yum update
yum -y install nginx wget unzip mariadb mariadb-server
yum --disableexcludes=main install libxslt.x86_64
##Depot Remi php72 requis
yum install php-common php-gmp php-intl php-imap php-opcache php-fpm php-cli php-gd php-mcrypt php-mysqlnd php-pear php-xml php-mbstring php-pdo php-json php-pecl-apcu php-pecl-apcu-devel php-zip
#Upgrade MARIADB 5.5 â 10
#How to Upgrade MariaDB 5.5 to MariaDB 10.0 on CentOS 7
mysqldump -u âuserâ -p --all-databases > all_databases.sql
systemctl stop mysql
yum remove mariadb-server mariadb mariadb-libs
yum clean all
yum -y install MariaDB-server MariaDB-client postfix
systemctl start mysql
systemctl enable mysql
#mysql_upgrade ou mysql_secure_installation â Upgrade if exist DATABASE or secure_installation for new database
##Création certificat auto-signé
mkdir -p /var/certs/nginx
openssl req -new -x509 -sha512 -days 3650 -key /var/certs/nginx/key.pem -out /var/certs/nginx/cert.pem
openssl genrsa 4096 >> /var/certs/nginx/key.pem
openssl dhparam 4096 -out /var/certs/nginx/dh4096.pem
chmod 700 /var/certs/nginx
chmod 600 /var/certs/nginx/*
##Edition de la configuration Nginx.conf
##Configuration PHP-FPM
nano /etc/php-fpm.conf
[global]
; Pid file
; Default Value: none
pid = /run/php-fpm/php-fpm.pid
nano /etc/php-fpm.d/www.conf
In line 8 and 10, change user and group to ânginxâ.
user = nginx
group = nginx
In line 22, make sure php-fpm is running under server port.
listen = 127.0.0.1:9000
Uncomment line 366-370 to activate the php-fpm system environment variables.
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
##Activation APCACHE/CGI
nano /etc/php.ini
#Affiche la version de PHP utilisée sur votre serveur
expose_ph = Off
cgi.fix_pathinfo=1
; Local Variables:
apc.enable_cli = 1
; tab-width: 4
; End:
##Activation OpCache
nano /etc/php.d/10-opcache.ini
zend_extension=opcache.so
opcache.enable=1
opcache.enable_cli=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.revalidate_freq=1
##Configuration MYSQL
[server]
#skip-name-resolve
innodb_buffer_pool_size = 128M
innodb_buffer_pool_instances = 1
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 32M
innodb_max_dirty_pages_pct = 90
query_cache_type = 1
query_cache_limit = 2M
query_cache_min_res_unit = 2k
query_cache_size = 64M
tmp_table_size= 64M
max_heap_table_size= 64M
slow-query-log = 1
slow-query-log-file = /var/log/mysql/slow.log
long_query_time = 1
[mysqld]
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci
binlog_format = MIXED
datadir=/var/lib/mysql
symbolic-links=0
##Enable 4-byte support
innodb_large_prefix=true
innodb_file_format=barracuda
innodb_file_per_table=1
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
nano /etc/my.cnf.d/client.cnf
[client]
default-character-set = utf8mb4
##Modification des droits sur Nginx
chown -R nginx:nginx /etc/nginx/
##Test de la configuration
nginx -t
##restart et démarrage auto des services
systemctl restart nginx
systemctl restart php-fpm
systemctl restart mysql
systemctl enable php-fpm
systemctl enable nginx
systemctl enable mysql
Now configure the MariaDB root password.
mysql_secure_installation
mysql -u root -p
Type Password
Type in the mysql query below to create a new database and a new user.
