Nextcloud: Difference between revisions
(typo) |
|||
(20 intermediate revisions by 7 users not shown) | |||
Line 1: | Line 1: | ||
[http://nextcloud.com/ Nextcloud] is WedDAV-based solution for storing and sharing on-line your data, files, images, video, music, calendars and contacts. [http://karlitschek.de/2016/06/nextcloud/ Nextcloud is a fork of ownCloud with enterprise features included]. | |||
[http://nextcloud.com/ | |||
= Installation = | = Installation = | ||
{{pkg|nextcloud}} is available from Alpine 3.5 | {{pkg|nextcloud}} is available from Alpine 3.5 and greater. | ||
Before you start installing anything, make sure you have latest packages available. Make sure you are using | Before you start installing anything, make sure you have the latest packages available. Make sure you are using an 'http' repository in your {{path|/etc/apk/repositories}} file, then: | ||
{{cmd|apk update}} | {{cmd|apk update}} | ||
{{tip|Detailed information is found in [[Include:Upgrading_to_latest_release|this]] doc.}} | {{tip|Detailed information is found in [[Include:Upgrading_to_latest_release|this]] doc.}} | ||
== Database == | == Database == | ||
First you have to decide which database to use. | First you have to decide which database to use. Use one of the databases listed below. | ||
=== | |||
All you need to do is to install the package | === Sqlite === | ||
All you need to do is to install the package: | |||
{{cmd|apk add nextcloud-sqlite}} | {{cmd|apk add nextcloud-sqlite}} | ||
=== | === PostgreSQL === | ||
Install the package | Install the package: | ||
{{cmd|apk add nextcloud-pgsql}} | {{cmd|apk add nextcloud-pgsql postgresql postgresql-client}} | ||
Next thing is to configure and start the database | Next thing is to configure and start the database: | ||
{{cmd|/etc/init.d/postgresql setup | {{cmd|/etc/init.d/postgresql setup | ||
/etc/init.d/postgresql start}} | /etc/init.d/postgresql start}} | ||
Next you need to create a user | Next, you need to create a user and temporarily grant the CREATEDB privilege: | ||
{{cmd|psql -U postgres | {{cmd|psql -U postgres | ||
CREATE USER mycloud WITH PASSWORD 'test123'; | CREATE USER mycloud WITH PASSWORD 'test123'; | ||
ALTER ROLE mycloud CREATEDB; | ALTER ROLE mycloud CREATEDB; | ||
\q}} | \q}} | ||
{{Note|Replace the above username 'mycloud' and password 'test123' | {{Note|Replace the above username 'mycloud' and password 'test123' with something secure. Remember these settings. You will need them later when setting up nextcloud.}} | ||
=== | === MariaDB === | ||
Install the package | Install the package: | ||
{{cmd|apk add nextcloud-mysql | {{cmd|apk add nextcloud-mysql mariadb mariadb-client}} | ||
Now configure and start {{pkg| | Now configure and start {{pkg|mariadb}}: | ||
{{cmd|/ | {{cmd|<nowiki>mysql_install_db --user=mysql --datadir=/var/lib/mysql</nowiki> | ||
/etc/init.d/ | /etc/init.d/mariadb start | ||
/usr/bin/mysql_secure_installation}} | /usr/bin/mysql_secure_installation}} | ||
Follow the wizard to setup passwords etc. | Follow the wizard to setup passwords, etc. | ||
{{Note|Remember the usernames/passwords that you set using the wizard | {{Note|Remember the usernames/passwords that you set using the wizard. You will need them later.}} | ||
Next you need to create a user | Next, you need to create a user and database and set permissions: | ||
{{cmd|mysql -u root -p | {{cmd|mysql -u root -p | ||
CREATE DATABASE nextcloud; | CREATE DATABASE nextcloud; | ||
Line 49: | Line 48: | ||
FLUSH PRIVILEGES; | FLUSH PRIVILEGES; | ||
EXIT}} | EXIT}} | ||
{{Note|Replace the above username 'mycloud' and password 'test123' | {{Note|Replace the above username 'mycloud' and password 'test123' with something secure. Remember these settings. You will need them later when setting up nextcloud.}} | ||
