Arch Linux User Repository

This package runs Nextcloud as a socket[1] activated DynamicUser[2] service, using uwsgi and its php plugin. All data is stored in /var/lib/private/nextcloud (which will be seen as /var/lib/nextcloud from the application side), and Nextcloud is forbidden to write to any other directory.

Manual steps needed:

systemctl enable --now nextcloud.socket

Edit /etc/nginx/nginx.conf and add:

include /etc/nginx/sites/*.conf;

Configure /etc/nginx/sites/nextcloud.conf to your liking, especially server_name, listen and ssl_* (but don't touch the other stuff)., and reload nginx (systemctl reload nginx).

The first time you open nextcloud it'll complain about the app directories, edit /var/lib/private/nextcloud/config.php and temporarily add:

'appstoreenabled' => false

… then reload the web page, and enter /var/lib/nextcloud/data as a data storage directory. See [3] for how to setup a writable apps directory if you must have it, I'd suggest not to use it, though.

[1] http://0pointer.de/blog/projects/socket-activation.html man systemd.socket

[2] http://0pointer.net/blog/dynamic-users-with-systemd.html man systemd.exec

[3] https://docs.nextcloud.com/server/13/admin_manual/installation/apps_management_installation.html#using-custom-app-directories

@Dumblob thanks for the comments, I'm working on some improvements to this setup here: https://gist.github.com/gdamjan/b85efc20e50dd401d83884376dee7a74

@gdamjan I'd say for this use case we could temporarily use some postinstallation hooks to sed -ziE ... the setting 'appstoreenabled' => false to ease the installation.

With "editing" of /etc/nginx/nginx.conf we should bundle a functional minimal variant containing just the line include /etc/nginx/sites/*.conf; (pacman will figure out whether it'll get installed as /etc/nginx/nginx.conf or /etc/nginx/nginx.conf.pacnew and the user will see what the difference is; if there is a conflict between the package nginx and nextcloud-uwsgi-service, then I'd just issue a warning during installation about the need to manually add include /etc/nginx/sites/*.conf; to /etc/nginx/nginx.conf).

The third issue (see if nextcloud can default to /var/lib/nextcloud/data on install) could also be solvable - probably by pre-/post-install hooks.

Thoughts?

TODO:

• I wish I wouldn't have to edit /etc/nginx/nginx.conf [1]
• nextcloud should not fail if the apps directory is not writable [2]
• see if nextcloud can default to /var/lib/nextcloud/data on install

[1] https://bugs.archlinux.org/task/59345 [2] appstoreenabled issue at https://github.com/nextcloud/server/issues/10243

This package runs Nextcloud as a socket[1] activated DynamicUser[2] service, using uwsgi and its php plugin. All data is stored in /var/lib/private/nextcloud (which will be seen as /var/lib/nextcloud from the application side), and Nextcloud is forbidden to write to any other directory.

Manual steps needed:

systemctl enable --now nextcloud.socket

Edit /etc/nginx/nginx.conf and add:

include /etc/nginx/sites/*.conf;

Configure /etc/nginx/sites/nextcloud.conf to your liking, especially server_name, listen and ssl_* (but don't touch the other stuff)., and reload nginx (systemctl reload nginx).

The first time you open nextcloud it'll complain about the app directories, edit /var/lib/private/nextcloud/config.php and temporarily add:

'appstoreenabled' => false

… then reload the web page, and enter /var/lib/nextcloud/data as a data storage directory. See [3] for how to setup a writable apps directory if you must have it, I'd suggest not to use it, though.

[1] http://0pointer.de/blog/projects/socket-activation.html man systemd.socket

[2] http://0pointer.net/blog/dynamic-users-with-systemd.html man systemd.exec

[3] https://docs.nextcloud.com/server/13/admin_manual/installation/apps_management_installation.html#using-custom-app-directories