CREATE DATABASE nextcloud_db CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
create user nextclouduser@localhost identified by âMDPâ;
grant all privileges on nextcloud_db.* to nextclouduser@localhost identified by âMDPâ;
flush privileges;
##Récupération de nextcloud
cd /tmp
wget https://download.nextcloud.com/server/releases/latest.tar.bz2
tar -xvf latest.tar.bz2
mv nextcloud/ /usr/share/nginx/html/
cd /usr/share/nginx/html/
mkdir /media/HDD2/nextcloud/data ##DATA nextcloud
##Configuration nextcloud avec Nginx
nano /etc/nginx/conf.d/nextcloud.conf
upstream php-handler {
server unix:/var/run/nextcloud.sock;
}
server {
listen 80;
server_name domaine;
#enforce https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name domaine;
access_log /var/log/nginx/nextcloud.log;
ssl on;
ssl_certificate /etc/letsencrypt/live/domaine/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domaine/privkey.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/domaine/fullchain.pem;
ssl_stapling on; #Requires nginx >= 1.3.7
ssl_stapling_verify on; #Requires nginx => 1.3.7
include /etc/nginx/ssl.conf;
#Path to the root of your installation
root /usr/share/nginx/html/nextcloud/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
#The following 2 rules are only needed for the user_webfinger app.
#Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
#last;
location = /.well-known/carddav {
return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
}
#set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4k;
#Disable gzip to avoid the removal of the ETag header
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
#Uncomment if your server is build with the ngx_pagespeed module
#This module is currently not supported.
#pagespeed off;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location / {
rewrite ^ /index.php$request_uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/((?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
try_files $fastcgi_script_name =404;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/(?:updater|oc[ms]-provider)(?:$|\/){
try_files $uri/ =404;
index index.php;
}
#Adding the cache control header for js and css files
#Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
#Add headers to serve security related headers (It is intended to
#have those duplicated to the ones above)
#Before enabling Strict-Transport-Security headers please read into
#this topic first.
#add_header Strict-Transport-Security "max-age=15768000;
#includeSubDomains; preload;";
#
#WARNING: Only add the preload option once you read about
#the consequences in https://hstspreload.org/. This option
#will add the domain to a hardcoded list that is shipped
#in all major browsers and getting removed from this list
#could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
#Optional: Don't log access to assets
access_log off;
}
location ~* \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
try_files $uri /index.php$request_uri;
#Optional: Don't log access to other assets
access_log off;
}
location ^~ /apps/rainloop/app/data {
deny all;
}
##########Collabora Online##########
#static files
location ^~ /loleaflet {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Host $http_host;
}
#WOPI discovery URL
location ^~ /hosting/discovery {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Host $http_host;
}
#Capabilities
location ^~ /hosting/capabilities {
proxy_pass https://localhost:9980;
proxy_set_header Host $http_host;
}
#main websocket
location ~ ^/lool/(.*)/ws$ {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}
#download, presentation and image upload
location ~ ^/lool {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Host $http_host;
}
#Admin Console websocket
location ^~ /lool/adminws {
proxy_pass https://127.0.0.1:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
proxy_read_timeout 36000s;
}
}
# Installation de Cerbot for Nginx (SSL)
yum install certbot-nginx
#Création certificat
certbot --nginx -d example.com --rsa-key-size 4096 (example.com represente le nom de domaine)
#Création Diffie-Hellman Parameters
openssl dhparam 4096 -out /var/certs/nginx/dhparam.pem
#Intégration des sécurité SSL dans /etc/nginx/ssl.conf
nano /etc/nginx/ssl.conf
##SSL
#ssl_ecdh_curve secp384r1; # Si nginx pas récent ou openssl > 1.1.0+
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_dhparam /etc/nginx/cert/dhparam.pem; # utiliser si ecdh non disponible.
