemon? Yes | |||
* Interval between ddclient runs: 300 | |||
# dpkg-reconfigure ddclient (To Re-run configuration wizard above) | |||
3. # nano /etc/ddclient.conf | |||
Change: use=if, if=web | |||
To: use=web, web=checkip.dyndns.com, web-skip='Current IP Address' | |||
########## | |||
protocol=dyndns2 | |||
< | use=web, web=checkip.dyndns.com, web-skip='Current IP Address' | ||
server=dynupdate.no-ip.com | |||
login=<<<USERNAME/EMAIL>>> | |||
password='<<<PASSWORD>>>' | |||
<<<CNAME>>>.ddns.net | |||
########## | |||
After edit, press [CTRL+x] => press [y] => press [Enter] to exit | |||
4. # systemctl restart ddclient (Restart ddclient after changed in configuration) | |||
5. Diagnostics: | |||
# ddclient -daemon=0 -debug -verbose -noquiet | |||
# systemctl status ddclient | |||
== NextCloud == | |||
Reference: https://forum.openmediavault.org/index.php/Thread/17738-NextCloud-Installation/ | |||
1. SSH to the device | |||
# apt-get update | |||
# apt-get upgrade | |||
* Configuring openmediavault => Press [Tab] => Press [Enter] on Ok | |||
# apt-get install php5-curl php5-gd | |||
2. Create the Shared Folders for all your Nginx's web pages | |||
* Name: www | |||
* Path: www/ | |||
* Click on the ACL | |||
** User/Groups permissions: Tick Read/Write for both www-data user and group | |||
** Set Owner / Group to Read/Write/Execute and Others to None | |||
3. Create the sub shared folder for your NextCloud web pages | |||
* Name: nextcloud | |||
* Path: www/nextcloud | |||
* Click on the ACL | |||
** User/Groups permissions: Tick Read/Write for both www-data user and group | |||
** Set Owner / Group to Read/Write/Execute and Others to None | |||
4. Go to System => Plugins => Tick openmediavault-nginx => Install | |||
5. Services => Nginx => Settings => Enable => Save => Apply | |||
</ | |||
6. Services => Nginx => Pools => Add | |||
* Name: pool_nextcloud | |||
* User: www-data | |||
* Group: www-data | |||
* Extra options: <<<Copy Texts In Between ########## Below>>> | |||
########## | |||
clear_env = no | |||
env[HOSTNAME] = $HOSTNAME | |||
env[PATH] = /usr/local/bin:/usr/bin:/bin | |||
env[TMP] = /tmp | |||
env[TMPDIR] = /tmp | |||
env[TEMP] = /tmp | |||
########## | |||
* Save => Apply | |||
7. Services => Nginx => Servers => Add | |||
* General | |||
** Directory: nextcloud | |||
* SSL | |||
** Enable SSL: Enable | |||
** Port: 91 | |||
** Certificate: <<<Select Created SSL Certificate>>> | |||
* System => Certificates => SSL => Add => Create (Set longer "Period of validity" if you do not want to renew the certificate too frequently) => Save => Apply | |||
** Only use SSL: Enable | |||
* PHP | |||
** Enable PHP: Enable | |||
** PHP-FPM Pool: pool_nextcloud | |||
* Extra options: <<<Copy Texts In Between ########## Below>>> | |||
########## | |||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; | |||
add_header X-Content-Type-Options nosniff; | |||
add_header X-Frame-Options "SAMEORIGIN"; | |||
add_header X-XSS-Protection "1; mode=block"; | |||
add_header X-Robots-Tag none; | |||
add_header X-Download-Options noopen; | |||
add_header X-Permitted-Cross-Domain-Policies none; | |||
location = /robots.txt { | |||
log_not_found off; | |||
allow all; | |||
access_log off; | |||
} | |||
# The following 2 rules are only needed for the user_webfinger app. | |||
# Uncomment it if you're planning to use this app. | |||
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last; | |||
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json | |||
# last; | |||
location = /.well-known/carddav { | |||
return 301 $scheme://$host/remote.php/dav; | |||
} | |||
location = /.well-known/caldav { | |||
return 301 $scheme://$host/remote.php/dav; | |||
} | |||
# set max upload size | |||
client_max_body_size 50G; | |||
fastcgi_buffers 64 4K; | |||
# Disable gzip to avoid the removal of the ETag header | |||
gzip off; | |||
