2022-05-05 11:17:28 +02:00
|
|
|
|
# Installation de l'infrastructure
|
|
|
|
|
|
|
|
|
|
### Lancement
|
|
|
|
|
|
|
|
|
|
#### Certs
|
|
|
|
|
|
|
|
|
|
Au premier lancement, assurez-vous que :
|
|
|
|
|
|
|
|
|
|
- Le dossier `/DATA/docker/traefik/certs` existe
|
|
|
|
|
- Créez un fichier `acme.json` à l'intérieur
|
|
|
|
|
- Changez son propriétaire à `root`
|
|
|
|
|
- Changez ses permissions à `600`
|
|
|
|
|
|
|
|
|
|
C'est dans ce fichier que seront conservés tous les certificats générés par Traefik.
|
|
|
|
|
|
|
|
|
|
### Migration des données
|
|
|
|
|
|
|
|
|
|
1. Mettre nextcloud en mode maintenance :
|
|
|
|
|
```
|
|
|
|
|
sudo -u www-data php occ maintenance:mode --on
|
|
|
|
|
```
|
|
|
|
|
2. Faire un dump de la bdd
|
|
|
|
|
```
|
|
|
|
|
sudo -u postgres pg_dump -Fc nc > nc.dump
|
|
|
|
|
```
|
|
|
|
|
3. Sauver les données du dossier nextcloud
|
|
|
|
|
```
|
2022-05-06 09:54:27 +02:00
|
|
|
|
mkdir -p /var/lib/backuppc/migration/data
|
|
|
|
|
cp -r /srv/nextcloud/ /var/lib/backuppc/migration/data
|
2022-05-05 11:17:28 +02:00
|
|
|
|
```
|
|
|
|
|
4. Sauver le fichier de configuration de nextcloud
|
|
|
|
|
```
|
|
|
|
|
cp /var/www/nextcloud/public_html/config/config.php /var/lib/backuppc/migration
|
|
|
|
|
```
|
|
|
|
|
|
2022-05-05 16:27:41 +02:00
|
|
|
|
…
|
|
|
|
|
installation de proxmox, vm, docker.
|
|
|
|
|
…
|
|
|
|
|
|
|
|
|
|
### Installation des services
|
|
|
|
|
|
|
|
|
|
1. Cloner le repo de l'infra
|
|
|
|
|
```
|
|
|
|
|
git clone https://yuno.oiseauroch.fr/gitea/tobias/infra-oasis21.git
|
|
|
|
|
```
|
2022-05-06 09:54:27 +02:00
|
|
|
|
2. copy file `config.php` and change values
|
|
|
|
|
```
|
|
|
|
|
cp /var/lib/backuppc/migration/config.php .
|
|
|
|
|
# change host for redis
|
|
|
|
|
sed -i 's#/run/redis/redis.sock#redis#' config.php
|
|
|
|
|
# change dbhost
|
|
|
|
|
sed -i 's#localhost#nextcloud-db#' config.php
|
|
|
|
|
# change datadirectory
|
|
|
|
|
sed -i 's#/srv/nextcloud#/var/www/html/data#' config.php
|
|
|
|
|
|
|
|
|
|
```
|
2022-05-05 16:27:41 +02:00
|
|
|
|
3. Move `secrets/librezo.secrets.example` to `secrets/librezo.secrets`
|
|
|
|
|
4.Replace **nextcloud** and **collabora** password from vaultwarden
|
|
|
|
|
```
|
|
|
|
|
sed -i 's/__POSTGRES_PASSWORD__/nextcloudstrongpassword/g' config.php secrets/librezo.secrets
|
|
|
|
|
sed -i 's/__COLLABORA_PASSWORD__/collaborastrongpassword/g' config.php secrets/librezo.secrets
|
|
|
|
|
```
|
2022-05-05 19:58:04 +02:00
|
|
|
|
|
|
|
|
|
4. Start traefik
|
|
|
|
|
```
|
|
|
|
|
cd traefik
|
|
|
|
|
docker-compose up -d
|
|
|
|
|
```
|
|
|
|
|
5. Create docker containers and volume
|
|
|
|
|
```
|
|
|
|
|
docker-compose up --no-start
|
|
|
|
|
```
|
|
|
|
|
6. Import database
|
|
|
|
|
```
|
|
|
|
|
docker cp nc.dump nextcloud-db:/nc.dmp
|
|
|
|
|
docker-compose up -d nextcloud-db
|
|
|
|
|
docker-compose exec nextcloud-db sh -c "pg_restore -d nc -U nc nc.dmp"
|
|
|
|
|
docker-compose exec nextcloud-db rm /nc.dmp
|
|
|
|
|
```
|
2022-05-06 09:54:27 +02:00
|
|
|
|
7. Copy files and set correct rights
|
2022-05-05 19:58:04 +02:00
|
|
|
|
```
|
2022-05-06 09:54:27 +02:00
|
|
|
|
docker cp /var/lib/backuppc/migration/data nextcloud-app:/var/www/html/
|
|
|
|
|
cp config.php nextcloud-app:/var/www/html/config/config.php
|
2022-05-05 19:58:04 +02:00
|
|
|
|
docker-compose up -d nextcloud-app
|
|
|
|
|
docker-compose exec nextcloud-app chown -R www-data:www-data /var/www/html/data
|
2022-05-06 09:54:27 +02:00
|
|
|
|
docker-compose exec nextcloud-app chown -R www-data:www-data /var/www/html/config/config.php
|
2022-05-05 19:58:04 +02:00
|
|
|
|
```
|
2022-05-06 09:54:27 +02:00
|
|
|
|
8. restart docker-compose
|
2022-05-05 19:58:04 +02:00
|
|
|
|
```
|
2022-05-06 09:54:27 +02:00
|
|
|
|
docker-compose restart
|
2022-05-05 19:58:04 +02:00
|
|
|
|
```
|
2022-05-06 09:54:27 +02:00
|
|
|
|
|
|
|
|
|
### Configure collabora
|
|
|
|
|
1. connect to nextcloud
|
|
|
|
|
2. go to paramètres->nextcloud office-> utiliser mon propre serveur
|
|
|
|
|
3. choisir `code.oasis21.org`, décocher l'option `ne pas vérifier le certificat`
|
|
|
|
|
4. désinstaller l'application collabora built-in serveur
|