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
#ssl_ciphers TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:EECDH+AESGCM:EECDH+CHACHA20:EECDH+AES256:AES256+EDH:!aNULL:!SHA;
#ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384';
ssl_ecdh_curve secp521r1:secp384r1:prime256v1;
#Resolver DNS FDN
resolver 80.67.169.12 80.67.169.40 valid=300s;
resolver_timeout 3s;
##HSTS
#Cette en-tĂȘte permet d'Ă©viter le vol de cookies et le downgrade SSL
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
#Eviter de se faire piller son site
add_header X-Robots-Tag "none" always;
# Evite que le contenu soit interprété différemment que définit dans le mime Type
add_header X-Content-Type-Options "nosniff" always;
#Protection contre le clickjacking
add_header X-Frame-Options "SAMEORIGIN" always;
#Protection contre les failles X-XSS
add_header X-XSS-Protection "1; mode=block" always;
#Faille spécifique à IE8
add_header X-Download-Options "noopen" always;
# Interdire l'embarquement de tout ou partie de votre site dans un site ou logiciel tiers
add_header X-Permitted-Cross-Domain-Policies "none" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
add_header Referrer-Policy "no-referrer" always;
add_header Feature-Policy "geolocation 'self'";
#Renew certificat
crontab -e
5 4 * * 1 /usr/bin/certbot renew --quiet
18 4 * * 1 /usr/bin/systemctl reload nginx
This tells cron to attempt to renew your certificates every Monday morning at 4:15 AM and reload NGINX 3 minutes later.
##Isolation nexcloud
#voir Ubuntu 22.04 â Installation de Nextcloud (Nginx, PHP7-FPM, MariaDB et SSL/TLS) â HowTo Wared
#Création User nextcloud
sudo adduser nextcloud
sudo chown -R nextcloud:nginx /usr/share/nginx/html/nextcloud
sudo chown -R nextcloud:nginx /media/HDD2/nextcloud
sudo chmod -R o-rwx /usr/share/nginx/html/nextcloud
sudo chmod -R o-rwx /media/HDD2/nextcloud
#Configuration Php-FPM for nextcloud
nano /etc/php-fpm.d/nextcloud.conf
[nextcloud]
listen = /var/run/nextcloud.sock
listen.owner = nextcloud
listen.group = nginx
user = nextcloud
group = nginx
pm = ondemand
pm.max_children = 56
pm.process_idle_timeout = 60s
pm.max_requests = 500
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
request_terminate_timeout = 300
php_value[error_log] = /var/log/php-fpm/nextcloud-error.log
php_flag[log_errors] = On
php_value[memory_limit] = 512M
php_value[open_basedir] =/dev/:/tmp/:/var/lib/php/:/usr/share/nginx/html/nextcloud/:/media/HDD2/nextcloud/:/dev/urandom:/var/run/clamd.scan/:/proc/meminfo
php_value[upload_tmp_dir] = /media/HDD2/nextcloud/tmp/
php_value[max_input_time] = 3600
php_value[max_execution_time] = 3600
php_value[disable_functions] = passthru,exec,popen,phpinfo,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session/nextcloud
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache/nextcloud
php_value[opcache.file_cache] = /var/lib/php/opcache/nextcloud
php_value[upload_max_filesize] = 10G
php_value[post_max_size] = 10G
php_flag[file_uploads] = On
php_flag[allow_url_fopen] = On
systemctl enable php-fpm.service
systemctl restart nginx mysql php-fpm
##Edition des droits pour nextcloud
yum -y install policycoreutils-python
chown nextcloud:nginx -R /usr/share/nginx/html/nextcloud/
chown nextcloud:nginx -R /media/HDD2/nextcloud/
#DATA nextcloud
#Préparation des droits
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/media/HDD2/nextcloud(/.)?â
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u '/usr/share/nginx/html/nextcloud/config(/.)?â
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/usr/share/nginx/html/nextcloud/apps(/.)?â
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/usr/share/nginx/html/nextcloud/.htaccessâ
