That being said I take no responsibility if you cause damage or have issues with your pi afterwards. Again this is a collections of info put in order for an easy smooth install.
Any real superuser feel free to make this a script and send it out should make the process much easier for people that way.
This is turn key. When you are done you will have a complete install with all the basic functions enabled and ready.
This tutorial uses the following files and versions. I did the best I could to make sure I worked with everything as up to date at possible at the time of this writing. (Make it a total pain to complete.) If done correctly you can have one up if a couple hours instead of days like to took me.
2016-05-27-raspbian-jessie/NextCloud 10.0.0.0/PHP7/Apache2/MariaBD version?
A couple preinstall things you can do to make life easier later are. If your router supports static mapping via DHCP thats really handy. Otherwise you will have to set one up on the pi yourself. I will not go in to that on this tutorial. You will need a named address so you can get a SSL Cert I use www.no-ip.com (Only because I've been with them for years.) make sure it points to your house . If you have a decent router it will support a client with them and keep that address point correct. If yours doesn't support that you can always get a linux or windows client to do that for you. If you don't have a computer that stays in all the time I would install it on the Pi it self and the site has instructions to do so. Next if your router supports DNS Resolver/Forwarder set it up to forward all internal requests for the external Named site to point to the internal address. This solves Many problems with the Cert later. If your router doesn't do these things check out http://dd-wrt.com/site/support/router-database and see if you can upgrade your router to a better OS.
Installation.
Download the image and write it to your card. (I assume if you are attempting this you know how to do that if not https://www.raspberrypi.org/documentati ... /README.md.)
Insert the SD in the Pi 2/3 Hook up all the cables except power. (This tutorial is made to work with a wired connection on wifi you may experience slower rates or disconnectivity issues. If you want wifi feel free to google that yourself first before continueing)
If you can have the external hard drive wiped of all partitions as we will create them in the tutorial. If not we can delete the partitions in linux. (Just easier to use GPARTED -=Linux=- or diskpart -=windows=-)
On first boot (while you will do most of this from SSH I recommend using the GUI for this part) run Raspbian Config.
Setup all your main settings Keyboard/Timezone/Location ect. after a reboot you can make this a headless box if you like.
I however like to have TOP Running in a terminal window to see the usage of the processor and ram. Doesn't Hurt.
If possible use the SSH Client to log in from a computer for the rest of this tutorial. If you can't or prefer not to you can do all the work from with in the terminal but when writing the script you will have much more typing to do. Also is you can't cut and paste the command in to the terminal you might not get the intended results.
once in lets get admin status with the following command
Code: Select all
sudo su
Code: Select all
umount /dev/sda1
umount /dev/sda2
umount /dev/sda3
umount /dev/sda4
Code: Select all
fdisk /dev/sda
Press d
if it asks for a partition number you must repeat the process until the drive is wiped of all partitions
then press w
Code: Select all
fdisk /dev/sda
press n
press 1
press enter 2x
press w
Code: Select all
mke2fs -t ext4 -L rootfs /dev/sda1
Code: Select all
mount /dev/sda /mnt
Code: Select all
apt-get install rsync
Code: Select all
sudo rsync -axv / /mnt
Code: Select all
cp /boot/cmdline.txt /boot/cmdline.orig
Code: Select all
nano /boot/cmdline.txt
in the end my line looks like this
Code: Select all
dwc_otg.lpm_enable=0 console=serial0,115200 console=tty1 root=/dev/sda1 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait rootdelay=5
Code: Select all
nano /mnt/etc/fstab
Code: Select all
proc /proc proc defaults 0 0
/dev/sda1 / ext4 defaults,noatime 0 1
/dev/mmcblk0p1 /boot vfat defaults 0 2
#/dev/mmcblk0p2 / ext4 defaults,noatime 0 1
Code: Select all
shutdown -r now
once in the box regain root with this
Code: Select all
sudo su
Code: Select all
nano /etc/dphys-swapfile
Run the following to make use of the change
