Setup Nextcloud 29 for private photo/video storage and sharing using Ubuntu and docker compose on Intel NUC minipc
...
(and some other) mini PC
Tested on hardware
- Topton N200 router (4 core [4E] N100, 16GB, 2TB nvme) + Ubuntu 24.04
- Intel(R)
...
- Client
...
- Systems
...
- NUC10i7FNK
...
- (6
...
- core
...
- [6P] i7-10710U,
...
- 64GB,
...
- 4TB
...
- nvme)
...
- +
...
- Ubuntu
...
- 24.04
...
Prepare folders and scripts
Code Block |
---|
mkdir -p /docker/nextcloud/var/www/html
mkdir -p /docker/mariadb/var/lib/mysql
vi nextcloud.yml
vi ./nextcloud_update.sh
chmod +x ./nextcloud_update.sh
./nextcloud_update.sh |
Update script
./nextcloud_update.sh
Code Block | ||||
---|---|---|---|---|
| ||||
#!/bin/bash
docker compose -f nextcloud.yml ps
docker compose -f nextcloud.yml down ;
docker compose -f nextcloud.yml up -d --build --force-recreate;
docker compose -f nextcloud.yml ps
docker compose -f nextcloud.yml logs --follow |
docker compose file
nextcloud.yml
- noble
- Topton i7-1355U router (10 core [2P/8E] i7-1355U,32GB, 4TB nvme) + Ubuntu 24.04
Docker install
https://docs.docker.com/engine/install/ubuntu/
Code Block |
---|
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove -y $pkg; done
apt update
apt install ca-certificates curl
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
|
firewall
Code Block |
---|
ufw allow from 127.0.0.1
ufw allow from 172.16.0.0/12
ufw allow from 10.0.0.0/8
ufw allow from 192.168.0.0/16
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow 443/udp
ufw enable
ufw status |
Prepare folders and scripts
Code Block |
---|
mkdir -p /docker/nextcloud/var/www/html
mkdir -p /docker/mariadb/var/lib/mysql
mkdir -p /docker/etc/nginx/sites-enabled/
mkdir -p /docker/etc/ssl/private/
mkdir -p /docker/etc/ssl/certs/
vi nextcloud.yml
vi ./nextcloud_update.sh
chmod +x ./nextcloud_update.sh
./nextcloud_update.sh |
nginx configuration
Code Block |
---|
vi /docker/etc/nginx/nginx.conf |
Code Block | ||||
---|---|---|---|---|
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 2048M;
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1.3 ; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
| ||||
Code Block | ||||
| ||||
services: db: image: mariadb:10.11.7 container_name: cloud-db restart: always command: --transaction-isolation=READ-COMMITTED --log-bin=mysqld-bin --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed volumes: - /docker/mariadb/var/lib/mysql:/var/lib/mysql:rw - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - type: tmpfs target: /tmp environment: - MYSQL_ROOT_PASSWORD=db_admin_pass - MYSQL_PASSWORD=db_user_pass - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MARIADB_AUTO_UPGRADE=yes - REDIS_HOST=redis - REDIS_PORT=6379 redis: image: redis:alpine container_name: cloud-cache restart: always app: image: nextcloud:29.0.1 container_name: cloud-server hostname: cloud.example.com restart: always ports: - 8880:80 links: - db - redis volumes: - /docker/nextcloud/var/www/html:/var/www/html:rw - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - type: tmpfs target: /tmp:execgzip_proxied any; devices: - /dev/dri:/dev/dri environment: gzip_comp_level 6; - MYSQL_PASSWORD=db_user_pass - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=db gzip_buffers 16 8k; - OVERWRITEHOST=cloud.example.com include /etc/nginx/conf.d/*.conf; - OVERWRITEPROTOCOL=https - NEXTCLOUD_ADMIN_USER=nc_admin_userinclude /etc/nginx/sites-enabled/*; } |
Code Block |
---|
vi /docker/etc/nginx/sites-enabled/nextcloud.conf |
Code Block |
---|
server { - NEXTCLOUD_ADMIN_PASSWORD=nc_admin_pass listen - NEXTCLOUD_UPLOAD_LIMIT=20G 80; - PHP_UPLOAD_LIMIT=32Gserver_name cloud.example.com; - PHP_MEMORY_LIMIT=32G - APACHE_BODY_LIMIT=0 |
nginx configuration
Code Block |
---|
