You are here:
Vanderbilt Biostatistics Wiki
>
Main Web
>
TWikiUsers
>
DalePlummer
>
DalesNotes
>
NextCloudNotes
(06 Jul 2022,
DalePlummer
)
(raw view)
E
dit
A
ttach
---+ Nextcloud Notes %TOC% ---++ (new) Nextcloud on a self-hosted Ubuntu VM https://vbiostat2.app.vumc.org ---++ Internal host name: biostatnextcloud.emp.vumc.io ---+++ Fixing ldap configuration On 12/1/2020, I changed my <nop>ePassword. Unfortunately the LDAP authentication for Nextcloud used my account credentials to access VUMC LDAP. How did I get out of this mess? Same on 12/1/2021 Log on to biostatnextcloud.emp.vumc.io <verbatim> cd /var/www/html sudo -u www-data php occ ldap:show-config --show-password sudo -u www-data php occ ldap:set-config s01 ldapAgentPassword ************* sudo -u www-data php occ ldap:test-config s01 </verbatim> ---+++ KVM commands <verbatim> virt-manager # desktop user interface for managing virtual machines through libvirt virsh nodeinfo # information about the host computer virsh list --all virsh start nextcloud virsh shutdown nextcloud virsh dominfo nextcloud virsh domblklist nextcloud # information about virtual disks </verbatim> ---+++Transfer to new Nextcloud instance On old server... * Look at =www-nextcloud/config/config.php= to get database host, database name, and database admin username & password * Set Nextcloud instance to maintenance mode (edit =www-nextcloud/config/config.php=) * Use rsync to make a copy of the Nextcloud directory tree <verbatim> rsync -Aavx www-nextcloud/ www-nextcloud-dirbkp_`date +"%Y%m%d"`/ </verbatim> * Make a dump of the database. Notice that we are placing the dump in the copy of the Nextcloud directory tree that we made in the previous step. <verbatim> mysqldump --single-transaction -h localhost -u oc_admin -p????????? nextcloud > www-nextcloud-dirbkp_`date +"%Y%m%d"`/www-nextcloud-sqlbkp_`date +"%Y%m%d"`.bak </verbatim> * Take Nextcloud out of maintenance mode (edit =www-nextcloud/config/config.php=) * Make compressed archive <verbatim> tar -zcvf www-nextcloud-dirbkp_`date +"%Y%m%d"`.tar.gz www-nextcloud-dirbkp_`date +"%Y%m%d"` </verbatim> * copy archive to new server <verbatim> scp www-nextcloud-dirbkp_20200903.tar.gz dalep@biostatnextcloud.emp.vumc.io:/home/dalep/. </verbatim> On new server... <verbatim> systemctl stop snap.nextcloud.apache # stop apache cd ~ sudo vim /var/snap/nextcloud/current/nextcloud/config/config.php # put server into maintenance mode mkdir www-nextcloud mv www-nextcloud-dirbkp_`date +"%Y%m%d"`.tar.gz www-nextcloud/ cd www-nextcloud/ tar -zxvf www-nextcloud-dirbkp_`date +"%Y%m%d"`.tar.gz sudo mv /var/snap/nextcloud/common/nextcloud/data /var/snap/nextcloud/common/nextcloud/data.save ###sudo mkdir /var/snap/nextcloud/common/nextcloud/data ###gets recreated automatically since the nextcloud log lives in data/ cd www-nextcloud-dirbkp_`date +"%Y%m%d"`/ sudo rsync -Aaxv data/ /var/snap/nextcloud/common/nextcloud/data/ sudo chown -R root.root /var/snap/nextcloud/common/nextcloud/data/ ###sudo cat /var/snap/nextcloud/current/nextcloud/config/config.php # to see database password ###sudo nextcloud.mysql-client -h localhost -u nextcloud -p??? -e "DROP DATABASE nextcloud" ###sudo nextcloud.mysql-client -h localhost -u nextcloud -p??? -e "CREATE DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci" ###sudo nextcloud.mysql-client -h localhost -u nextcloud -p??? nextcloud < /home/dalep/www-nextcloud/www-nextcloud-dirbkp_`date +"%Y%m%d"`/www-nextcloud-sqlbkp_`date +"%Y%m%d"`.bak systemctl start snap.nextcloud.apache # start apache sudo vim /var/snap/nextcloud/current/nextcloud/config/config.php # put server into production mode sudo nextcloud.occ files:scan --all ### Give it 10 minutes for everything to come up. Collabora might get disabled; enable it. When creating an .odt file - the file gets created but Collabora doesn't see to come up. Closing and reopening the file usually brings up Collabora so it can be edited. </verbatim> ---+++ Misc notes What do these do? <verbatim> sudo -u www-data php occ files:scan --all sudo -u www-data php occ files:scan-app-data sudo -u www-data php occ files:cleanup sudo -u www-data php occ db:add-missing-indices </verbatim> scan files after a bulk transfer <verbatim> sudo nextcloud.occ files:scan --all </verbatim> Databases and tables on new server <verbatim> dalep@biostatnextcloud:~$ sudo nextcloud.mysql-client [sudo] password for dalep: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 45 Server version: 5.7.31 MySQL Community Server (GPL) Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | nextcloud | | performance_schema | | sys | +--------------------+ 5 rows in set (0.00 sec) mysql> use nextcloud; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; +-----------------------------+ | Tables_in_nextcloud | +-----------------------------+ | oc_accounts | | oc_activity | | oc_activity_mq | | oc_addressbookchanges | | oc_addressbooks | | oc_appconfig | | oc_authtoken | | oc_bruteforce_attempts | | oc_calendar_invitations | | oc_calendar_reminders | | oc_calendar_resources | | oc_calendar_resources_md | | oc_calendar_rooms | | oc_calendar_rooms_md | | oc_calendarchanges | | oc_calendarobjects | | oc_calendarobjects_props | | oc_calendars | | oc_calendarsubscriptions | | oc_cards | | oc_cards_properties | | oc_collres_accesscache | | oc_collres_collections | | oc_collres_resources | | oc_comments | | oc_comments_read_markers | | oc_credentials | | oc_dav_cal_proxy | | oc_dav_shares | | oc_deck_assigned_labels | | oc_deck_assigned_users | | oc_deck_attachment | | oc_deck_board_acl | | oc_deck_boards | | oc_deck_cards | | oc_deck_labels | | oc_deck_stacks | | oc_direct_edit | | oc_directlink | | oc_federated_reshares | | oc_file_locks | | oc_filecache | | oc_filecache_extended | | oc_files_trash | | oc_flow_checks | | oc_flow_operations | | oc_flow_operations_scope | | oc_group_admin | | oc_group_folders | | oc_group_folders_acl | | oc_group_folders_groups | | oc_group_folders_manage | | oc_group_folders_trash | | oc_group_user | | oc_groups | | oc_jobs | | oc_ldap_group_mapping | | oc_ldap_group_members | | oc_ldap_user_mapping | | oc_login_flow_v2 | | oc_mail_accounts | | oc_mail_aliases | | oc_mail_attachments | | oc_mail_classifiers | | oc_mail_coll_addresses | | oc_mail_mailboxes | | oc_mail_messages | | oc_mail_recipients | | oc_migrations | | oc_mimetypes | | oc_mounts | | oc_notes_meta | | oc_notifications | | oc_notifications_pushtokens | | oc_oauth2_access_tokens | | oc_oauth2_clients | | oc_preferences | | oc_privacy_admins | | oc_properties | | oc_recent_contact | | oc_richdocuments_assets | | oc_richdocuments_direct | | oc_richdocuments_wopi | | oc_schedulingobjects | | oc_share | | oc_share_external | | oc_storages | | oc_systemtag | | oc_systemtag_group | | oc_systemtag_object_mapping | | oc_talk_commands | | oc_talk_guests | | oc_talk_participants | | oc_talk_rooms | | oc_talk_signaling | | oc_text_documents | | oc_text_sessions | | oc_text_steps | | oc_trusted_servers | | oc_twofactor_backupcodes | | oc_twofactor_providers | | oc_user_transfer_owner | | oc_users | | oc_vcategory | | oc_vcategory_to_object | | oc_webauthn | | oc_whats_new | +-----------------------------+ 107 rows in set (0.01 sec) mysql> </verbatim> Databases and tables on old server <verbatim> bioapp@bio1000lp:~/www-nextcloud/config$ mysql --user oc_admin -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 755623 Server version: 5.5.65-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | nextcloud | | test | +--------------------+ 3 rows in set (0.00 sec) MariaDB [(none)]> use nextcloud; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed MariaDB [nextcloud]> show tables; +-----------------------------+ | Tables_in_nextcloud | +-----------------------------+ | oc_accounts | | oc_activity | | oc_activity_mq | | oc_addressbookchanges | | oc_addressbooks | | oc_appconfig | | oc_authtoken | | oc_bruteforce_attempts | | oc_calendar_invitations | | oc_calendar_resources | | oc_calendar_rooms | | oc_calendarchanges | | oc_calendarobjects | | oc_calendarobjects_props | | oc_calendars | | oc_calendarsubscriptions | | oc_cards | | oc_cards_properties | | oc_collres_accesscache | | oc_collres_collections | | oc_collres_resources | | oc_comments | | oc_comments_read_markers | | oc_credentials | | oc_dav_shares | | oc_deck_assigned_labels | | oc_deck_assigned_users | | oc_deck_attachment | | oc_deck_board_acl | | oc_deck_boards | | oc_deck_cards | | oc_deck_labels | | oc_deck_stacks | | oc_directlink | | oc_federated_reshares | | oc_file_locks | | oc_filecache | | oc_files_trash | | oc_flow_checks | | oc_flow_operations | | oc_group_admin | | oc_group_folders | | oc_group_folders_acl | | oc_group_folders_groups | | oc_group_folders_manage | | oc_group_folders_trash | | oc_group_user | | oc_groups | | oc_jobs | | oc_ldap_group_mapping | | oc_ldap_group_members | | oc_ldap_user_mapping | | oc_login_flow_v2 | | oc_migrations | | oc_mimetypes | | oc_mounts | | oc_notifications | | oc_notifications_pushtokens | | oc_oauth2_access_tokens | | oc_oauth2_clients | | oc_preferences | | oc_privacy_admins | | oc_properties | | oc_schedulingobjects | | oc_share | | oc_share_external | | oc_storages | | oc_systemtag | | oc_systemtag_group | | oc_systemtag_object_mapping | | oc_trusted_servers | | oc_twofactor_backupcodes | | oc_twofactor_providers | | oc_users | | oc_vcategory | | oc_vcategory_to_object | | oc_whats_new | +-----------------------------+ 77 rows in set (0.00 sec) MariaDB [nextcloud]> </verbatim> =/var/snap/nextcloud/current/= <verbatim> dalep@biostatnextcloud:~$ ls -la /var/snap/nextcloud/current/ total 32 drwxr-xr-x 8 root root 4096 Jul 1 15:49 . drwxr-xr-x 5 root root 4096 Aug 13 20:48 .. drwxr-xr-x 3 root root 4096 Jul 1 15:49 apache drwx------ 4 root root 4096 Sep 4 18:12 certs drwxr-x--- 6 root root 4096 Sep 4 18:11 mysql drwxr-xr-x 4 root root 4096 Jul 1 15:49 nextcloud drwxr-x--- 2 root root 4096 Jul 1 15:49 php drwxr-x--- 2 root root 4096 Sep 4 18:41 redis dalep@biostatnextcloud:~$ dalep@biostatnextcloud:~$ ls -la /var/snap/nextcloud/current/nextcloud/ total 16 drwxr-xr-x 4 root root 4096 Jul 1 15:49 . drwxr-xr-x 8 root root 4096 Jul 1 15:49 .. drwxr-xr-x 2 root root 4096 Sep 4 18:11 config drwxr-x--- 12 root root 4096 Sep 4 18:12 extra-apps dalep@biostatnextcloud:~$ </verbatim> =/var/snap/nextcloud/common/= <verbatim> dalep@biostatnextcloud:~$ ls -la /var/snap/nextcloud/common/ total 16 drwxr-xr-x 4 root root 4096 Jul 1 18:01 . drwxr-xr-x 5 root root 4096 Aug 13 20:48 .. drwxr-xr-x 3 root root 4096 Jul 1 18:01 