Hello everyone,
NC 13 requires MySQL/MariaDB, at least php 7.0 and Apache 2.4.
Synology disk station manager 6.1 provides php 7, Mariadb 5 and 10, and also Apache 2.4.
At the moment my NC 13 installation runs on php 5.6, Mariadb 5 and Apache 2.2
For future versions of NC ist seems crucial to install it on newer versions of these.
Has anybody sucessfully installed NC 13 on a synology machine with PHP 7 and Apache 2.4?
Any informations about that is welcome 
not on DSM, witch i don’t know, but on debian 9.3 .9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04)
/ apache 2.4.29 / php 7.0.27 / 10.1.26-MariaDB / mysqlnd 5.0.12
/ phpadmin 4.6.6deb4 / Redis server v=3.2.6 / HTTP2 /
Closed enough i think
I gave it a try.
I installed:
(with one of these, there came PHP 5.6 with it, but that doesn´t bother.)
I set up a separate data folder outside “web” folder.
I unpacked NC 13 into /web/nextcloud
Data Folder and nextcloud install folder are owned by user and group http
(chown -R http:http foldername)
Data Folder and nextcloud install folder are given full access for installation
(chmod -R 0777 foldername)
I gave MariaDB root user a password.
In the PHP part of Web Station : PHP-Cache is activated for PHP 7
In Web Station I set up a virtual host with HSTS activated.
On NC 13 setup screen, in MariaDB section I had to change ´localhost´to 127.0.0.1:3307 (Port is shown on MariaDB 10 setup in DSM)
NC runs. Success so far 
But it still complains HSTS not set and PHP Memory Cache not configured.
Maybe somebody has a bit more experience than me with these complaints?
HSTS can be configure in /etc/apache2/apache.conf for all vhost or need to be conf for all vhost conf:
exemple for a vhost with https + http1.2 + strong cypher + HSTS
<VirtualHost *:443> https ports
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html html root location
Protocols h2 http/1.1 http1.2 protocol called throught h2 because https enable. if no https then h2c
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/xxxxxxxxxxx/fullchain.pem # localisation of my sslcerts
SSLCertificateKeyFile /etc/letsencrypt/live/xxxxxxxxxx/privkey.pem # localisation of my sslcerts
Include /etc/letsencrypt/options-ssl-apache.conf # more option see below after --conf+
ServerName xxxxxxxxxxxxx
HSTS setting for nextcloud SEE WARNINGS BELOW AFTER EOF
Header always set Strict-Transport-Security “max-age=15768000; includeSubDomains”
modern configuration, tweak to your need STRONG CYPHERS ONLY SEE WARNINGS TWO
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
#SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDS$
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLHonorCipherOrder on
SSLCompression off
SSLSessionTickets off
SSLOptions +StrictRequire
OCSP Stapling, only in httpd 2.3.3 and later
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLStaplingCache shmcb:/var/run/ocsp(128000)
vim: syntax=apache ts=4 sw=4 sts=4 sr noet
------------conf±---------------- i have commented several ligne because some options are applied server wide and not only on vhost
Baseline setting to Include for SSL sites
SSLEngine on
Intermediate configuration, tweak to your needs
/#SSLProtocol all -SSLv2 -SSLv3
#SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AE$
#SSLHonorCipherOrder on
#SLCompression off
#SSLOptions +StrictRequire
#Add vhost name to log entries:
LogFormat “%h %l %u %t “%r” %>s %b “%{Referer}i” “%{User-agent}i”” vhost_combined
LogFormat “%v %h %l %u %t “%r” %>s %b” vhost_common
#CustomLog /var/log/apache2/access.log vhost_combined
#LogLevel warn
#ErrorLog /var/log/apache2/error.log
#Always ensure Cookies have “Secure” set (JAH 2012/1)
#Header edit Set-Cookie (?i)^(.)(;\ssecure)??((\s*;)?(.*)) “$1; Secure$3$4”
#EOF
WARNINGS:
1- vUsing strong cyphers will prohibit laccess to your server for “old” browser and maybe for some hardware.
For exemple, hardware incapable of dealing with keys => 128 bits will failed to access the server !!!
2- This does add extra security - particularly against cookie attacks, but it does depend on your whole domain only ever being server via HTTPS, so here is where you need to be a little more careful as this is potentially quite dangerous. It depends on all subdomains being on HTTPS. While this may seem obvious, this has large consequences if you set it at your top level domain (e.g. tunetheweb.com rather than www.tunetheweb.com) and websites have got it wrong in the past and, with a long expiry, than can spell disaster for your website if an incorrect policy gets loaded in many people’s browsers.Always use a lower value like 3600 (1h) for testing.
depending of your server conf, you may have multiples apache and php conf … each of them using or not a .htaccess file who might need tweaking too…
Hey guys,
I tried to install NC for the second time on my NAS DS416. The first time (NC12) I managed successfully an installation, but could not get rid of an error message (Apache 2.2. and php 5.6). Further down the road, access was impossible.
This time (NC13) I did not even get until the installation screen (tried all variants with Ap 2.2./2.4. and php 5.6 / 7 - same result).
Today, to get NC run on a DS you is definitely not something that an average DS User can do. If they could get an installatoin via the package center within DSM this would give them immediatly a million+ users more, as NC definitely is a very valuable tool!
Hi !
May i know how to solve this issue, when i change root to http "(chown -R http:http foldername) " it prompt = " nextcloud/3rdparty/guzzle’: Operation not permitted "
My is DSM 6.2
Thanks !