server { listen 80; server_name cloud.example.com; return 301 return 301 https://$server_name$request_uri; location / { } } server { #listen 443 quic; listen 443 ssl; http2 on; server_name cloud.example.com; addssl_header Strict-Transport-Security 'max-age=15552000; includeSubDomains'; ssl_certificate /etccertificate /etc/ssl/private/cloudkey-exampleand-comcertificates.pem; ssl_certificate_key /etc/ssl/private/cloudkey-exampleand-comcertificates.pem; sslclient_max_trustedbody_certificate "/etc/ssl/certs/cloud-example-com.ca"; size 16G; client_max_body_sizetimeout 36G600s; client_body_timeout 800sadd_header Strict-Transport-Security 'max-age=15552000; includeSubDomains'; ssl_protocols TLSv1.3 TLSv1.2; ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"; ssl_session_cache shared:SSL:20m; ssl_session_timeout 1h; ssl_prefer_server_ciphers on; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate "/etc/ssl/certs/my-certificate-authotities.ca"; resolver 1.1.1.1 8.8.4.4 valid=300s; resolver_timeout 5s; location ^~ /.well-known { location = /.well-known/carddav { return 301 /remote.php/dav/; } location = /.well-known/caldav { return 301 /remote.php/dav/; } location /.well-known/acme-challenge { try_files $uri $uri/ =404; } location /.well-known/pki-validation { try_files $uri $uri/ =404; } return 301 /index.php$request_uri; } location = /robots.txt { allow all; log_not_found off; access_log off; } location / { add#add_header Xalt-protocol $server_protocol always; includesvc 'h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400'; add_header X-protocol $server_protocol always; include /etc/nginx/mime.types; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://10192.0168.0.21:8880; } } |
Code Block |
---|
vi /docker/etc/nginx/mime.types |
Code Block |
---|
types { text/html location /s/blank.mp4 { return 501 'NO FILE'; } } |
add plugins
- https://apps.nextcloud.com/apps/memories
- https://apps.nextcloud.com/apps/recognize or https://apps.nextcloud.com/apps/facerecognition
- https://apps.nextcloud.com/apps/previewgenerator
- https://apps.nextcloud.com/apps/workflow_media_converter
Tuning
that have to be done every container version update
To get in nextcloud container
Code Block |
---|
docker exec -it cloud-server bash |
Prepare mirrors list for apt
Code Block |
---|
apt update
apt install lsb-release |
UA mirrors example
Code Block |
---|
cat <<EOF >/etc/apt/sources.list
deb http://debian.volia.net/debian $(lsb_release -sc) main contrib non-free
deb-src http://debian.volia.net/debian $(lsb_release -sc) main contrib non-free
deb http://mirror.mirohost.net/debian-security $(lsb_release -sc)-security main contrib non-free non-free-firmware
deb-src http://mirror.mirohost.net/debian-security $(lsb_release -sc)-security main contrib non-free
deb http://debian.netforce.hosting/debian $(lsb_release -sc)-updates main contrib non-free non-free-firmware
deb-src http://debian.netforce.hosting/debian $(lsb_release -sc)-updates main contrib non-free
EOF |
install some tools and compile ImageMagick
Code Block |
---|
# install some basic tools
apt update
apt install -y sudo vim git wget exiftool
# add HW media conversion support (for Intel graphics)
groupadd -g 109 render
usermod -a -G video www-data
usermod -a -G render www-data
apt install -y vainfo intel-media-va-driver-non-free ffmpeg
# Compile latest ImageMagick
apt install -y build-essential autoconf libtool
apt build-dep -y imagemagick libmagickcore-dev libde265 libheif
cd /usr/src/
git clone https://github.com/strukturag/libde265.git
git clone https://github.com/strukturag/libheif.git
cd libde265/
./autogen.sh
./configure
make -j 6
make install
cd /usr/src/libheif/
./autogen.sh
./configure
make -j 6
make install
cd /usr/src/
#wget https://www.imagemagick.org/download/ImageMagick.tar.gz
#wget https://imagemagick.org/download/ImageMagick.tar.gz
#wget https://imagemagick.org/archive/ImageMagick.tar.gz