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/usr/share/nginx/html/nextcloud/.user.iniâ
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/var/log/onlyoffice/documentserver/nginx.error.logâ
/sbin/semanage fcontext -a -t clamd_var_run_t -s system_u '/var/run/clamd.nextcloud(/.)?â
#Application des droits Selinux (R: Recursif; v : Verbose; F : Application context + user)
/sbin/restorecon -RvF â/usr/share/nginx/html/nextcloud/â
/sbin/restorecon -RvF â/media/HDD2/nextcloud/â
/sbin/restorecon -RvF â/var/log/onlyoffice/documentserver/nginx.error.logâ
/sbin/restorecon -RvF â/var/run/clamd.nextcloud/â
setsebool -P httpd_can_sendmail on
sudo -u nextcloud sed -i âs/upload_max_filesize=./upload_max_filesize=10240M/" /usr/share/nginx/html/nextcloud/.user.ini
sudo -u nextcloud sed -i "s/post_max_size=./post_max_size=10240M/â /usr/share/nginx/html/nextcloud/.user.ini
sudo -u nextcloud sed -i âs/output_buffering=.*/output_buffering=âOffâ/â /usr/share/nginx/html/nextcloud/.user.ini
##Configuration nextcloud (WEB)
- Créate Admin User Nextcloud
- Storage : /media/HDD2/nextcloud/data
- DATABASE : MariaDB
- USER/MDP/BDD/localhost
##Optimisation nextcloud
nano /usr/share/nginx/html/nextcloud/config/config.php
Ajouter :
âloglevelâ => 3,
âlogfileâ => â/media/HDD2/nextcloud/data/nextcloud.logâ,
âlogdateformatâ => âF d, Y H:i:sâ,
âlogtimezoneâ => âEurope/Berlinâ,
âcron_logâ => true,
âmemcache.localâ => â\OC\Memcache\APCuâ,
âmemcache.lockingâ => â\OC\Memcache\Redisâ,
âpreview_max_xâ => 1024,
âpreview_max_yâ => 768,
âpreview_max_scale_factorâ => 1,
âredisâ =>
array (
âhostâ => â/var/run/redis/redis-server.sockâ,
âportâ => 0,
âtimeoutâ => 0.0,
#next row only, if set in redis.conf before!
âPasswordâ => ââ,
),
âauth.bruteforce.protection.enabledâ => false,
âupdatecheckerâ => true,
âupdater.server.urlâ => âhttps://updates.nextcloud.com/updater_server/â,
âupdater.release.channelâ => âstableâ,
âtrashbin_retention_obligationâ => âauto, 7â,
âtempdirectoryâ => â/media/HDD2/nextcloud/tmpâ,
âenable_previewsâ => true,
âenabledPreviewProvidersâ =>
array (
0 => âOC\Preview\PNGâ,
1 => âOC\Preview\JPEGâ,
6 => âOC\Preview\MP3â,
7 => âOC\Preview\TXTâ,
9 => âOC\Preview\Movieâ,
10 => âOC\Preview\MSOffice2003â,
11 => âOC\Preview\MSOffice2007â,
12 => âOC\Preview\MSOfficeDocâ,
13 => âOC\Preview\OpenDocumentâ,
14 => âOC\Preview\PDFâ,
),
sudo -u nextcloud php /usr/share/nginx/html/nextcloud/occ config:app:set --value=â32 64 1024â previewgenerator squareSizes
sudo -u nextcloud php /usr/share/nginx/html/nextcloud/occ config:app:set --value=â64 128 1024â previewgenerator widthSizes
sudo -u nextcloud php /usr/share/nginx/html/nextcloud/occ config:app:set --value=â64 256 1024â previewgenerator heightSizes
sudo -u nextcloud php /usr/share/nginx/html/nextcloud/occ preview:generate-all
systemctl restart nginx php-fpm
##Execution du cron pour lâoptimisation de nextcloud
mkdir /var/lib/nginx
chown nginx:nginx /var/lib/nginx
crontab -u nextcloud -e
*/15 * * * * php -f /usr/share/nginx/html/nextcloud/cron.php
@daily php -f /usr/share/nginx/html/nextcloud/occ preview:pre-generate >> /var/log/previewgenerator.log"
touch /var/log/previewgenerator.log
chown nextcloud:nextcloud /var/log/previewgenerator.log
##Add support utf8mb4 nextcloud
cd /usr/share/nginx/html/nextcloud
sudo -u nextcloud php occ config:system:set mysql.utf8mb4 --type boolean --value=âtrueâ
sudo -u nextcloud php occ maintenance:repair
##Depuis lâinterface Web :
Installer lâapplication : TOTP (double authentification)
- ParamĂštres personnel de lâutilisateur/Activer la double authentification (Avec Google Authentificator) â Sauvegarde clĂ© de rĂ©cupĂ©ration.
