markuman.nextcloud.nextcloud
Collection Version | Supported OS | Nextcloud Version | EOL |
---|---|---|---|
9 | Ubuntu 20.04 | 23 | 2022.12 |
>= 10 | Ubuntu 22.04 | >= 25 | 2024.12 |
This ansible installation role supports only Ubuntu LTS.
Furthermore it depends on ansible devsec.hardening
collection that is applied on
- ssh
- os
- mariadb
And it does even more:
- setup ufw
- setup letsencrypt with TLSv1.3 in caddy
- configured smooth preview settings for nextcloud gallery app and preview generator
- ...
out of scope
This role does not cover
- Other distributions
- apache, nginx
- postgres
requirements
- ansible >= 2.9.10
- collection dependencies
- devsec.hardening
- community.mysql
hardware recommendations
Basically 1 Core and 512MB are sufficient to serve a nextcloud. And it heavily depends on its usage if it is sufficient or not.
That might be also sufficient for this installation role. However, the recommendations for this role are at least:
- >= 1 Core
- >= 2 GB Mempry
...the more the better ;)
Note that innodb_buffer_pool_size
value of mariadb is set to 1/4 of the available memory, but at least to 512M.
example
---
- hosts: some.nextcloud.domain
become: yes
vars:
ubuntu_nextcloud_user: ubuntu
ubuntu_nextcloud_user_ssh_key_location: https://github.com/markuman.keys
nextcloud_fqdn: "{{ inventory_hostname }}"
lets_encrypt_mail: git@osuv.de
mariadb_root_password: some_random_mysql_root_pws
nextcloud_db_password: some_random_nextcloud_database_password
nextcloud_admin_user: admin
nextcloud_admin_password: some_strong_password
roles:
- markuman.nextcloud.nextcloud
install_media
Added in 10.1.0
If install_media: yes
, the collection will install and configure
- recognize
- memories
- previewgenerator
- richdocuments (nextcloud office)
- richdocumentscode (nextcloud office)
defaults
There are some settings that needs to be adjust/increased, based on the useage and resources of your nextcloud.
Firewall Settings
Direction | Port |
---|---|
IN | 22 (SSH Rate Limit) |
IN | 80 (HTTP) |
IN | 443 (HTTPS) |
OUT | 22 (SSH) |
OUT | 53 (DNS) |
OUT | 123 (NTP) |
OUT | 80 (HTTP) |
OUT | 443 (HTTPS) |
OUT | 465 (TLS SMTP) |
OUT | 993 (TLS IMAP) |
Role Variables
Variale Name | Required | Default Value | version_added |
---|---|---|---|
ubuntu_nextcloud_user |
yes | ||
ubuntu_nextcloud_user_ssh_key_location |
yes | ||
nextcloud_fqdn |
yes | ||
install_talk |
no | yes | |
lets_encrypt_mail |
yes | ||
mariadb_root_password |
yes | ||
nextcloud_db_password |
yes | ||
nextcloud_admin_user |
yes | ||
nextcloud_admin_password |
yes | ||
php_fpm.max_children |
no | 120 | |
php_fpm.start_servers |
no | 12 | |
php_fpm.min_spare_servers |
no | 6 | |
php_fpm.max_spare_servers |
no | 18 | |
opcache.interned_strings_buffer |
no | 16 | |
innodb_buffer_pool_size |
no | 512M | |
install_media |
no | yes | 10.1.0 |
remove_dead_authtokens_after_days |
no | 21 | 11.1.0 |