wget https://download.imagemagick.org/archive/ImageMagick.tar.gz
tar xf ImageMagick.tar.gz
cd ImageMagick-7*
./configure --with-heic=yes
make -j 6
make install
ldconfig
|
Optional switch back from ffmpeg 6.0.1 to 5.1.4
Code Block |
---|
apt-cache policy ffmpeg
apt remove ffmpeg
apt install ffmpeg=7:5.1.4-0+deb12u1 |
compile php-imagick
Code Block |
---|
cd /usr/src/
wget http://pecl.php.net/get/imagick-3.7.0.tgz
tar -xvzf imagick-3.7.0.tgz
cd imagick-3.7.0/
phpize
./configure
make -j 6
make install |
set new limits and restart apache
Code Block |
---|
echo "LimitRequestBody 0" > /etc/apache2/conf-enabled/apache-limits.conf
sed -i '/memory_limit/d' /usr/local/etc/php/conf.d/nextcloud.ini
sed -i '/upload_max_filesize/d' /usr/local/etc/php/conf.d/nextcloud.ini
sed -i '/post_max_size/d' /usr/local/etc/php/conf.d/nextcloud.ini
echo "memory_limit=48G" >>/usr/local/etc/php/conf.d/nextcloud.ini
echo "upload_max_filesize=32G" >>/usr/local/etc/php/conf.d/nextcloud.ini
echo "post_max_size=32G" >>/usr/local/etc/php/conf.d/nextcloud.ini
service apache2 reload |
use facerecognition
Code Block |
---|
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:remove recognize"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install facerecognition"
docker-php-ext-configure bz2
docker-php-ext-install bz2
apt install -y libavdevice-dev libavfilter-dev libavformat-dev
apt install -y libavcodec-dev libswresample-dev libswscale-dev
apt install -y libavutil-dev
cd /usr/src/
git clone https://github.com/davisking/dlib.git
cd dlib/dlib
mkdir build
cd build
cmake -DBUILD_SHARED_LIBS=ON ..
make
sudo make install
cd /usr/src/
git clone https://github.com/goodspb/pdlib.git
cd pdlib
phpize
./configure --enable-debug
# you may need to indicate the dlib install location
# PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./configure --enable-debug
make
sudo make install
echo "extension=pdlib.so" > /usr/local/etc/php/conf.d/docker-php-ext-pdlib.ini
cd /var/www/html/
sudo -u www-data /bin/bash -c "./occ config:app:set facerecognition max_image_area --value 786432"
sudo -u www-data /bin/bash -c "./occ config:app:set facerecognition min_image_size --value 128"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G ./occ face:setup -M 32G -m 1"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G ./occ face:setup -M 32G -m 4"
sudo -u www-data /bin/bash -c "./occ face:background_job -t 900" |
Cleanup build directory
Code Block |
---|
cd /usr/src/
rm ImageMagick.tar.gz
rm imagick-*.tgz
rm -Rf ImageMagick-*
rm -Rf imagick-* |
Crontab
on host system
Code Block |
---|
*/5 * * * * /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=10G /usr/local/bin/php -f /var/www/html/cron.php" |
Check installations
Check php-imagick
Code Block |
---|
php -r 'phpinfo();' |grep ImageMagick
|
Check ImageMagick
Code Block |
---|
convert -version
|
Check Intel graphics codec support
Code Block |
---|
vainfo
|
Check ffmpeg
html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/x-javascript mjs;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
|
Code Block |
---|
vi /docker/etc/ssl/private/key-and-certificates.pem |
your key and certs
Code Block |
---|
vi /docker/etc/ssl/certs/my-certificate-authotities.ca |
your ca certs
Update script
./nextcloud_update.sh
Code Block | ||||
---|---|---|---|---|
| ||||
#!/bin/bash
docker compose -f nextcloud.yml ps
docker compose -f nextcloud.yml down ;
docker compose -f nextcloud.yml up -d --build --force-recreate;
docker compose -f nextcloud.yml ps
docker compose -f nextcloud.yml logs --follow |
docker compose file
nextcloud.yml
Code Block | ||||
---|---|---|---|---|
| ||||
services:
web:
image: nginx
container_name: cloud-web
restart: always
ports:
- 80:80
- 443:443/tcp
- 443:443/udp
- 8080:8080
volumes:
- /docker/etc/nginx:/etc/nginx
- /docker/etc/ssl:/etc/ssl:ro
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
