Nextcloud hacks and improvements

In this article we will go through Nextcloud hacks and improvements. Add configurations to safeguard Nextcloud installation.

Move data directory

There could be two reasons why one would need to move data directory from the web server path.

  • Security
  • Different mount point

Whatever the reason is, we will move it anyway. I prefer to use copy command. I assume the web server path is /var/www/html, change accordingly if different.

cp -r /var/www/html/data /var/www/data

This will recursively copy the data directory to /var/www. Remember you can move it anywhere you would like to. Now we will edit config.php file to change the directory path.

vim /var/www/html/config/config.php

From

'datadirectory' => '/var/www/html/data',

To

'datadirectory' => '/var/www/data',

You can refresh the Nextcloud instance now and all should be ok. data directory from html can now be deleted/removed.

Just make sure you don’t delete anything else. You can use rm -r command.

Disclaimer: As mentioned be-careful with rm command, I will not be responsible if you kill your kitten mistakenly. 🙂

Setup cron for background jobs

With fresh installation Nextcloud opt for AJAX for background jobs. Preferred way is to setup a cron job on the server.

crontab -e -u www-data

Add:

*/5 * * * * php -f /var/www/html/cron.php

Change the path to cron.php if it is different.

Redis cache

We have already installed redis in our previous article, the only thing we need now is to add the following to config.php file.

vim /var/www/html/config/config.php
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.local' => '\\OC\\Memcache\\Redis',
'redis' => 
  array (
   'host' => 'localhost',
   'port' => 6379,
 ),

Save and done.

Remove index.php from URLs

Set proper permissions on .htaccess if they are not.

chown www-data:www-data /var/www/html/.htaccess

Add the following line to $CONFIG array in config.php:

vim /var/www/html/config/config.php
'htaccess.RewriteBase' => '/',

Update .htaccess with occ:

sudo -u www-data php occ maintenance:update:htaccess

Default phone region

Add the following to config.php:

'default_phone_region' => 'DE',

Use the two character country code.

Rescan files

In some cases like migration you may encounter issues like missing files or indexes. This command will update them.

sudo -u www-data php occ files:scan --all

Above command will scan files for all users. If you want to scan files for a specific user, command would be:

sudo -u www-data php occ files:scan --all USER_ID

Reset passwords with occ

You can reset any user password with occ command. admin is the username.

sudo -u www-data php occ user:resetpassword admin

New account skeleton

After login to Nextcloud instance you will see some default files.

To have an empty account for new users, add to config.php file.

'skeletondirectory' => '',

If you want to have your own set of files for new users to see in their account. You can create a directory anywhere in the web server path. Copy your files/directories to it.

Preferred is root path /var/www/html/template. And change skeletondirectory to:

'skeletondirectory' => '/var/www/html/template',