# Uncomment if your server is build with the ngx_pagespeed module | |||
# This module is currently not supported. | |||
#pagespeed off; | |||
error_page 403 /core/templates/403.php; | |||
error_page 404 /core/templates/404.php; | |||
location / { | |||
rewrite ^ /index.php$uri; | |||
} | |||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { | |||
deny all; | |||
} | |||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { | |||
deny all; | |||
} | |||
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { | |||
fastcgi_split_path_info ^(.+\.php)(/.*)$; | |||
include fastcgi_params; | |||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |||
fastcgi_param PATH_INFO $fastcgi_path_info; | |||
fastcgi_param HTTPS on; | |||
#Avoid sending the security headers twice | |||
fastcgi_param modHeadersAvailable true; | |||
fastcgi_param front_controller_active true; | |||
fastcgi_pass $socket; | |||
fastcgi_intercept_errors on; | |||
} | |||
location ~ ^/(?:updater|ocs-provider)(?:$|/) { | |||
try_files $uri/ =404; | |||
index index.php; | |||
} | |||
# Adding the cache control header for js and css files | |||
# Make sure it is BELOW the PHP block | |||
location ~* \.(?:css|js|woff|svg|gif)$ { | |||
try_files $uri /index.php$uri$is_args$args; | |||
add_header Cache-Control "public, max-age=7200"; | |||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; | |||
add_header X-Content-Type-Options nosniff; | |||
add_header X-Frame-Options "SAMEORIGIN"; | |||
add_header X-XSS-Protection "1; mode=block"; | |||
add_header X-Robots-Tag none; | |||
add_header X-Download-Options noopen; | |||
add_header X-Permitted-Cross-Domain-Policies none; | |||
# Optional: Don't log access to assets | |||
access_log off; | |||
} | |||
location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ { | |||
try_files $uri /index.php$uri$is_args$args; | |||
# Optional: Don't log access to other assets | |||
access_log off; | |||
} | |||
########## | |||
8. Go to System => Plugins => Tick openmediavault-mysql => Install | |||
9. Services => MySQL => Enable => Save => Apply => Reset Password | |||
10. Go to https://nextcloud.com/ => Download => Get Nextcloud Server => Download => Web Installer (Bottom Tab) => Download setup-nextcloud.php to your PC | |||
11. Use FTP/SAMBA/etc to transfer setup-nextcloud.php to www/nextcloud/ | |||
12. Go to https://<<<DEVICE_IP>>>:91/setup-nextcloud.php | |||
* Please add exception for the self-signed certificate if your browser prompt you to do so | |||
* Next | |||
* Dependency check: Enter a single "." => Next | |||
* Wait until: 504 Gateway Time-out | |||
13. Go to https://<<<DEVICE_IP>>>:91/ (Retry again if you get 404) | |||
* Click on Storage & database => MySQL/MariaDB | |||
** Database user: root | |||
** Database password: <<<Password Reset On Step #10>>> | |||
** Database name: nextcloud | |||
** Database host: localhost | |||
* Finish setup | |||
14. Services => Nginx => Servers => Edit | |||
* PHP => Default config: Disable | |||
15. Go to https://<<<DEVICE_IP>>>:91/ | |||
16. If installation failed on step #12 onwards: | |||
* Remove all the folders/files/hidden files in www/nextcloud/* through FTP/SAMBA/etc (Note that, removing 13,000+ files may take a while) | |||
** Services => MySQL => SQL management site => Enable => Save => Apply => Show | |||
* Tools => Database Manager => tick "nextcloud" and "DROP selected databases" => Submit | |||
** Start over again from step #12 | |||
17. Setup the [[#Dynamic DNS|Dynamic DNS]] if you need to access your NextCloud through internet. Then, on your internet modem/router: Port Forward to the device with port 91 |
Latest revision as of 13:43, 5 February 2023
Please go through the OpenMediaVault Basic Setup and all following chapters about OpenMediaVault before proceed to the more advance setup below.