db:
image: mariadb:10.11.7
container_name: cloud-db
restart: always
command: --transaction-isolation=READ-COMMITTED --log-bin=mysqld-bin --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed --log_bin_trust_function_creators=true
volumes:
- /docker/mariadb/var/lib/mysql:/var/lib/mysql:rw
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- type: tmpfs
target: /tmp
environment:
- MYSQL_ROOT_PASSWORD=db_admin_pass
- MYSQL_PASSWORD=db_user_pass
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MARIADB_AUTO_UPGRADE=yes
- REDIS_HOST=redis
- REDIS_PORT=6379
redis:
image: redis:alpine
container_name: cloud-cache
restart: always
app:
image: nextcloud:29.0.1
container_name: cloud-server
hostname: cloud.example.com
restart: always
ports:
- 8880:80
links:
- db
- redis
volumes:
- /docker/nextcloud/var/www/html:/var/www/html:rw
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- type: tmpfs
target: /tmp:exec
devices:
- /dev/dri:/dev/dri
environment:
- MYSQL_PASSWORD=db_user_pass
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=db
- OVERWRITEHOST=cloud.example.com
- OVERWRITEPROTOCOL=https
- NEXTCLOUD_ADMIN_USER=nc_admin_user
- NEXTCLOUD_ADMIN_PASSWORD=nc_admin_pass
- NEXTCLOUD_UPLOAD_LIMIT=20G
- PHP_UPLOAD_LIMIT=32G
- PHP_MEMORY_LIMIT=32G
- APACHE_BODY_LIMIT=0
|
example of running
Code Block |
---|
root@server:~# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d02e9b147afa nextcloud:29.0.1 "/entrypoint.sh apac…" 8 minutes ago Up 8 minutes 0.0.0.0:8880->80/tcp, :::8880->80/tcp cloud-server
c917babfd03f redis:alpine "docker-entrypoint.s…" 8 minutes ago Up 8 minutes 6379/tcp cloud-cache
fdd3842ad78b mariadb:10.11.7 "docker-entrypoint.s…" 8 minutes ago Up 8 minutes 3306/tcp cloud-db
4c54e98fcbad nginx "/docker-entrypoint.…" 8 minutes ago Up 8 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp cloud-web
|
add plugins
- https://apps.nextcloud.com/apps/memories
- https://apps.nextcloud.com/apps/recognize or https://apps.nextcloud.com/apps/facerecognition
- https://apps.nextcloud.com/apps/previewgenerator
- https://apps.nextcloud.com/apps/workflow_media_converter
Tuning
that have to be done every container version update
To get in nextcloud container
Code Block |
---|
docker exec -it cloud-server bash |
Prepare mirrors list for apt
Code Block |
---|
apt update
apt install lsb-release |
UA mirrors example
Code Block |
---|
cat <<EOF >/etc/apt/sources.list
deb http://debian.volia.net/debian $(lsb_release -sc) main contrib non-free
deb-src http://debian.volia.net/debian $(lsb_release -sc) main contrib non-free
deb http://mirror.mirohost.net/debian-security $(lsb_release -sc)-security main contrib non-free non-free-firmware
deb-src http://mirror.mirohost.net/debian-security $(lsb_release -sc)-security main contrib non-free
deb http://debian.netforce.hosting/debian $(lsb_release -sc)-updates main contrib non-free non-free-firmware
deb-src http://debian.netforce.hosting/debian $(lsb_release -sc)-updates main contrib non-free
EOF |
use ffmpeg 6
Code Block |
---|
cat <<EOF >>/etc/apt/sources.list
deb http://debian.ids-services.de/debian-multimedia/ $(lsb_release -sc) main
deb-src http://debian.ids-services.de/debian-multimedia/ $(lsb_release -sc) main
EOF
apt update -oAcquire::AllowInsecureRepositories=true
apt install -y --allow-unauthenticated deb-multimedia-keyring
|
Code Block |
---|
apt update
apt install -y --allow-unauthenticated sudo vim git wget exiftool vainfo intel-media-va-driver-non-free ffmpeg
# add HW media conversion support (for Intel graphics)
# group id to be checked on host system
groupadd -g 993 render
groupadd -g 109 render2
usermod -a -G video www-data
usermod -a -G render www-data
usermod -a -G render2 www-data |
install some tools and compile ImageMagick
Code Block |
---|
# Compile latest ImageMagick
apt install -y build-essential autoconf libtool