{{pkg| | {{pkg|mariadb-client}} is not needed anymore. Let's uninstall it: | ||
{{cmd|apk del | {{cmd|apk del mariadb-client}} | ||
== Webserver == | == Webserver == | ||
Next thing is to choose, install and configure a webserver. In this example we will install {{pkg|nginx}} or {{pkg|lighttpd}}. ''Nginx'' is preferred over ''Lighttpd'' since the latter | Next thing is to choose, install, and configure a webserver. In this example we will install {{pkg|nginx}} or {{pkg|lighttpd}}. ''Nginx'' is preferred over ''Lighttpd'' since the latter will consume a lot of memory when working with large files (see [http://redmine.lighttpd.net/issues/1283 lighty bug #1283]). You are free to install any other webserver of your choice as long as it supports PHP and FastCGI. Generating an SSL certificate for your webserver is outside of the scope of this document. | ||
=== Nginx === | === Nginx === | ||
Install the needed packages | Install the needed packages: | ||
{{cmd|apk add nginx | {{cmd|apk add nginx php7-fpm}} | ||
'''Remove/comment''' any section like this in | '''Remove/comment''' any section like this in {{path|/etc/nginx/nginx.conf}}: | ||
{{cat|/etc/nginx/nginx.conf| | {{cat|/etc/nginx/nginx.conf| | ||
server { | server { | ||
Line 68: | Line 67: | ||
}} | }} | ||
Include the following directive in | Include the following directive in {{path|/etc/nginx/nginx.conf}}: | ||
{{cat|/etc/nginx/nginx.conf| | {{cat|/etc/nginx/nginx.conf| | ||
http { | http { | ||
Line 76: | Line 75: | ||
}} | }} | ||
Create | Create directories for your websites: | ||
{{cmd|mkdir /etc/nginx/sites-available}} | {{cmd|mkdir /etc/nginx/sites-available}} | ||
{{cmd|mkdir /etc/nginx/sites-enabled}} | |||
Create a configuration file for your site in /etc/nginx/sites-available/mysite.mydomain.com | Create a configuration file for your site in {{path|/etc/nginx/sites-available/mysite.mydomain.com}}: | ||
<pre> | <pre> | ||
server { | server { | ||
Line 93: | Line 93: | ||
server_name mysite.mydomain.com; | server_name mysite.mydomain.com; | ||
root / | root /usr/share/webapps/nextcloud; | ||
index index.php index.html index.htm; | index index.php index.html index.htm; | ||
disable_symlinks off; | disable_symlinks off; | ||
Line 99: | Line 99: | ||
ssl_certificate /etc/ssl/cert.pem; | ssl_certificate /etc/ssl/cert.pem; | ||
ssl_certificate_key /etc/ssl/key.pem; | ssl_certificate_key /etc/ssl/key.pem; | ||
ssl_session_timeout 5m; | ssl_session_timeout 5m; | ||
Line 120: | Line 118: | ||
} | } | ||
fastcgi_pass 127.0.0.1:9000; | fastcgi_pass 127.0.0.1:9000; | ||
#fastcgi_pass unix: | #fastcgi_pass unix:/run/php-fpm/socket; | ||
fastcgi_index index.php; | fastcgi_index index.php; | ||
include fastcgi.conf; | include fastcgi.conf; | ||
Line 127: | Line 125: | ||
</pre> | </pre> | ||
If you are running | If you are running from RAM and you're dealing with large files you might need to move the FastCGI temp file from {{path|/tmp}} to {{path|/var/tmp}} or to a directory that is mounted on hdd: | ||
<pre> | <pre> | ||
fastcgi_temp_path /var/tmp/nginx/fastcgi 1 2; | fastcgi_temp_path /var/tmp/nginx/fastcgi 1 2; | ||
</pre> | </pre> | ||
Large | Large file uploads take some time to be processed by php-fpm, so you need to bump the Nginx default read timeout: | ||
<pre> | <pre> | ||
Line 138: | Line 136: | ||
</pre> | </pre> | ||
Set user and group for php-fpm in /etc/ | Set user and group for php-fpm in {{path|/etc/php7/php-fpm.d/www.conf}}: | ||
<pre> | <pre> | ||
... | ... | ||
Line 146: | Line 144: | ||
</pre> | </pre> | ||