backups drwxr-x--- 4 root root 4096 Jul 1 16:11 nextcloud dalep@biostatnextcloud:~$ dalep@biostatnextcloud:~$ sudo ls -la /var/snap/nextcloud/common/nextcloud/ total 16 drwxr-x--- 4 root root 4096 Jul 1 16:11 . drwxr-xr-x 4 root root 4096 Jul 1 18:01 .. drwxrwx--- 41 root root 4096 Aug 31 22:27 data drwxr-x--- 2 root root 4096 Sep 4 18:12 tmp dalep@biostatnextcloud:~$ </verbatim> =/snap/nextcloud/current/= <verbatim> dalep@biostatnextcloud:~$ ls -la /snap/nextcloud/current/ total 275 drwxr-xr-x 26 root root 490 Aug 12 01:01 . drwxr-xr-x 4 root root 4096 Aug 13 20:48 .. drwxr-xr-x 2 root root 1136 Aug 12 01:01 bin drwxr-xr-x 2 root root 52 Aug 12 01:01 certbot_nextcloud_plugin drwxr-xr-x 2 root root 87 Aug 12 01:00 cgi-bin drwxr-xr-x 2 root root 79 Aug 12 01:00 conf drwxr-xr-x 4 root root 39 Aug 12 01:01 config drwxr-xr-x 2 root root 82 Aug 12 01:00 docs drwxr-xr-x 3 root root 707 Aug 12 01:00 error drwxr-xr-x 15 root root 248 May 27 19:15 etc drwxr-xr-x 4 root root 60 Aug 12 01:00 fixes drwxr-xr-x 13 root root 473 Aug 12 00:51 htdocs drwxr-xr-x 3 root root 3187 Aug 12 01:00 icons drwxr-xr-x 5 root root 1120 Aug 12 01:00 include drwxr-xr-x 8 root root 285 Aug 12 01:00 lib -rw-r--r-- 1 root root 275393 Aug 12 00:36 LICENSE drwxr-xr-x 2 root root 3 Aug 12 00:39 logs drwxr-xr-x 3 root root 27 Aug 12 01:00 man drwxr-xr-x 4 root root 56 Aug 12 01:01 meta drwxr-xr-x 2 root root 709 Aug 12 01:00 modules -rw-r--r-- 1 root root 116 Aug 12 00:32 my.cnf drwxr-xr-x 4 root root 37 Aug 12 01:00 php -rw-r--r-- 1 root root 587 Aug 12 00:36 README -rw-r--r-- 1 root root 269 Aug 12 00:32 setup.py drwxr-xr-x 28 root root 745 Aug 12 01:00 share drwxr-xr-x 4 root root 92 Aug 12 01:01 snap drwxr-xr-x 2 root root 99 Aug 12 01:00 support-files drwxr-xr-x 6 root root 86 May 27 19:15 usr drwxr-xr-x 2 root root 211 Aug 12 01:01 utilities drwxr-xr-x 5 root root 48 Aug 12 01:00 var </verbatim> =/snap/nextcloud/current/htdocs/= <verbatim> dalep@biostatnextcloud:~$ sudo ls -la /snap/nextcloud/current/htdocs/ total 80 drwxr-xr-x 13 root root 473 Aug 12 00:51 . drwxr-xr-x 26 root root 490 Aug 12 01:01 .. drwxr-xr-x 41 root root 929 Aug 12 01:00 3rdparty drwxr-xr-x 43 root root 1212 Aug 12 01:00 apps -rw-r--r-- 1 root root 16522 Jul 15 20:22 AUTHORS drwxr-xr-x 2 root root 116 Aug 12 01:00 config -rw-r--r-- 1 root root 3967 Jul 15 20:22 console.php -rw-r--r-- 1 root root 34520 Jul 15 20:22 COPYING drwxr-xr-x 23 root root 522 Aug 12 01:00 core -rw-r--r-- 1 root root 5140 Jul 15 20:22 cron.php -rw-r--r-- 1 root root 3032 Jul 15 20:22 .htaccess -rw-r--r-- 1 root root 156 Jul 15 20:22 index.html -rw-r--r-- 1 root root 2960 Jul 15 20:22 index.php drwxr-xr-x 6 root root 170 Aug 12 01:00 lib -rw-r--r-- 1 root root 283 Jul 15 20:22 occ drwxr-xr-x 2 root root 32 Aug 12 01:00 ocm-provider drwxr-xr-x 2 root root 64 Aug 12 01:00 ocs drwxr-xr-x 2 root root 32 Aug 12 01:00 ocs-provider -rw-r--r-- 1 root root 3102 Jul 15 20:22 public.php -rw-r--r-- 1 root root 5332 Jul 15 20:22 remote.php drwxr-xr-x 4 root root 142 Aug 12 01:00 resources -rw-r--r-- 1 root root 26 Jul 15 20:22 robots.txt -rw-r--r-- 1 root root 2379 Jul 15 20:22 status.php drwxr-xr-x 3 root root 56 Aug 12 01:00 themes drwxr-xr-x 2 root root 52 Aug 12 01:00 updater -rw-r--r-- 1 root root 101 Jul 15 20:22 .user.ini -rw-r--r-- 1 root root 362 Jul 15 20:29 version.php dalep@biostatnextcloud:~$ </verbatim> Where are guest VM configuration files stored in KVM/Qumu? =/etc/libvirt/qemu= Where is Nextcloud configuration file