apt build-dep -y imagemagick libmagickcore-dev libde265 libheif
cd /usr/src/
git clone https://github.com/strukturag/libde265.git
git clone https://github.com/strukturag/libheif.git
cd libde265/
./autogen.sh
./configure
make -j 6
make install
cd /usr/src/libheif/
#git checkout develop-v1.18.0
mkdir build
cd build
cmake --preset=release ..
./configure
make -j 6
make install
cd /usr/src/
#wget https://www.imagemagick.org/download/ImageMagick.tar.gz
#wget https://imagemagick.org/download/ImageMagick.tar.gz
#wget https://imagemagick.org/archive/ImageMagick.tar.gz
wget https://download.imagemagick.org/archive/ImageMagick.tar.gz
tar xf ImageMagick.tar.gz
cd ImageMagick-7*
./configure --with-heic=yes
make -j 6
make install
ldconfig
|
Optional switch back from ffmpeg 6.0.1 to 5.1.4
Code Block | ||
---|---|---|
| ||
apt-cache policy ffmpeg
apt remove ffmpeg
apt install ffmpeg=7:5.1.4-0+deb12u1 |
compile php-imagick
Code Block |
---|
cd /usr/src/
wget http://pecl.php.net/get/imagick-3.7.0.tgz
tar -xvzf imagick-3.7.0.tgz
cd imagick-3.7.0/
phpize
./configure
make -j 6
make install |
set new limits and restart apache
Code Block |
---|
echo "LimitRequestBody 0" > /etc/apache2/conf-enabled/apache-limits.conf
sed -i '/memory_limit/d' /usr/local/etc/php/conf.d/nextcloud.ini
sed -i '/upload_max_filesize/d' /usr/local/etc/php/conf.d/nextcloud.ini
sed -i '/post_max_size/d' /usr/local/etc/php/conf.d/nextcloud.ini
sed -i '/max_execution_time/d' /usr/local/etc/php/conf.d/nextcloud.ini
sed -i '/max_input_time/d' /usr/local/etc/php/conf.d/nextcloud.ini
sed -i '/max_file_uploads/d' /usr/local/etc/php/conf.d/nextcloud.ini
echo "memory_limit=15G" >>/usr/local/etc/php/conf.d/nextcloud.ini
echo "upload_max_filesize=32G" >>/usr/local/etc/php/conf.d/nextcloud.ini
echo "post_max_size=32G" >>/usr/local/etc/php/conf.d/nextcloud.ini
echo "max_execution_time = 3600" >>/usr/local/etc/php/conf.d/nextcloud.ini
echo "max_input_time = 3600" >>/usr/local/etc/php/conf.d/nextcloud.ini
echo "max_file_uploads = 100" >>/usr/local/etc/php/conf.d/nextcloud.ini
service apache2 reload |
add apps
Code Block |
---|
cd /var/www/html
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install memories"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install recognize"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install previewgenerator"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install workflow_media_converter"
#sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install imageconverter"
#sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install video_converter"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ recognize:download-models"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ memories:places-setup"
|
in case memories:place-setup fail see https://memories.gallery/troubleshooting/#general-error-2006-mysql-server-has-gone-away and transaction-size can be reduced to avoid this error
Code Block |
---|
default places-setup transaction-size is 500
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ memories:places-setup --transaction-size=100 |
use facerecognition instead of recognize
recognize is more user-friendly, easy to install and allows manual sort of unrecognized faces, but in case for some reason need another face recognition tool there is also facerecognition available
Code Block | ||
---|---|---|
| ||
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:remove recognize"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install facerecognition"
docker-php-ext-configure bz2
docker-php-ext-install bz2
apt install -y libavdevice-dev libavfilter-dev libavformat-dev
apt install -y libavcodec-dev libswresample-dev libswscale-dev
apt install -y libavutil-dev
cd /usr/src/
git clone https://github.com/davisking/dlib.git
cd dlib/dlib
mkdir build
cd build
cmake -DBUILD_SHARED_LIBS=ON ..