{{Note|If you are serving serveral users make sure to tune the *''children'' settings in /etc/php/php-fpm.conf}} | {{Note|If you are serving serveral users make sure to tune the *''children'' settings in {{path|/etc/php7/php-fpm.d/www.conf}}}} | ||
Also enable $PATH by uncommenting the following lines in {{path|/etc/php7/php-fpm.d/www.conf}}: | |||
<pre> | |||
... | |||
env[HOSTNAME] = $HOSTNAME | |||
env[PATH] = /usr/local/bin:/usr/bin:/bin | |||
env[TMP] = /tmp | |||
env[TMPDIR] = /tmp | |||
env[TEMP] = /tmp | |||
... | |||
</pre> | |||
Make nginx user member of www-data group | Make nginx user a member of the www-data group: | ||
{{cmd|addgroup nginx www-data}} | {{cmd|addgroup nginx www-data}} | ||
Enable your website | Enable your website: | ||
{{cmd|ln -s ../sites-available/mysite.mydomain.com /etc/nginx/sites-enabled/mysite.mydomain.com}} | {{cmd|ln -s ../sites-available/mysite.mydomain.com /etc/nginx/sites-enabled/mysite.mydomain.com}} | ||
Start services | The default configuration of nginx shows a 404 page. Therefore, we have to edit {{path|/etc/nginx/nginx.conf}}: | ||
{{cmd|rc-service php- | <pre> | ||
... | |||
# Includes virtual hosts configs. | |||
# include /etc/nginx/conf.d/*.conf; | |||
include /etc/nginx/sites-enabled/*; | |||
... | |||
</pre> | |||
Start services: | |||
{{cmd|rc-service php-fpm7 start | |||
rc-service nginx start}} | rc-service nginx start}} | ||
Enable automatic startup of services: | |||
{{cmd|rc-update add php-fpm7 | |||
rc-update add nginx}} | |||
=== Lighttpd === | === Lighttpd === | ||
Install the package | Install the package: | ||
{{cmd|apk add lighttpd | {{cmd|apk add lighttpd php5-cgi}} | ||
Make sure you have FastCGI enabled in {{pkg|lighttpd}}: | Make sure you have FastCGI enabled in {{pkg|lighttpd}}: | ||
Line 167: | Line 190: | ||
...}} | ...}} | ||
Start up the webserver | Start up the webserver: | ||
{{cmd|/etc/init.d/lighttpd start}} | {{cmd|/etc/init.d/lighttpd start}} | ||
Line 181: | Line 204: | ||
url.access-deny {{=}} ("~", ".inc", "config.php") | url.access-deny {{=}} ("~", ".inc", "config.php") | ||
...}} | ...}} | ||
Restart {{pkg|lighttpd}} to activate the changes | Restart {{pkg|lighttpd}} to activate the changes: | ||
{{cmd|/etc/init.d/lighttpd restart}} | {{cmd|/etc/init.d/lighttpd restart}} | ||
=== Additional packages === | === Additional packages === | ||
Some large apps, such as texteditor, | Some large apps, such as pdfviewer, texteditor, notifications and videoplayer are in separate packages: | ||
{{cmd|apk add nextcloud-texteditor nextcloud- | {{cmd|apk add nextcloud-pdfviewer nextcloud-texteditor nextcloud-notifications nextcloud-videoplayer}} | ||
= Configure and use | === How To Create a Self-Signed SSL Certificate === | ||
Install openssl: | |||
{{cmd|apk add openssl}} | |||
Generate your self signed certificate and its private key: | |||
{{cmd|<nowiki>openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</nowiki>}} | |||
Edit your nginx configuration: | |||
{{cat|/etc/nginx/nginx.conf| | |||
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; | |||
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; | |||
}} | |||
= Configure and use Nextcloud = | |||
== Configure == | == Configure == | ||
Point your browser at <code><nowiki>https://mysite.mydomain.com</nowiki></code> and follow the on-screen instructions to complete the installation, supplying the database user and password created before. | Point your browser at <code><nowiki>https://mysite.mydomain.com</nowiki></code> and follow the on-screen instructions to complete the installation, supplying the database user and password created before. | ||
== Hardening | == Hardening PostgreSQL == | ||
If you have chosen PGSQL backend, revoke CREATEDB privilege from 'mycloud' user: | If you have chosen PGSQL backend, revoke CREATEDB privilege from 'mycloud' user: | ||
