11 Setup Script (en) - sunweaver/nextcloud-high-performance-backend-setup GitHub Wiki

Installation

Install the following packages on the freshly installed Debian server: apt install openssh-server unzip wget sudo nano jq

You download the installation script file using “wget” to a directory on your server and unzip it there: wget -O latest.zip $(wget -q -O - 'https://api.github.com/repos/sunweaver/nextcloud-high-performance-backend-setup/releases/latest' | jq -r '.zipball_url')

Unpack the files with: unzip latest.zip

Then go to the folder: cd sunweaver-nextcloud-high-performance-backend-setup-*

With 'ls -lha' you should get the following view:

01hpbsetup

Switch to root user: su root

( Optional ) You now have the option of entering all settings in a settings file beforehand. Of course, this saves paperwork if you want to run the script again. To do this, read Installation mit Einstellungsdatei

Installation

Start the installation with the command sudo ./setup-nextcloud-hpb.sh

Now the first selection menu opens in which you can choose whether you want to install the Talk Server and Collabora Office or just one or the other. This can make sense in larger environments. We recommend installing both on one server first

02hpbsetup

03hpbsetup

In the following dialog you must enter the domain of the server on which the script is running. The script will later create a Let's Encrypt certificate for this domain so that all communication between Nextcloud and the server is encrypted. In our example here this is the domain “nc-workhorse.examle.org” :

04hpbsetup

Here the script gives you the opportunity to adjust the storage location for the keys you have now created. By default, the file is created in the script directory as “nextcloud-hpb.secrets” .

05hpbsetup

Here you can enter your email address and a mail server so that the server can also send you status information. Please enter the following data so that the appropriate smart host can be configured on the server in msmtp :

  • E-Mail-Adresse (für Let's Encrypt)

Smarthost Data Mailserver:

  • Passwort
  • Benutzername
  • Mailserver
  • Port

Here you enter the email address to which the system will then send the messages. This email address is also stored with Let's Encrypt.

06hpbsetup

Here you now enter the password for the SMTP account through which the system should send the emails.

07hpbsetup

Here you now enter the user name (e.g. [email protected] ) of the SMTP account through which the system should send the emails.

08hpbsetup

Here you now enter the SMTP mail server through which the emails should be sent.

09hpbsetup

Here you now enter the port (default is 587) for SMTP mail server. You can only use the script to configure SMTP servers that allow TLS encryption.

10hpbsetup

In the following dialog, please confirm the Let's Encrypt certificate. This is necessary so that your Nextcloud instance and the server can communicate encrypted:

11hpbsetup

In the following dialog you can deactivate SSH access. By default we would recommend not disabling it. But if you want to secure the server even better, you can simply switch off SSH access here:

12hpbsetup

Depending on the Debian version, you can choose here whether the package is installed or whether everything is created/built from the sources. For Debian versions below 13 (Trixie), we recommend building from the package sources.

13hpbsetup

Now the script runs, configures and installs everything automatically. Once everything has gone through, you will receive a summary with all the data.

14hpbsetup

Installation with settings file

Edit the settings.sh-file with:

nano settings.sh

All setting options are explained here and in the file (but in English).

Exit via STRG+X the Nano editor. Follow the instructions at the bottom of the screen.

Start the installation with the command:

sudo ./setup-nextcloud-hpb.sh settings.sh

Output

As an output, you will receive all the keys and URLs that you need for the Nextcloud extension. Here you can see an example output, which was also saved in the “nextcloud-hpb.secrets” file in the installation folder. You may enter this data in your Nextcloud under Settings in the Talk and Nextcloud Office module. See here: (https://github.com/sunweaver/nextcloud-high-performance-backend-setup/wiki/03-Nextcloud-Einstellung)

15hpbsetup

Please enter the keys and URLs in the Nextcloud. You can find the appropriate instructions here

Settings explained in the settings file

  • DRY_RUN: If true, then nothing is really changed in the system.
  • UNATTENDED_INSTALL: If true, then as many questions as possible are left out. However, it may be that (especially when starting for the first time)
  • NEXTCLOUD_SERVER_FQDNS: The domain of the Nextcloud server. Several can be specified here, separated by commas.
  • SERVER_FQDN: The domain of the high-performance backend server.
  • SSL_*: Please don't change it. Unless you know what you're doing (otherwise look at source code).
  • DHPARAM_PATH: Please don't change it. Unless you know what you're doing (otherwise look at source code).
  • SHOULD_INSTALL_*: Controls whether this package should be installed (applies only if UNATTENDED_INSTALL=true).
  • SIGNALING_BUILD_FROM_SOURCES: hould signaling (and its dependencies) be built directly from the sources? (Instead of installing from public Debian repositories).
  • LOGFILE_PATH: Saves the complete text output by the script. This is very useful for the developers if they want to create an Bugreport erstellen möchten.
  • TMP_DIR_PATH: Files important for the script are temporarily stored in this folder.
  • SECRETS_FILE_PATH: File name where the Output geshould be saved.
  • SMTP E-Mail Config: Please enter the email provider details provided here!
    • EMAIL_USER_ADDRESS: Email adresse
    • EMAIL_USER_PASSWORD: password
    • EMAIL_USER_USERNAME: Username (usually also email address)
    • EMAIL_SERVER_HOST: Domain of the mail server
    • #EMAIL_SERVER_PORT: mostly 25 oder 587
  • #DISABLE_SSH_SERVER: Should the SSH server (openssh-server) be turned off?
  • DNS_RESOLVER: Own DNS resolver server.

Services and log files

Query services status: sytemctl status nginx systemctl status nextcloud-spreed-signaling.service systemctl status janus.service systemctl status nats-server.service systemctl status coturn.service

View log files: journalctl -u nginx -f tail -f /var/log/nginx/access.log tail -f /var/log/nginx/error.log

journalctl -u nextcloud-spreed-signaling -f journalctl -u janus -f journalctl -u nats-server -f journalctl -u coturn.service -f

Advanced Logs:

To do this, install the following: apt install rsyslog logrotate apt install rsyslog logrotate

less /var/log/syslog + STRG+F To end: STRG+C + q