make
sudo make install
cd /usr/src/
git clone https://github.com/goodspb/pdlib.git
cd pdlib
phpize
./configure --enable-debug
# you may need to indicate the dlib install location
# PKG_CONFIG_PATH=/usr/local/lib/pkgconfig ./configure --enable-debug
make
sudo make install
echo "extension=pdlib.so" > /usr/local/etc/php/conf.d/docker-php-ext-pdlib.ini
cd /var/www/html/
sudo -u www-data /bin/bash -c "./occ config:app:set facerecognition max_image_area --value 786432"
sudo -u www-data /bin/bash -c "./occ config:app:set facerecognition min_image_size --value 128"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G ./occ face:setup -M 32G -m 1"
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G ./occ face:setup -M 32G -m 4"
sudo -u www-data /bin/bash -c "./occ face:background_job -t 900" |
Cleanup build directory
Code Block |
---|
cd /usr/src/
rm ImageMagick.tar.gz
rm imagick-*.tgz
rm -Rf ImageMagick-*
rm -Rf imagick-* |
Enable preview for HEIC
Code Block |
---|
cd /var/www/html
vi config/config.php |
Code Block | ||
---|---|---|
| ||
'enable_previews' => true,
'enabledPreviewProviders' =>
array (
0 => 'OC\\Preview\\PNG',
1 => 'OC\\Preview\\JPEG',
2 => 'OC\\Preview\\GIF',
3 => 'OC\\Preview\\BMP',
4 => 'OC\\Preview\\HEIC',
5 => 'OC\\Preview\\MP3',
6 => 'OC\\Preview\\TXT',
7 => 'OC\\Preview\\Movie',
), |
Enable redis for file locking
Code Block |
---|
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => 'redis',
'port' => 6379,
), |
Setup trusted proxy
Code Block |
---|
'trusted_proxies' => ['192.168.0.1', '192.168.0.2'], |
Crontab
on host system
Code Block |
---|
*/5 * * * * /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=10G /usr/local/bin/php -f /var/www/html/cron.php" |
Check installations
Check php-imagick
Code Block |
---|
php -r 'phpinfo();' |grep ImageMagick
|
Code Block | ||
---|---|---|
| ||
Imagick compiled with ImageMagick version => ImageMagick 7.1.1-33 Q16-HDRI x86_64 22263 https://imagemagick.org
Imagick using ImageMagick library version => ImageMagick 7.1.1-33 Q16-HDRI x86_64 22263 https://imagemagick.org
ImageMagick copyright => (C) 1999 ImageMagick Studio LLC
ImageMagick release date => 2024-05-25
ImageMagick number of supported formats: => 275