stored? =/var/snap/nextcloud/current/nextcloud/config/config.php= [[https://computingforgeeks.com/virsh-commands-cheatsheet/][virsh commands cheatsheep]] [[https://virt-manager.org/][virt-manager documentation]] Nextcloud version is 19.0.1 as of 2020-08-25 Virtual disk size is 100GB as of 2020-08-25 SSH access to server host * biostat1553.dhcp.mc.vanderbilt.edu SSH access to VM * biostatnextcloud.emp.vumc.io URLs for Nextcloud instance * https://vbiostat2.app.vumc.org * https://biostatnextcloud.emp.vumc.io Network configuration for VM <verbatim> IP addr: 10.151.20.239 subnet mask: 255.255.255.0 gateway: 10.151.20.1 DC1 DNS server: 10.108.51.18 DC3 DNS server: 10.101.62.234 </verbatim> The server host is biostat1553. Running Ubuntu 18.04.5 LTS. This is a snap install of Nextcloud. When installing Ubuntu server, I checked "Nextcloud" as a snap to include. When I went to the VM with a web browser I was able to create an admin account and configure Nextcloud. Group folders are enabled. "Notes" app is enabled. "LDAP user and group backend" app is enabled. The Nextcloud VM is named "nextcloud". The "nextcloud." commands are wrappers around occ commands. They are part of the snap "simplification". [[https://github.com/nextcloud/nextcloud-snap][Snappy Nextcloud on github]] * [[https://github.com/nextcloud/nextcloud-snap#how-to-install][How to install]] * [[https://github.com/nextcloud/nextcloud-snap#how-to-use][How to use]] * [[https://github.com/nextcloud/nextcloud-snap#configuration][Configuration]] * [[https://github.com/nextcloud/nextcloud-snap#included-cli-utilities][Included CLI utilities]] * [[https://github.com/nextcloud/nextcloud-snap#where-is-my-stuff][Where is my stuff?]] * [[https://github.com/nextcloud/nextcloud-snap#hacking][Hacking]] [[https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-nextcloud-on-ubuntu-18-04][How to Install and Configure Nextcloud on Ubuntu 18.04]] is a good resource. [[https://github.com/nextcloud][Nextcloud on github]] ---+++ VM backup and restore While logged on to the VM host machine biostat1553... backup * shutdown vm to be backed up <br> =virsh shutdown nextcloud= * wait for the shutdown to finish <br> =sleep 30s= * make a copy of the configuration file in the backup location <br> =virsh dumpxml nextcloud > vmbackups/nextcloud.xml-backup20200825= * copy the vm disk image to the backup location <br> =sudo cp -p /var/lib/libvirt/images/nextcloud.qcow2 vmbackups/nextcloud.qcow2-backup20200825= * restart the vm <br> =virsh start nextcloud= restore * if necessary, undefine the vm (remove configuration) <br> =virsh undefine nextcloud= * if necessary, delete the vm's current disk image file <br> =sudo rm /var/lib/libvirt/images/nextcloud.qcow2= * define (create) a new VM using the saved configuration file <br> =virsh define --file vmbackups/nextcloud.xml-backup20200825= * copy the saved vm disk image file back to the original location <br> =sudo cp vmbackups/nextcloud.qcow2-backup20200825 /var/lib/libvirt/images/nextcloud.qcow2= * fix the ownership for the disk image file <br> =sudo chown libvirt-qemu.kvm /var/lib/libvirt/images/nextcloud.qcow2= * start the restored vm <br> =virsh start nextcloud= ---++ (old) Nextcloud on the VUMC IT (locked down) VM Pegasus ticket R00674175 was submitted 9/25/2020. It requests some software be installed as noted by Nextcloud v19 on the "Security & setup warnings" report. How to use occ on the vm <verbatim> bioapp@bio1000lp:~/www-nextcloud$ scl enable rh-php72 bash bash-4.2$ php occ -V Nextcloud 16.0.6' </verbatim> URL: http://bio1000lp.hs.it.vumc.io <br> URL: https://vbiostat.app.vumc.org Security scan of our Nextcloud instance: https://scan.nextcloud.com bio1000lp.hs.it.vumc.io Access to the site is enabled via a whitelist. No one can log on to the site unless they are a member of the biostatnextcloud active directory security group. As of 2019/11/11 we are running Nextcloud 16.0.6. I am having trouble with permissions and file ownership in the ~/www-nextcloud directory tree. Some files are being written with =owner : -rw and group : -rw=. Also, some files have ownership of =apache:apache= rather than =bioapp:apache=. When this happens Nextcloud throws a ??? error. I believe Nextcloud writes these files with these characteristics when a Nextcloud update is performed and, maybe when a new Apache process is started. So far, I can issue the command =chmod -R g+w ~/www-nextcloud/= to get things going. <verbatim> bioapp@bio1000lp:~$ chmod: changing permissions of ‘www-nextcloud/data/appdata_oc6xhh7jnpzb/css/core/1abd-e05c-server.css’: Operation not permitted chmod: changing permissions of ‘www-nextcloud/data/appdata_oc6xhh7jnpzb/css/core/1abd-e05c-server.css.deps’: Operation not permitted chmod: changing permissions of ‘www-nextcloud/data/appdata_oc6xhh7jnpzb/css/core/1abd-e05c-css-variables.css’: Operation not permitted chmod: changing permissions of ‘www-nextcloud/data/appdata_oc6xhh7jnpzb/css/core/1abd-e05c-css-variables.css.deps’: Operation not permitted chmod: changing permissions of ‘www-nextcloud/data/appdata_oc6xhh7jnpzb/css/theming/6a15-e05c-theming.css’: Operation not permitted chmod: changing permissions of ‘www-nextcloud/data/appdata_oc6xhh7jnpzb/css/theming/6a15-e05c-theming.css.deps’: Operation not permitted bioapp@bio1000lp:~$ cd www-nextcloud/data/appdata_oc6xhh7jnpzb/css/core/ bioapp@bio1000lp:~/www-nextcloud/data/appdata_oc6xhh7jnpzb/css/core$ ll total 372 drwxrwxr-x 3 bioapp apache 4096 Nov 11 14:14 ./ drwxrwxr-x 15 bioapp apache 227 Nov 1 17:26 ../ -rw-r--r-- 1 apache apache 961 Nov 11 14:14 1abd-e05c-css-variables.css -rw-r--r-- 1 apache apache 197 Nov 11 14:14 1abd-e05c-css-variables.css.deps -rw-r--r-- 1 apache apache 435 Nov 11 14:14 1abd-e05c-css-variables.css.gzip -rw-r--r-- 1 apache apache 1189 Nov 11 14:14 1abd-e05c-results.css -rw-r--r-- 1 apache apache 199 Nov 11 14:14 1abd-e05c-results.css.deps -rw-r--r-- 1 apache apache 504 Nov 11 14:14 1abd-e05c-results.css.gzip -rw-r--r-- 1 apache apache 137241 Nov 11 14:14 1abd-e05c-server.css -rw-r--r-- 1 apache apache 857 Nov 11 14:14 1abd-e05c-server.css.deps -rw-r--r-- 1 apache apache 19358 Nov 11 14:14 1abd-e05c-server.css.gzip -rw-rw-r-- 1 bioapp apache 961 Nov 11 13:24 1abd-fa2a-css-variables.css -rw-rw-r-- 1 bioapp apache 197 Nov 11 13:24 1abd-fa2a-css-variables.css.deps -rw-rw-r-- 1 bioapp apache 435 Nov 11 13:24 1abd-fa2a-css-variables.css.gzip -rw-rw-r-- 1 bioapp apache 1189 Nov 11 13:24 1abd-fa2a-results.css -rw-rw-r-- 1 bioapp apache 199 Nov 11 13:24 1abd-fa2a-results.css.deps -rw-rw-r-- 1 bioapp apache 504 Nov 11 13:24 1abd-fa2a-results.css.gzip -rw-rw-r-- 1 bioapp apache 137241 Nov 11 13:24 1abd-fa2a-server.css -rw-rw-r-- 1 bioapp apache 857 Nov 11 13:24 1abd-fa2a-server.css.deps -rw-rw-r-- 1 bioapp apache 19358 Nov 11 13:24 1abd-fa2a-server.css.gzip drwxrwxr-x 2 bioapp bioapp 6 Nov 11 13:29 save/ bioapp@bio1000lp:~/www-nextcloud/data/appdata_oc6xhh7jnpzb/css/core$ cd ~/www-nextcloud/data/appdata_oc6xhh7jnpzb/css/theming/ bioapp@bio1000lp:~/www-nextcloud/data/appdata_oc6xhh7jnpzb/css/theming$ ll total 12 