{{cmd|psql -U postgres | {{cmd|psql -U postgres | ||
Line 204: | Line 238: | ||
post_max_size = 8M | post_max_size = 8M | ||
</pre> | </pre> | ||
== enable opcache for nginx/php7 == | |||
To increase performace install | |||
{{cmd|apk add php7-opcache}} | |||
Now uncomment/edit lines in /etc/php7/php.ini: | |||
<pre> | |||
... | |||
opcache.enable=1 | |||
opcache.enable_cli=1 | |||
opcache.interned_strings_buffer=8 | |||
opcache.max_accelerated_files=10000 | |||
opcache.memory_consumption=128 | |||
opcache.save_comments=1 | |||
opcache.revalidate_freq=1 | |||
... | |||
</pre> | |||
Restart php-fpm7 | |||
{{cmd|rc-service php-fpm7 restart}} | |||
== Clients == | == Clients == | ||
Line 209: | Line 263: | ||
* http://nextcloud.org/sync-clients/ ''(nextcloud Sync clients)'' | * http://nextcloud.org/sync-clients/ ''(nextcloud Sync clients)'' | ||
* http://nextcloud.org/support/android/ ''(Android client)'' | * http://nextcloud.org/support/android/ ''(Android client)'' | ||
[http://pkgs.alpinelinux.org/packages?name=nextcloud-client&branch=&repo=&arch=&maintainer= nextcloud-client] is currently available in the testing repo. | |||
= Video Communication = | |||
One of the major features of Nextcloud 11, available on Alpine 3.6 (currently edge) is a [https://nextcloud.com/webrtc/ WebRTC app], which relies on Spreed WebRTC server, which is available in the Alpine testing repository. Everything is still beta, so be aware of it :-). If you want a private video conferencing server install Nextcloud using Nginx and do the following (you can use Apache as well and follow the ''Apache config'' instructions [https://nextcloud.com/webrtc/ nextcloud.com]): | |||
Put the following config in the ''server'' section of Nginx: | |||
<pre> | |||
# Spreed WebRTC | |||
location ^~ /webrtc { | |||
proxy_pass http://127.0.0.1:8080; | |||
proxy_http_version 1.1; | |||
proxy_set_header Upgrade $http_upgrade; | |||
proxy_set_header Connection $connection_upgrade; | |||
proxy_set_header X-Forwarded-Proto $scheme; | |||
proxy_set_header Host $http_host; | |||
proxy_set_header X-Real-IP $remote_addr; | |||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |||
proxy_buffering on; | |||
proxy_ignore_client_abort off; | |||
proxy_redirect off; | |||
proxy_connect_timeout 90; | |||
proxy_send_timeout 90; | |||
proxy_read_timeout 90; | |||
proxy_buffer_size 4k; | |||
proxy_buffers 4 32k; | |||
proxy_busy_buffers_size 64k; | |||
proxy_temp_file_write_size 64k; | |||
proxy_next_upstream error timeout invalid_header http_502 http_503 http_504; | |||
} | |||
</pre> | |||
Put the following section in the ''http'' section of Nginx: | |||
<pre> | |||
map $http_upgrade $connection_upgrade { | |||
default upgrade; | |||
'' close; | |||
} | |||
</pre> | |||
Reload Nginx: | |||
{{cmd|rc-service nginx reload}} | |||
Install Spreed WedRTC server (make sure you have the testing [https://wiki.alpinelinux.org/wiki/Alpine_Linux_package_management#Packages_and_Repositories repository] enabled): | |||
{{cmd|apk add spreed-web-server}} | |||
Using the configuration file in ''/etc/spreed-webrtc/spreed-webrtc-server.conf'' follow the instructions at [https://nextcloud.com/webrtc/ nextcloud.com] to configure Spreed WebRTC server. Then start the server: | |||
{{cmd|rc-service spreed-web-server start}} | |||
{{cmd|rc-update add spreed-web-server}} | |||
Install the ''Spreed video calls'' app in Nextcloud and enjoy your private video calls. | |||
[[Category:Server]] | [[Category:Server]] |
Revision as of 13:35, 2 April 2019
Nextcloud is WedDAV-based solution for storing and sharing on-line your data, files, images, video, music, calendars and contacts. Nextcloud is a fork of ownCloud with enterprise features included.