- GĂ©nĂ©rer un mot de passe âApplicationâ pour le client Desktop âNextcloudâ
#update nextcloud :
- Via shell
cd /usr/share/nginx/html/nextcloud
sudo -u nextcloud php updater/updater.phar
sudo -u nextcloud php occ maintenance:mode --off
#Upgrading to Nextcloud 13 :
#With Nextcloud 13 we added a new index to the share table which should result in significant performance improvements:
sudo -u nextcloud php occ db:add-missing-indice
#With Nextcloud 13 we switched to bigint for the file IDâs in the file cache table:
sudo -u nextcloud php occ db:convert-filecache-bigint
#Upgrading to Nextcloud 14/15 :
cd /usr/share/nginx/html/nextcloud
sudo -u nextcloud php updater/updater.phar
sudo -u nextcloud php occ maintenance:mode --off
sudo -u nextcloud occ upgrade
sudo chown -R nextcloud:nginx /usr/share/nginx/html/nextcloud
sudo chown -R nextcloud:nginx /media/HDD2/nextcloud
sudo chmod -R o-rwx /usr/share/nginx/html/nextcloud
sudo chmod -R o-rwx /media/HDD2/nextcloud
find /usr/share/nginx/html/nextcloud/ -type d -exec chmod 750 {} ;
find /usr/share/nginx/html/nextcloud/ -type f -exec chmod 640 {} ;
#Préparation des droits
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/media/HDD2/nextcloud(/.)?â
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u '/usr/share/nginx/html/nextcloud/config(/.)?â
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/usr/share/nginx/html/nextcloud/apps(/.)?â
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/usr/share/nginx/html/nextcloud/.htaccessâ
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/usr/share/nginx/html/nextcloud/.user.iniâ
/sbin/semanage fcontext -a -t httpd_sys_rw_content_t -s system_u â/var/log/onlyoffice/documentserver/nginx.error.logâ
/sbin/semanage fcontext -a -t clamd_var_run_t -s system_u '/var/run/clamd.nextcloud(/.)?â
#Application des droits Selinux (R: Recursif; v : Verbose; F : Application context + user)
/sbin/restorecon -RvF â/usr/share/nginx/html/nextcloud/â
/sbin/restorecon -RvF â/media/HDD2/nextcloud/â
/sbin/restorecon -RvF â/var/log/onlyoffice/documentserver/nginx.error.logâ
/sbin/restorecon -RvF '/var/run/clamd.nextcloud/
#RĂ©paration nextcloud
sudo -u nextcloud php /usr/share/nginx/html/nextcloud/occ db:add-missing-indice
sudo -u nextcloud php /usr/share/nginx/html/nextcloud/occ maintenance:repair
sudo -u nextcloud php /usr/share/nginx/html/nextcloud/occ maintenance:data-fingerprint
sudo -u nextcloud php /usr/share/nginx/html/nextcloud/console.php files:scan --all
##Install Collabora Online: Collabora
##Install OnlyOffice onlyoffice
###############################
Error :
LOOP â File permissions in /var/lib/php/ are all wrong if you are using NginX.
chown nginx:nginx /var/lib/php/session/
chown root:nginx /var/lib/php/wsdlcache/
chown root:nginx /var/lib/php/opcache/
WOPI HOST Error â Delete âadd_header Content-Security-Policyâ
Else : chmod -R 777 /var/lib/php/session
Error PDF Viewer â add_header X-Frame-Options âSAMEORIGINâ;
Error update nextcloud.log â Supprimer le fichier nextcloud.log
Erreur cron php : Fatal Error Unable to create lock file: Bad file descriptor â chown root:root tmp && chmod 777 -R tmp/