kube transfer to single-node host

2024-07-08 10:39:56 -04:00
parent d1afa569cc
commit 887df21477
69 changed files with 1675 additions and 2009 deletions
--- a/nextcloud/README.md
+++ b/nextcloud/README.md
@@ -1,71 +1,40 @@
 # Nextcloud AIO

 - [Nextcloud AIO](#nextcloud-aio)
-  - [Prereq](#prereq)
-    - [Iscsi](#iscsi)
  - [Setup](#setup)
-    - [IPV6 (Optional)](#ipv6-optional)
+  - [Install Docker](#install-docker)
+    - [IPV6](#ipv6)
    - [Install](#install)
+  - [Backups](#backups)
  - [Trusted Proxy](#trusted-proxy)
+  - [Default phone region](#default-phone-region)
+  - [Adding existing files](#adding-existing-files)
+  - [Theming](#theming)
+  - [Changing the domain](#changing-the-domain)
  - [Uninstall](#uninstall)
  - [Edit QCOW](#edit-qcow)

-## Prereq
-
-1. Have a reverse proxy pointing at your server
-2. Have a valid certificate
-
-### Iscsi
-
-We can use iscsi to give nextcloud a large block store.
-
-On Nextcloud:
-
-1. Create an iscsi initiator in Truenas named `iqn.2024-02.com.reeselink:nextcloud-aio`.
-2. Create a new authorized access with username `iqn.2024-02.com.reeselink:nextcloud-aio` and password.
-3. Create a new target called `iqn.2024-02.com.reeselink:nextcloud-aio-data`
-   1. Create an alias called `Nextcloud AIO Data`
-   2. Select the exposed portal
-   3. Select the `iqn.2024-02.com.reeselink:nextcloud-aio` initiator group
-   4. Select CHAP Auth method
-   5. Select auth group containing `iqn.2024-02.com.reeselink:nextcloud-aio`
-4. Create a new extent called `nextcloud-aio-data`, leave all settings alone
-5. Create a new associated target with `iqn.2024-02.com.reeselink:nextcloud-aio-data` target and
-   `nextcloud-aio-data` extent
-
-On Nextcloud AIO:
-
-Edit `/etc/iscsi/initiatorname.iscsi` and set your initiatorname.
-
-Edit `/etc/iscsi/iscsid.conf`
-
-```conf
-node.session.auth.username = iqn.2024-02.com.reeselink:nextcloud-aio
-node.session.auth.password = <password>
-```
-
-```bash
-# Discover targets
-iscsiadm -m discovery -t st -p driveripper.reeselink.com
-# Login to the nextcloud-data target
-iscsiadm -m node -T iqn.2023-01.driveripper.reeselink.com:nextcloud-aio-data -l
-# Automatically login on startup
-iscsiadm -m node -T iqn.2023-01.driveripper.reeselink.com:nextcloud-aio-data -o update -n node.startup -v automatic
-```
+<https://github.com/nextcloud/all-in-one>

 ## Setup

-### IPV6 (Optional)
+## Install Docker

-Add to /etc/docker/daemon.json
+<https://docs.docker.com/engine/install/fedora/#set-up-the-repository>

-```json
+### IPV6
+
+```bash
+cat <<EOF > /etc/docker/daemon.json
 {
  "ipv6": true,
  "fixed-cidr-v6": "fd12:3456:789a:1::/64",
  "experimental": true,
  "ip6tables": true
 }
+EOF
+systemctl restart docker
+systemctl enable --now docker
 ```

 ```bash
@@ -76,6 +45,23 @@ docker network create --subnet="fd12:3456:789a:2::/64" --driver bridge --ipv6 ne
 ### Install

 ```bash
+# Default
+# Note: this puts all your nextcloud data in /nextcloud
+docker run \
+--init \
+--sig-proxy=false \
+--name nextcloud-aio-mastercontainer \
+--restart always \
+--publish 80:80 \
+--publish 8080:8080 \
+--publish 8443:8443 \
+--env NEXTCLOUD_DATADIR="/nextcloud" \
+--env NEXTCLOUD_MEMORY_LIMIT=8192M \
+--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
+--volume /var/run/docker.sock:/var/run/docker.sock:ro \
+nextcloud/all-in-one:latest
+
+# Reverse Proxy
 docker run \
 --init \
 --sig-proxy=false \
@@ -83,24 +69,64 @@ docker run \
 --restart always \
 --publish 8080:8080 \
 --env APACHE_PORT=11000 \
--env APACHE_IP_BINDING=0.0.0.0 \
+--env APACHE_IP_BINDING="::" \
 --env NEXTCLOUD_DATADIR="/mnt/ncdata" \
+--env NEXTCLOUD_MEMORY_LIMIT=8192M \
 --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
 --volume /var/run/docker.sock:/var/run/docker.sock:ro \
 nextcloud/all-in-one:latest
 ```

+## Backups
+
+IMPORTANT: you will need both KEY AND PASSPHRASE to access this repo!
+If you used a repokey mode, the key is stored in the repo, but you should back it up separately.
+Use "borg key export" to export the key, optionally in printable format.
+Write down the passphrase. Store both at safe place(s).
+
+```bash
+docker exec nextcloud-aio-borgbackup borg key export /mnt/borgbackup/borg/
+```
+
 ## Trusted Proxy

+If running with a reverse proxy.
+
 ```bash
 docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set trusted_proxies 2 --value="10.1.0.0/16"
+docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set trusted_proxies 3 --value="fd00:fd41:d0f1:1010::/64"
+```
+
+## Default phone region
+
+```bash
+docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set default_phone_region --value="US"
+```
+
+## Adding existing files
+
+```bash
+docker exec --user www-data -it nextcloud-aio-nextcloud php occ files:scan --path=ducoterra/files
+```
+
+## Theming
+
+Red: `#B30000`
+
+## Changing the domain
+
+```bash
+docker run -it --rm --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config:rw alpine sh -c "apk add --no-cache nano && nano /mnt/docker-aio-config/data/configuration.json"
 ```

 ## Uninstall

 ```bash
 docker stop $(docker ps -a -q)
-docker system prune
+docker container prune
+
+# DANGER ZONE
+# This deletes all your data
 docker volume prune -a -f
 ```