Example installation on OpenBSD
Warning
Nextcloud does not have official OpenBSD or other BSDs support
In this install tutorial we will be deploying Nextcloud on a minimal OpenBSD with our own httpd(8), PHP, PostgreSQL and redis (for -stable or -current are the same steps).
From a base installed OpenBSD system you can just do:
# pkg_add nextcloud
The extra packages:
# pkg_add postgresql-server redis pecl74-redis php-pdo_pgsql
This will take care of your dependencies and give you the options to choose which PHP version do you want.
HTTPD(8)
Create a virtualhost in /etc/httpd.conf
and add the following content to it:
server "domain.tld" {
listen on egress tls port 443
hsts max-age 15768000
tls {
certificate "/etc/ssl/domain.tld_fullchain.pem"
key "/etc/ssl/private/domain.tld_private.pem"
}
# Set max upload size to 513M (in bytes)
connection max request body 537919488
connection max requests 1000
connection request timeout 3600
connection timeout 3600
block drop
# Ensure that no '*.php*' files can be fetched from these directories
location "/nextcloud/config/*" {
block drop
}
location "/nextcloud/data/*" {
block drop
}
# Note that this matches "*.php*" anywhere in the request path.
location "/nextcloud/*.php*" {
root "/nextcloud"
request strip 1
fastcgi socket "/run/php-fpm.sock"
pass
}
location "/nextcloud/apps/*" {
root "/nextcloud"
request strip 1
pass
}
location "/nextcloud/core/*" {
root "/nextcloud"
request strip 1
pass
}
location "/nextcloud" {
block return 301 "$DOCUMENT_URI/index.php"
}
location "/nextcloud/" {
block return 301 "$DOCUMENT_URI/index.php"
}
location "/.well-known/carddav" {
block return 301 "https://$SERVER_NAME/nextcloud/remote.php/dav"
}
location "/.well-known/caldav" {
block return 301 "https://$SERVER_NAME/nextcloud/remote.php/dav"
}
location "/.well-known/webfinger" {
block return 301 "https://$SERVER_NAME/nextcloud/public.php?service=webfinger"
}
location match "/nextcloud/ocs-provider/*" {
directory index index.php
pass
}
}
Make sure that httpd(8) is enabled and started:
# rcctl enable httpd
# rcctl start httpd
PHP
Assuming that you are on OpenBSD -current (or >= 6.8-stable) you could use PHP 7.4 so I will keep this version, but the concept is the same for other version.
The PHP packages will be available since you installed Nextcloud with pkg_add, so you just need to adjust a bit your php.ini.
It is recommended to add opcache to it:
[opcache]
opcache.enable=1
opcache.memory_consumption=512
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.revalidate_freq=1
opcache.save_comments=1
And increase some limits:
post_max_size = 513M
upload_max_filesize = 513M
We can enable the PHP modules with:
# cd /etc/php-7.4.sample
# for i in *; do ln -sf ../php-7.4.sample/$i ../php-7.4/; done
And then we just enable and start PHP:
# rcctl enable php74_fpm
# rcctl start php74_fpm
Database
As mentioned, we will be using PostgreSQL as our database, and we already installed it, now we need to initialised:
$ su - _postgresql
$ mkdir /var/postgresql/data
$ initdb -D /var/postgresql/data -U postgres -A md5 -E UTF8 -W
...
Enter new superuser password: PASSWORD
Enter it again: PASSWORD
...
Success. You can now start the database server using:
pg_ctl -D /var/postgresql/data -l logfile start
$ pg_ctl -D /var/postgresql/data -l logfile start
server starting
$ exit
We need to check, enable and start postgres:
# rcctl check postgresql
# rcctl enable postgresql
# rcctl start postgresql
You can follow the README on /usr/local/share/doc/pkg-readmes/postgresql-server
to create users and permission.
Redis
We installed redis before, we need to enable it and start it and also add it to the Nextcloud conf:
# rcctl enable redis
# rcctl start redis
# mg /var/www/nextcloud/config/config.php
...
'memcache.local' => '\OC\Memcache\Redis',
'redis' => array(
'host' => 'localhost',
'port' => 6379,
'timeout' => 0.0,
),
...
Cron job
We need to add the Nextcloud cron job to get some tasks done by adding this entry on your cronjob:
*/5 * * * * /usr/bin/ftp -Vo - https://domain.tld/cron.php >/dev/null
Chroot
Since in OpenBSD httpd(8) works with a chroot(8) by default, we need to be sure that we have the relevant files into the /var/www jail:
# mkdir -p /var/www/etc/ssl
# install -m 444 -o root -g bin /etc/ssl/cert.pem /etc/ssl/openssl.cnf \
/var/www/etc/ssl/
# cp /etc/resolv.conf /var/www/etc
Nextcloud final steps
Now that we have all in place, you should go to your browser with your URL (I am assuming you have an SSL already installed):
https://domain.tld
Now you just need to follow the steps and put in place your DB name, usr and passwords.
Keep in mind that the upgrades for Nextcloud you can do it by running on -current:
# pkg_add -u -Dsnap
And on -stable:
# pkg_add -u
Then you just follow the steps from your browser.
NOTE
Remember always to read all the READMES from the OpenBSD packages on:
/usr/local/share/doc/pkg-readmes/
All this information and more is available for you there.