Dynamic DNS
[YOU CAN SKIP THIS IF YOU ARE USING STATIC IP ON YOUR INTERNET WAN OR YOU ALREADY KNOW HOW TO SETUP DYNAMIC DNS ON YOUR INTERNET MODEM/ROUTER]
1. SSH to the device
2. # apt-get install ddclient (no-ip.com example)
- Dynamic DNS service provider: other
- Dynamic DNS server: dynupdate.no-ip.com
- Dynamic DNS update protocol: dyndns2
- Username for dynamic DNS service: <<<USERNAME/EMAIL>>>
- Password for dynamic DNS service: <<<PASSWORD>>>
- Re-enter password to verify: <<<PASSWORD>>>
- Network interface used for dynamic DNS service: web
- DynDNS fully qualified domain names: <<<CNAME>>>.ddns.net
- Run ddclient on PPP connect? No
- Run ddclient as daemon? Yes
- Interval between ddclient runs: 300
- dpkg-reconfigure ddclient (To Re-run configuration wizard above)
3. # nano /etc/ddclient.conf
Change: use=if, if=web To: use=web, web=checkip.dyndns.com, web-skip='Current IP Address'
########## protocol=dyndns2 use=web, web=checkip.dyndns.com, web-skip='Current IP Address' server=dynupdate.no-ip.com login=<<<USERNAME/EMAIL>>> password='<<<PASSWORD>>>' <<<CNAME>>>.ddns.net ##########
After edit, press [CTRL+x] => press [y] => press [Enter] to exit
4. # systemctl restart ddclient (Restart ddclient after changed in configuration)
5. Diagnostics:
- ddclient -daemon=0 -debug -verbose -noquiet
- systemctl status ddclient
NextCloud
Reference: https://forum.openmediavault.org/index.php/Thread/17738-NextCloud-Installation/
1. SSH to the device
- apt-get update
- apt-get upgrade
- Configuring openmediavault => Press [Tab] => Press [Enter] on Ok
- apt-get install php5-curl php5-gd
2. Create the Shared Folders for all your Nginx's web pages
- Name: www
- Path: www/
- Click on the ACL
- User/Groups permissions: Tick Read/Write for both www-data user and group
- Set Owner / Group to Read/Write/Execute and Others to None
3. Create the sub shared folder for your NextCloud web pages
- Name: nextcloud
- Path: www/nextcloud
- Click on the ACL
- User/Groups permissions: Tick Read/Write for both www-data user and group
- Set Owner / Group to Read/Write/Execute and Others to None
4. Go to System => Plugins => Tick openmediavault-nginx => Install
5. Services => Nginx => Settings => Enable => Save => Apply
6. Services => Nginx => Pools => Add
- Name: pool_nextcloud
- User: www-data
- Group: www-data
- Extra options: <<<Copy Texts In Between ########## Below>>>
########## clear_env = no env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp ##########
- Save => Apply
7. Services => Nginx => Servers => Add
- General
- Directory: nextcloud
- SSL
- Enable SSL: Enable
- Port: 91
- Certificate: <<<Select Created SSL Certificate>>>
- System => Certificates => SSL => Add => Create (Set longer "Period of validity" if you do not want to renew the certificate too frequently) => Save => Apply
- Only use SSL: Enable
- PHP
- Enable PHP: Enable
- PHP-FPM Pool: pool_nextcloud
- Extra options: <<<Copy Texts In Between ########## Below>>>
########## add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; location = /robots.txt { log_not_found off; allow all; access_log off; } # The following 2 rules are only needed for the user_webfinger app. # Uncomment it if you're planning to use this app. #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json # last; location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } # set max upload size client_max_body_size 50G; fastcgi_buffers 64 4K; # Disable gzip to avoid the removal of the ETag header gzip off; # Uncomment if your server is build with the ngx_pagespeed module # This module is currently not supported. #pagespeed off; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location / { rewrite ^ /index.php$uri; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; #Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_pass $socket; fastcgi_intercept_errors on; } location ~ ^/(?:updater|ocs-provider)(?:$|/) { try_files $uri/ =404; index index.php; } # Adding the cache control header for js and css files # Make sure it is BELOW the PHP block location ~* \.(?:css|js|woff|svg|gif)$ { try_files $uri /index.php$uri$is_args$args; add_header Cache-Control "public, max-age=7200"; add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Optional: Don't log access to assets access_log off; } location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ { try_files $uri /index.php$uri$is_args$args; # Optional: Don't log access to other assets access_log off; } ##########
8. Go to System => Plugins => Tick openmediavault-mysql => Install
9. Services => MySQL => Enable => Save => Apply => Reset Password
10. Go to https://nextcloud.com/ => Download => Get Nextcloud Server => Download => Web Installer (Bottom Tab) => Download setup-nextcloud.php to your PC
11. Use FTP/SAMBA/etc to transfer setup-nextcloud.php to www/nextcloud/
12. Go to https://<<<DEVICE_IP>>>:91/setup-nextcloud.php
- Please add exception for the self-signed certificate if your browser prompt you to do so
- Next
- Dependency check: Enter a single "." => Next
- Wait until: 504 Gateway Time-out
13. Go to https://<<<DEVICE_IP>>>:91/ (Retry again if you get 404)
- Click on Storage & database => MySQL/MariaDB
- Database user: root
- Database password: <<<Password Reset On Step #10>>>
- Database name: nextcloud
- Database host: localhost
- Finish setup
14. Services => Nginx => Servers => Edit
- PHP => Default config: Disable
15. Go to https://<<<DEVICE_IP>>>:91/
16. If installation failed on step #12 onwards:
- Remove all the folders/files/hidden files in www/nextcloud/* through FTP/SAMBA/etc (Note that, removing 13,000+ files may take a while)
- Services => MySQL => SQL management site => Enable => Save => Apply => Show
- Tools => Database Manager => tick "nextcloud" and "DROP selected databases" => Submit
- Start over again from step #12
17. Setup the Dynamic DNS if you need to access your NextCloud through internet. Then, on your internet modem/router: Port Forward to the device with port 91