> On 17. May 2019, at 18:11, Bruno Flueckiger <[email protected]> wrote:
>
>> On 16.05., Gonzalo L. Rodriguez wrote:
>> Hallo,
>>
>> Update for Nextcloud to 16.0.1:
>>
>> https://nextcloud.com/changelog/
>>
>> While here I added imagick.
>>
>> OK? Comments?
>>
>> Cheers.-
>>
>> --
>>
>> - gonzalo
>
> Hi Gonzalo,
>
> I've tested the fresh installation. Opening the new Nextcloud in the
> browser for the first time gives me an error message from Nextcloud. At
> the top of the window I see the string:
>
> $CONFIG = array ( 'integrity.check.disabled' => true,);
This is a known issue, it is because of „occ“
>
> Looks like Nextcloud cannot handle the config file during the first
> call. As soon as I refresh the page in the browser I get the first time
> installation dialog as expected. I haven't figured out how to get rid of
> this.
>
> After a fresh installation the list of security and setup warnings in
> Nextcloud is pretty long. Some of the warnings can be silenced by
> changes to /etc/httpd.conf. I've attached a diff for the README file.
>
> Nextcloud complains that all the subdirectories in
> /var/www/nextcloud/apps/ are not owned by the user www. I've attached a
> diff for pkg/PLIST which prevents this.
I don’t want 3rdparty apps to write stuff there even if nextcloud complain
about it, maybe if you do this, you want to block on pf.conf „www“ user to get
internet?
>
> Cheers,
> Bruno
>
> Index: pkg/README
> ===================================================================
> RCS file: /cvs/ports/www/nextcloud/pkg/README,v
> retrieving revision 1.12
> diff -u -p -r1.12 README
> --- pkg/README 11 Mar 2019 15:43:46 -0000 1.12
> +++ pkg/README 16 May 2019 17:44:27 -0000
> @@ -28,7 +28,7 @@ The HTTP server must be able to resolve
> The configuration of an SQLite database path is set relatively to the chroot
> in
> Nextcloud which will break background jobs run by cron(8) (see below).
> A symlink can be created to workaround this issue:
> - # ln -f ${INSTDIR} /nextcloud
> + # ln -sf ${INSTDIR} /nextcloud
>
> OpenBSD HTTP daemon
> -------------------
> @@ -48,23 +48,27 @@ server "domain.tld" {
> key "/etc/ssl/private/domain.tld_private.pem"
> }
>
> + directory index index.php
So far you don’t need this.
> # First deny access to the specified files
> - location "/.ht*" { block }
> - location "/.user*" { block }
> - location "/3rdparty*" { block }
> - location "/README" { block }
> - location "/autotest*" { block }
> - location "/build*" { block }
> - location "/config*" { block }
> - location "/console*" { block }
> - location "/data*" { block }
> - location "/db_*" { block }
> - location "/indie*" { block }
> - location "/issue*" { block }
> - location "/lib*" { block }
> - location "/occ*" { block }
> - location "/templates*" { block }
> - location "/tests*" { block }
> + location "/nextcloud/.ht*" { block }
> + location "/nextcloud/.user*" { block }
> + location "/nextcloud/3rdparty*" { block }
> + location "/nextcloud/AUTHORS" { block }
> + location "/nextcloud/COPYING" { block }
> + location "/nextcloud/config*" { block }
> + location "/nextcloud/console*" { block }
> + location "/nextcloud/data*" { block }
> + location "/nextcloud/lib*" { block }
> + location "/nextcloud/occ*" { block }
> +
> + location "/.well-known/caldav" {
> + block return 301 "https://$SERVER_NAME/nextcloud/remote.php/dav";
> + }
> +
> + location "/.well-known/carddav" {
> + block return 301 "https://$SERVER_NAME/nextcloud/remote.php/dav";
> + }
My example is more for nextcloud.foobar.org not for foobar.org/nextcloud
The httpd.conf example is just that, an example, the users at the end can
change the setup the way they like.
>
> location "/*.php*" {
> root "/nextcloud"
>
> --- pkg/PLIST.gonzalo Fri May 17 18:01:30 2019
> +++ pkg/PLIST Fri May 17 18:01:46 2019
> @@ -4980,9 +4980,6 @@
> @owner www
> @group www
> nextcloud/apps/
> -@mode
> -@owner
> -@group
> nextcloud/apps/accessibility/
> nextcloud/apps/accessibility/.babelrc.js
> nextcloud/apps/accessibility/appinfo/