Installation
nextcloud is available from Alpine 3.5 and greater.
Before you start installing anything, make sure you have the latest packages available. Make sure you are using an 'http' repository in your /etc/apk/repositories file, then:
apk update
Database
First you have to decide which database to use. Use one of the databases listed below.
Sqlite
All you need to do is to install the package:
apk add nextcloud-sqlite
PostgreSQL
Install the package:
apk add nextcloud-pgsql postgresql postgresql-client
Next thing is to configure and start the database:
/etc/init.d/postgresql setup /etc/init.d/postgresql start
Next, you need to create a user and temporarily grant the CREATEDB privilege:
psql -U postgres CREATE USER mycloud WITH PASSWORD 'test123'; ALTER ROLE mycloud CREATEDB; \q
MariaDB
Install the package:
apk add nextcloud-mysql mariadb mariadb-client
Now configure and start mariadb:
mysql_install_db --user=mysql --datadir=/var/lib/mysql /etc/init.d/mariadb start /usr/bin/mysql_secure_installation
Follow the wizard to setup passwords, etc.
Next, you need to create a user and database and set permissions:
mysql -u root -p CREATE DATABASE nextcloud; GRANT ALL ON nextcloud.* TO 'mycloud'@'localhost' IDENTIFIED BY 'test123'; GRANT ALL ON nextcloud.* TO 'mycloud'@'localhost.localdomain' IDENTIFIED BY 'test123'; FLUSH PRIVILEGES; EXIT
mariadb-client is not needed anymore. Let's uninstall it:
apk del mariadb-client
Webserver
Next thing is to choose, install, and configure a webserver. In this example we will install nginx or lighttpd. Nginx is preferred over Lighttpd since the latter will consume a lot of memory when working with large files (see lighty bug #1283). You are free to install any other webserver of your choice as long as it supports PHP and FastCGI. Generating an SSL certificate for your webserver is outside of the scope of this document.
Nginx
Install the needed packages:
apk add nginx php7-fpm
Remove/comment any section like this in /etc/nginx/nginx.conf:
Contents of /etc/nginx/nginx.conf
Include the following directive in /etc/nginx/nginx.conf:
Contents of /etc/nginx/nginx.conf
Create directories for your websites:
mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled
Create a configuration file for your site in /etc/nginx/sites-available/mysite.mydomain.com:
server { #listen [::]:80; #uncomment for IPv6 support listen 80; return 301 https://$host$request_uri; server_name mysite.mydomain.com; } server { #listen [::]:443 ssl; #uncomment for IPv6 support listen 443 ssl; server_name mysite.mydomain.com; root /usr/share/webapps/nextcloud; index index.php index.html index.htm; disable_symlinks off; ssl_certificate /etc/ssl/cert.pem; ssl_certificate_key /etc/ssl/key.pem; ssl_session_timeout 5m; #Enable Perfect Forward Secrecy and ciphers without known vulnerabilities #Beware! It breaks compatibility with older OS and browsers (e.g. Windows XP, Android 2.x, etc.) #ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA; #ssl_prefer_server_ciphers on; location / { try_files $uri $uri/ /index.html; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; if (!-f $document_root$fastcgi_script_name) { return 404; } fastcgi_pass 127.0.0.1:9000; #fastcgi_pass unix:/run/php-fpm/socket; fastcgi_index index.php; include fastcgi.conf; } }
If you are running from RAM and you're dealing with large files you might need to move the FastCGI temp file from /tmp to /var/tmp or to a directory that is mounted on hdd:
fastcgi_temp_path /var/tmp/nginx/fastcgi 1 2;
Large file uploads take some time to be processed by php-fpm, so you need to bump the Nginx default read timeout:
fastcgi_read_timeout 300s;
Set user and group for php-fpm in /etc/php7/php-fpm.d/www.conf:
... user = nginx group = www-data ...
