Nextcloud

Setup

Reference page for the Snap

1. sudo snap install nextcloud
2. Allow 80 and 443 in firewall
3. Edit trusted domain sudo nextcloud.occ config:system:set trusted_domains 1 --value=domain.example.com
4. sudo nextcloud.enable-https lets-encrypt
5. Add NAT translation on the home router
6. Add domain A record in my DNS zone
7. Setup Sendgrid for SMTP server

Other stuff

• Host X.X.X.X was not connected to because it violates local access rules. → Fix here
• Change trash bin configuration: see this article

Cloudflare Tunnel

• Goal: don’t expose Public IP, be protected against DDoS, avoid firewall set-up
• Introduction to Cloudflare Tunnel
• Setup
  1. Setup the Cloudflare Package Repo if needed
  2. Edit /etc/hosts file to add certificate DNS name to being able to self resolve it - and use this DNS name in the Cloudflare Tunnel Public Hostname (not localhost, you may end up with Error 502 as the certificate DNS and localhost won’t match)
  3. Follow the New Tunnel guide in the Cloudflare Tunnel dashboard
  4. Or if you want to do it manually
     1. Follow the step-by-step CLI guide
     2. Move configuration from ~/.cloudflared/ to /etc/cloudflared/ before running the tunnel

     3. Install cloudflared as a service:

         sudo cloudflared service install
         sudo systemctl start cloudflared
         sudo systemctl enable cloudflared
        

• Quick reference:
  • cloudflared tunnel list to list all tunnels

Integrations with other devices

Outlook calendar

Use Outlook CalDav Synchronizer - but untestes

Maintenance

Data

• sudo nextcloud.export -abc to export everything except user data
• sudo nextcloud.occ files:scan --all to force scan all files, useful to fix checksum issues
• sudo nextcloud.occ files:scan-app-data to force scan all app data
• User data are in /var/snap/nextcloud/common/

Backup

Based on How To Backup Nextcloud

1. Create ncbackup user

2. Edit /usr/sbin/ncbackup.sh with

    #!/bin/bash
    # Output to a logfile
    exec &> /home/ncbackup/Backups/Logs/"$(date '+%Y-%m-%d').txt"
    echo "Starting Nextcloud export..."
   
    # Run a Nextcloud backup without data (will be saved later with Duplicati)
    nextcloud.export -abc
    echo "Export complete"
   
    # Clean the Backup/Data folder
    rm -r /home/ncbackup/Backups/Data/*
    # Move backup from yyyymm... directory to our directory. 2* is used to filter out folder starting with 2, like 2020
    mv /var/snap/nextcloud/common/backups/2*/* /var/snap/nextcloud/common/backups/2*/.* /home/ncbackup/Backups/Data/
    # Remove backup folder
    rm -r /var/snap/nextcloud/common/backups/2*/
    echo "Nextcloud backup successfully moved to /home/ncbackup/Backups/Data/"
   
    # Remove logs older than 14 days
    find /home/ncbackup/Backups/Logs -mtime +14 -type f -delete
    echo "Removed old logs"
   
    echo "Nextcloud backup completed successfully."
   

3. Make the file executable sudo chmod +x /usr/sbin/ncbackup.sh
4. Allow the file to be executed without sudo interaction
   1. sudo visudo
   2. ncbackup ALL=(ALL) NOPASSWD: /usr/sbin/ncbackup.sh
5. Remove shell access from ncbackup user sudo usermod -s /sbin/nologin ncbackup
   • To add it back sudo usermod -s /bin/bash ncbackup
6. Schedule the backup
   1. Open crontab sudo crontab -u ncbackup -e
   2. Make the script run at 0200 every day 0 2 * * * sudo /usr/sbin/ncbackup.sh

Sources:

• Reference page for the Snap
• How To Setup A Nextcloud Server In Ubuntu
• OCC Command line tool
  • Most notably the config command instead of changing config.php
  • Get example: sudo nextcloud.occ config:system:get version
  • Set example: sudo nextcloud.occ config:system:set logtimezone --value="Europe/Berlin"

Good apps

Preview Generator for thumbnails

1. Suggested: change the preview generation behavior - great post here, I just changed quality to 70
2. Install from app store
3. sudo nextcloud.occ preview:generate-all
4. Make a script for that and schedule it

   1. Edit /usr/sbin/ncpreviewgenerator.sh with

       #!/bin/bash
       # Output to a logfile
       exec &> /home/ncbackup/PreviewGenerator/"$(date '+%Y-%m-%d %T').txt"
      
       echo "Starting Nextcloud Preview Generator (with logs)..."
       nextcloud.occ preview:pre-generate -vvv
       echo "Done."
      
       # Remove logs older than 14 days
       find /home/ncbackup/PreviewGenerator -mtime +14 -type f -delete
       echo "Removed old logs"
      
       echo "Nextcloud Preview Generator completed successfully."
      

   2. sudo chmod +x /usr/sbin/ncpreviewgenerator.sh
   3. sudo visudo
   4. ncbackup ALL=(ALL) NOPASSWD: /usr/sbin/ncpreviewgenerator.sh
   5. Remove shell access from ncbackup user sudo usermod -s /sbin/nologin ncbackup
   6. Schedule the backup
      1. Open crontab sudo crontab -u ncbackup -e
      2. Make the script run every 30 min 30 * * * * sudo /usr/sbin/ncpreviewgenerator.sh

Notes:

• Use -vvv argument to output each opened file

RainLoop Webmail

• Original project docs
• Rainloop-nextcloud project

1. Install plugin
2. Login to admin panel in root/index.php/apps/rainloop/app/
   1. Change admin password
   2. Add domain
3. Login with standard link using user mail and mail password
4. Enable automatic login in Settings > Additional Settings

Music

• Project GitHub

OVH Dynamic IP

OK, it’s not an app, just a script that I run every 6 hours.

You need to setup first a DynHost username - see this documentation and calculate the basic header.

#!/bin/bash
# Output to a logfile
exec &> /home/ncbackup/DDNS/"$(date '+%Y-%m-%d %T').txt"
echo "Starting DDNS update ..."

curl -i -H "Authorization: Basic COPY_YOUR_KEY_HERE=" ""https://www.ovh.com/nic/update?system=dyndns'&'hostname=DOMAIN.EXAMPLE.ORG""

# Remove logs older than 14 days
find /home/ncbackup/DDNS -mtime +14 -type f -delete
echo "Removed old logs"