drwxrwxr-x 2 bioapp apache 166 Nov 11 13:25 ./ drwxrwxr-x 15 bioapp apache 227 Nov 1 17:26 ../ -rw-r--r-- 1 apache apache 0 Nov 11 13:25 6a15-e05c-theming.css -rw-r--r-- 1 apache apache 0 Nov 11 13:25 6a15-e05c-theming.css.deps -rw-rw-r-- 1 bioapp apache 967 Nov 11 13:24 6a15-fa2a-theming.css -rw-rw-r-- 1 bioapp apache 200 Nov 11 13:24 6a15-fa2a-theming.css.deps -rw-rw-r-- 1 bioapp apache 372 Nov 11 13:24 6a15-fa2a-theming.css.gzip bioapp@bio1000lp:~/www-nextcloud/data/appdata_oc6xhh7jnpzb/css/theming$ </verbatim> ec2-user ---+++ Documentation * https://nextcloud.com/install/#instructions-server * https://docs.nextcloud.com/ * https://docs.nextcloud.com/server/17/admin_manual * Running Apache Email from Rasmussen, Justin D <justin.rasmussen@vumc.org> re log file location... <verbatim> For application logs, we request the application owner configure Apache to store logs on /app001. Once you have Apache configured to place the logs on /app001, you will also need to configure it to use the bioapp user and group rather than Apache. We also made sure to give you the ability to start/stop/restart Apache with the sudo commands. Use sudo systemctl start/stop/restart httpd. We’ve configured the permissions on our end to make sure bioapp is the user/group on that directory so Nextcloud shouldn’t be changing permissions like it has been. </verbatim> Email from Nancy Williams re LDAP configuration... <verbatim> Dale try this. Host is ds.vanderbilt.edu Port is 636 User DN = cn=<Resource Account VUnetID>,cn=users,dc=ds,dc=vanderbilt,dc=edu Base DN = dc=ds,dc=vanderbilt,dc=edu If you need LDAP SSL certs, see https://pegasus.mc.vanderbilt.edu/ViewKnowledge.aspx?id=13760. Let me know how it goes. Thank you, Nancy Williams System Analyst | Identity & Access Operations - Directory Services Security Operations and Services | VUMC Enterprise Cybersecurity Vanderbilt University Medical Center nancy.a.williams@vumc.org |615-343-5788 </verbatim> Email from Andrew Roeder <code> ...please submit us a request to have the apache user added to the bioapp group. Apache will then have write access to any files which the bioapp group has write access allowed. You can then set 775 permissions on the nextcloud directory and files so apache can write there. </code> Email of 10/24/2019 <code> “Brett, Mariadb was failing to start because it was not yet configured. I’ve applied our default configuration and Dale should be able to start the process now and it will run in /app001/mariadb as the bioapp user. A database password can be set by the bioapp user as the default root password is blank per the documentation for <nop>MariaDB. Please let Dale know he can contact us directly via email or ticket with questions or issues.” </code> Checking installed prerequisites... <verbatim> -bash-4.2$ cat /etc/system-release Red Hat Enterprise Linux Server release 7.7 (Maipo) -bash-4.2$ php -v PHP 7.2.10 (cli) (built: Nov 7 2018 05:32:35) ( NTS ) -bash-4.2$ mysql -V mysql Ver 15.1 Distrib 5.5.64-MariaDB, for Linux (x86_64) using readline 5.1 -bash-4.2$ apachectl -v Server version: Apache/2.4.6 (Red Hat Enterprise Linux) Server built: Jun 9 2019 13:01:04 -bash-4.2$ apachectl -t -D DUMP_MODULES | grep 'php' php7_module (shared) </verbatim> Since I don't have privileges to modify /var/www/ <verbatim> cd ~ unzip nextcloud-*.zip mkdir -p www/html cp -R nextcloud/ ~/www/html/ mkdir ~/www/html/nextcloud/data chown -R apache:apache ~/www/html/nextcloud cd /etc/httpd/conf.d/ touch nextcloud.conf </verbatim> Contents of =/etc/httpd/conf.d/nextcloud.conf= <verbatim> -bash-4.2$ cat /etc/httpd/conf.d/nextcloud.conf <VirtualHost *:80> DocumentRoot /app001/www/html/nextcloud/ ServerName bio1000lp.hs.it.vumc.io <Directory "/app001/www/html/nextcloud/"> Require all granted AllowOverride All Options FollowSymLinks MultiViews <IfModule mod_dav.c> Dav off </IfModule> </Directory> </VirtualHost> </verbatim> ---+++ VUMC Virtual Machine Monday, August 19, 2019 1:12 PM <verbatim> The pilot host build for 1009565 - Biostatistics Nextcloud” Server Build has been completed. By end of day, VEC SECURITY ENGINEERING AND OPERATIONS should complete the VPN SSH access to allow the members of GDN_BIO_Admins group, managed by Dale Plummer, to SSH to the host. The AD group to permit access onto the host (bio_adm) is manageable by Dale Plummer. Users added to that AD group have the ability to sudo to the bioapp application account ie "sudo su - bioapp". Sudo functions within the application account can be viewed with the following command: "sudo -l bioapp". Application related files should be stored in the /app001 volume on the host. Additional work to the host should be requested through the Pegasus Request Management module using the VUMC IT LINUX - GENERAL REQUEST form. Be sure to specify the host name where work is to be performed. LTM work is requested using the Pegasus Request Management forms relating to VUMC IT LINUX - F5 LTM requests. Applications must be fully configured before submitting requests for LTM work. Requested packages or versions not available in Red Hat repositories will have to be installed by the customer within the application volume. Additional work to the host should be requested through the Pegasus Request Management module using the VUMC IT LINUX - GENERAL REQUEST form. Be sure to specify the host name where work is to be performed. LTM work is requested using the Pegasus Request Management forms relating to VUMC IT LINUX - F5 LTM requests. Applications must be fully configured before submitting requests for LTM work. Requested packages or versions not available in Red Hat repositories will have to be installed by the customer within the application volume. </verbatim> *PROJECT* * PV Actual Start: 8/14/2019 * PV Requested start: 8/7/2019 * PV Requested finish: 10/4/2019 * Workgroup Assigned: 8/1/2019 * Host build start: 8/14/2019 * Host build finish: 8/19/2019 * Dependent workgroup finish: Pending * Customer turn over: 8/19/2019 * PV Scheduled Finish: 8/26/2019 *HOST INFORMATION* * Name: bio1000lp.hs.it.vumc.io * Address: 10.100.128.10 *AD INFORMATION* * Host access group: bio_adm * AD GID: 100232 * Manager of AD group: Dale Plummer * Location: ou=AI Unix,ou=Information Management,ou=Organizational Units,dc=ds,dc=vanderbilt,dc=edu *APPLICATION ACCOUNT* * Name: bioapp * UID/GID: 1639 * Sudo group: bio_adm * Application account home directory: /app001 * Application file directory: /app001 *PEGASUS WORKGROUP* * Name: Department of Biostatistics * Email: dale.plummer@vumc.org
E
dit
|
A
ttach
|
P
rint version
|
H
istory
: r25
<
r24
<
r23
<
r22
|
B
acklinks
|
V
iew topic
|
Edit
w
iki text
|
M
ore topic actions
Topic revision: r25 - 06 Jul 2022,
DalePlummer
Main
Department Home Page
Biostatistics Graduate Program
Vanderbilt University Medical Center
Main Web
Main Web Home
Search
Recent Changes
Changes
Topic list
Biostatistics Webs
Archive
Main
Sandbox
System
Register
|
Log In
Copyright © 2013-2022 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Vanderbilt Biostatistics Wiki?
Send feedback