ImageMagick supported formats => 3FR, 3G2, 3GP, A, AAI, AI, APNG, ART, ARW, ASHLAR, AVI, AVIF, AVS, B, BAYER, BAYERA, BGR, BGRA, BGRO, BIE, BMP, BMP2, BMP3, BRF, C, CAL, CALS, CANVAS, CAPTION, CIN, CIP, CLIP, CMYK, CMYKA, CR2, CR3, CRW, CUBE, CUR, CUT, DATA, DCM, DCR, DCRAW, DCX, DDS, DFONT, DJVU, DNG, DPX, DXT1, DXT5, EPDF, EPI, EPS, EPS2, EPS3, EPSF, EPSI, EPT, EPT2, EPT3, ERF, EXR, FARBFELD, FAX, FF, FFF, FILE, FITS, FL32, FLV, FRACTAL, FTP, FTS, FTXT, G, G3, G4, GIF, GIF87, GRADIENT, GRAY, GRAYA, GROUP4, HALD, HDR, HEIC, HEIF, HISTOGRAM, HRZ, HTM, HTML, HTTP, HTTPS, ICB, ICO, ICON, IIQ, INFO, INLINE, IPL, ISOBRL, ISOBRL6, J2C, J2K, JBG, JBIG, JNG, JNX, JP2, JPC, JPE, JPEG, JPG, JPM, JPS, JPT, JSON, K, K25, KDC, LABEL, M, M2V, M4V, MAC, MAP, MASK, MAT, MATTE, MDC, MEF, MIFF, MKV, MNG, MONO, MOS, MOV, MP4, MPC, MPEG, MPG, MPO, MRW, MSL, MSVG, MTV, MVG, NEF, NRW, NULL, O, ORA, ORF, OTB, OTF, PAL, PALM, PAM, PANGO, PATTERN, PBM, PCD, PCDS, PCL, PCT, PCX, PDB, PDF, PDFA, PEF, PES, PFA, PFB, PFM, PGM, PGX, PHM, PICON, PICT, PIX, PJPEG, PLASMA, PNG, PNG00, PNG24, PNG32, PNG48, PNG64, PNG8, PNM, POCKETMOD, PPM, PS, PS2, PS3, PSB, PSD, PTIF, PWP, QOI, R, RADIAL-GRADIENT, RAF, RAS, RAW, RGB, RGB565, RGBA, RGBO, RGF, RLA, RLE, RMF, RW2, RWL, SCR, SCREENSHOT, SCT, SFW, SGI, SHTML, SIX, SIXEL, SPARSE-COLOR, SR2, SRF, SRW, STEGANO, STI, STRIMG, SUN, SVG, SVGZ, TEXT, TGA, THUMBNAIL, TIFF, TIFF64, TILE, TIM, TM2, TTC, TTF, TXT, UBRL, UBRL6, UIL, UYVY, VDA, VICAR, VID, VIFF, VIPS, VST, WBMP, WEBM, WEBP, WMV, WPG, X, X3F, XBM, XC, XCF, XPM, XPS, XV, XWD, Y, YAML, YCBCR, YCBCRA, YUV
|
Check ImageMagick
Code Block |
---|
convert -version
|
Code Block | ||
---|---|---|
| ||
WARNING: The convert command is deprecated in IMv7, use "magick"
Version: ImageMagick 7.1.1-33 Q16-HDRI x86_64 22263 https://imagemagick.org
Copyright: (C) 1999 ImageMagick Studio LLC
License: https://imagemagick.org/script/license.php
Features: Cipher DPC HDRI OpenMP(4.5)
Delegates (built-in): bzlib djvu fontconfig freetype heic jbig jng jp2 jpeg lcms lqr lzma openexr pangocairo png tiff webp x xml zlib zstd
|
Check Intel graphics codec support
Code Block |
---|
vainfo
|
Code Block | ||
---|---|---|
| ||
error: XDG_RUNTIME_DIR is invalid or not set in the environment.
error: can't connect to X server!
libva info: VA-API version 1.17.0
libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so
libva info: Found init function __vaDriverInit_1_17
libva info: va_openDriver() returns 0
vainfo: VA-API version: 1.17 (libva 2.12.0)
vainfo: Driver version: Intel iHD driver for Intel(R) Gen Graphics - 23.1.1 ()
vainfo: Supported profile and entrypoints
VAProfileNone : VAEntrypointVideoProc
VAProfileNone : VAEntrypointStats
VAProfileMPEG2Simple : VAEntrypointVLD
VAProfileMPEG2Simple : VAEntrypointEncSlice
...