Code: Select all
sudo dphys-swapfile setup
sudo /etc/init.d/dphys-swapfile stop
sudo /etc/init.d/dphys-swapfile start
get all the system updates
Code: Select all
apt-get update
apt-get upgrade -y
apt-get dist-upgrade -y
rpi-update
apt-get autoremove
SSH back in and get root
Code: Select all
sudo su
Code: Select all
apt-get install apache2 -y
Code: Select all
nano /etc/apt/sources.list
Code: Select all
deb http://mirrordirector.raspbian.org/raspbian/ stretch main contrib non-free rpi
Code: Select all
nano /etc/apt/preferences
Code: Select all
Package: *
Pin: release n=jessie
Pin-Priority: 600
Code: Select all
apt-get update
apt-get install -t stretch php7.0 php7.0-curl php7.0-gd php7.0-fpm php7.0-cli php7.0-opcache php7.0-mbstring php7.0-xml php7.0-zip -y
apt-get install php7.0-APC -y
apt-get install mysql-server php7.0-mysql -y
a2enmod proxy_fcgi setenvif
a2enconf php7.0-fpm
service apache2 reload
apt-get install libxml2-dev php-zip php-dom php-xmlwriter php-xmlreader php-gd php-curl php-mbstring -y
a2enmod rewrite
service apache2 reload
apt-get install mariadb-server -y
cd /var/www/html
nano index.html
Code: Select all
<meta http-equiv="refresh" content="0; URL='http://MY.NEXTCLOUD.NAMEDADDRESS.COM/nextcloud'" />
Code: Select all
cd /var/www/
wget https://download.nextcloud.com/server/releases/nextcloud-10.0.0.zip
unzip nextcloud-10.0.0.zip
rm nextcloud-10.0.0.zip
cd /
mkdir CloudDATA
cd /home/pi
nano permissions.sh
Code: Select all
#!/bin/bash
ocpath='/var/www/nextcloud'
htuser='www-data'
htgroup='www-data'
rootuser='root'
printf "Creating possible missing Directories\n"
mkdir -p $ocpath/data
mkdir -p $ocpath/assets
mkdir -p $ocpath/updater
printf "chmod Files and Directories\n"
find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640
find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750
printf "chown Directories\n"
chown -R ${rootuser}:${htgroup} ${ocpath}/
chown -R ${htuser}:${htgroup} ${ocpath}/apps/
chown -R ${htuser}:${htgroup} ${ocpath}/assets/
chown -R ${htuser}:${htgroup} ${ocpath}/config/
chown -R ${htuser}:${htgroup} ${ocpath}/data/
chown -R ${htuser}:${htgroup} /CloudDATA/
chown -R ${htuser}:${htgroup} ${ocpath}/themes/
chown -R ${htuser}:${htgroup} ${ocpath}/updater/
chown -R ${htuser}:${htgroup} /tmp
chmod +x ${ocpath}/occ
printf "chmod/chown .htaccess\n"
if [ -f ${ocpath}/.htaccess ]
then
chmod 0644 ${ocpath}/.htaccess
chown ${rootuser}:${htgroup} ${ocpath}/.htaccess
fi
if [ -f ${ocpath}/data/.htaccess ]
then
chmod 0644 ${ocpath}/data/.htaccess
chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess
fi
Code: Select all
chmod +x permissions.sh
sudo ./permissions.sh
Code: Select all
cd /etc/apache2/sites-available
nano nextcloud.conf
Code: Select all
Alias /nextcloud "/var/www/nextcloud/"
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
Code: Select all
ln -s /etc/apache2/sites-available/nextcloud.conf /etc/apache2/sites-enabled/nextcloud.conf
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime
a2enmod ssl
a2ensite default-ssl
service apache2 reload
Code: Select all
mysql -u root -p
Code: Select all
CREATE DATABASE nextcloud;
CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'PASSWORD';
GRANT ALL PRIVILEGES ON nextcloud.* TO nextclouduser@localhost;
EXIT
Code: Select all
apt install git -y
cd /etc
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
sudo ./letsencrypt-auto
crontab -e
Code: Select all
* 1 * * 1 /etc/certbot-auto renew --quiet
open a browse and go to the named address you created earlier it should take you to your cloud.
Enter the name and password you will use as the site administrator
Change the Data Folder to the following
Code: Select all
/CloudDATA
Code: Select all
nextclouduser
PASSWORD
nextcloud
Code: Select all
sudo nano /var/www/nextcloud/config/config.php
Code: Select all
'memcache.local' => '\OC\Memcache\APC',
apt-get clean
Set File size limit
Code: Select all
cd /var/www/nextcloud
nano .htaccess
Change both to the size you want if in Gigs use a G instead of the M
Code: Select all
nano .user.ini
Change these to the same size you used before and don't forget to change to a G if in Gigs
Now harden the box as much as I know how by preventing Man in the Middle Attacks
Code: Select all
cd /etc/apache2
nano apache2.conf
Code: Select all
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
</IfModule>
Code: Select all
shutdown -r now
Done and Enjoy. Everything is all set and you can configure the rest to your liking on the site.