Also enable $PATH by uncommenting the following lines in /etc/php7/php-fpm.d/www.conf:
... env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp ...
Make nginx user a member of the www-data group:
addgroup nginx www-data
Enable your website:
ln -s ../sites-available/mysite.mydomain.com /etc/nginx/sites-enabled/mysite.mydomain.com
The default configuration of nginx shows a 404 page. Therefore, we have to edit /etc/nginx/nginx.conf:
... # Includes virtual hosts configs. # include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; ...
Start services:
rc-service php-fpm7 start rc-service nginx start
Enable automatic startup of services:
rc-update add php-fpm7 rc-update add nginx
Lighttpd
Install the package:
apk add lighttpd php5-cgi
Make sure you have FastCGI enabled in lighttpd:
Contents of /etc/lighttpd/lighttpd.conf
Start up the webserver:
/etc/init.d/lighttpd start
Link nextcloud installation to web server directory:
ln -s /usr/share/webapps/nextcloud /var/www/localhost/htdocs
Other settings
Hardening
Consider updating the variable url.access-deny
in /etc/lighttpd/lighttpd.conf for additional security. Add "config.php"
to the variable (that's where the database is stored) so it looks something like this:
Contents of /etc/lighttpd/lighttpd.conf
Restart lighttpd to activate the changes:
/etc/init.d/lighttpd restart
Additional packages
Some large apps, such as pdfviewer, texteditor, notifications and videoplayer are in separate packages:
apk add nextcloud-pdfviewer nextcloud-texteditor nextcloud-notifications nextcloud-videoplayer
How To Create a Self-Signed SSL Certificate
Install openssl:
apk add openssl
Generate your self signed certificate and its private key:
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
Edit your nginx configuration:
Contents of /etc/nginx/nginx.conf
Configure and use Nextcloud
Configure
Point your browser at https://mysite.mydomain.com
and follow the on-screen instructions to complete the installation, supplying the database user and password created before.
Hardening PostgreSQL
If you have chosen PGSQL backend, revoke CREATEDB privilege from 'mycloud' user:
psql -U postgres ALTER ROLE mycloud NOCREATEDB; \q
Increase upload size
Default configuration for php is limited to 2Mb file size. You might want to increase that size by editing the /etc/php/php.ini and change the following values to something that suits you:
upload_max_filesize = 2M post_max_size = 8M
enable opcache for nginx/php7
To increase performace install
apk add php7-opcache
Now uncomment/edit lines in /etc/php7/php.ini:
... opcache.enable=1 opcache.enable_cli=1 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=10000 opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1 ...
Restart php-fpm7
rc-service php-fpm7 restart
Clients
There are clients available for many platforms, Android included:
- http://nextcloud.org/sync-clients/ (nextcloud Sync clients)
- http://nextcloud.org/support/android/ (Android client)
nextcloud-client is currently available in the testing repo.
Video Communication
One of the major features of Nextcloud 11, available on Alpine 3.6 (currently edge) is a WebRTC app, which relies on Spreed WebRTC server, which is available in the Alpine testing repository. Everything is still beta, so be aware of it :-). If you want a private video conferencing server install Nextcloud using Nginx and do the following (you can use Apache as well and follow the Apache config instructions nextcloud.com):
Put the following config in the server section of Nginx:
# Spreed WebRTC location ^~ /webrtc { proxy_pass http://127.0.0.1:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffering on; proxy_ignore_client_abort off; proxy_redirect off; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_next_upstream error timeout invalid_header http_502 http_503 http_504; }
Put the following section in the http section of Nginx:
map $http_upgrade $connection_upgrade { default upgrade; '' close; }
Reload Nginx:
rc-service nginx reload
Install Spreed WedRTC server (make sure you have the testing repository enabled):
apk add spreed-web-server
Using the configuration file in /etc/spreed-webrtc/spreed-webrtc-server.conf follow the instructions at nextcloud.com to configure Spreed WebRTC server. Then start the server:
rc-service spreed-web-server start
rc-update add spreed-web-server
Install the Spreed video calls app in Nextcloud and enjoy your private video calls.