VAProfileHEVCMain444_12 : VAEntrypointVLD
VAProfileHEVCSccMain : VAEntrypointVLD
VAProfileHEVCSccMain : VAEntrypointEncSliceLP
VAProfileHEVCSccMain10 : VAEntrypointVLD
VAProfileHEVCSccMain10 : VAEntrypointEncSliceLP
VAProfileHEVCSccMain444 : VAEntrypointVLD
VAProfileHEVCSccMain444 : VAEntrypointEncSliceLP
VAProfileAV1Profile0 : VAEntrypointVLD
VAProfileHEVCSccMain444_10 : VAEntrypointVLD
VAProfileHEVCSccMain444_10 : VAEntrypointEncSliceLP
|
Check ffmpeg
Code Block |
---|
ffmpeg -codecs |grep -e 265 -e 264
|
Code Block | ||
---|---|---|
| ||
ffmpeg version 6.0.1 Copyright (c) 2000-2023 the FFmpeg developers
built with gcc 12 (Debian 12.2.0-14)
...
DEV.LS h264 H.264 / AVC / MPEG-4 AVC / MPEG-4 part 10 (decoders: h264 h264_v4l2m2m h264_qsv libopenh264 h264_cuvid ) (encoders: libx264 libx264rgb libopenh264 h264_amf h264_nvenc h264_omx h264_qsv h264_v4l2m2m h264_vaapi )
DEV.L. hevc H.265 / HEVC (High Efficiency Video Coding) (decoders: hevc hevc_qsv hevc_v4l2m2m hevc_cuvid ) (encoders: libx265 hevc_amf hevc_nvenc hevc_qsv hevc_v4l2m2m hevc_vaapi libkvazaar ) | ||
Code Block | ||
ffmpeg -codecs |grep -e 265 -e 264
|
Check logs
Code Block |
---|
docker compose -f nextcloud.yml logs --follow |
...
Code Block |
---|
/usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ status" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ config:system:get version" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "NC_debug=true PHP_MEMORY_LIMIT=512M ./occ app:list" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:removeinstall recognizememories" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install memoriesrecognize" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install previewgenerator" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:install workflow_media_converter" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ app:update --all" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ db:add-missing-indices -vvv" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ maintenance:repair" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ maintenance:mode --on" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ maintenance:mode --off" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=512M ./occ trashbin:cleanup --all-users" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G15G ./occ files:scan --all --generate-metadata --no-interaction -vvv" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G15G ./occ preview:generate-all -vvv" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G15G ./occ memories:index" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G15G ./occ memories:index --force" |
cli for recognize
Code Block |
---|
/usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=2G15G ./occ memories:index --force --ansi --no-interaction" |
cli for recognize
Code Block |
---|
recognize:download-models" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G15G ./occ recognize:cluster-faces" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G15G ./occ recognize:classify" |
cli for facerecognition
Code Block | ||
---|---|---|
| ||
/usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "./occ face:reset --all" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "./occ face:stats" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "./occ face:progress" /usr/bin/docker exec cloud-server sudo -u www-data /bin/bash -c "./occ face:background_job -t 900" |
...
Code Block |
---|
sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=2G ./occ preview:generate-all -vvv" sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=10G /usr/local/bin/php -f /var/www/html/occ memories:index" sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=10G /usr/local/bin/php -f /var/www/html/occ recognize:cluster-faces" sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=10G /usr/local/bin/php -f /var/www/html/occ recognize:classify" sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=2G ./occ recognize:download-models" sudo -u www-data /bin/bash -c "PHP_MEMORY_LIMIT=32G15G ./occ memories:index --force" |
clear files locks in Redis
Code Block |
---|
/usr/bin/docker exec cloud-cache redis-cli flushall |
Previous Nextcloud related articles
...