Proxmox, Nextcloud and Collabora online


This website shows how to install Proxmox, setup a container with Nextcloud and enable Collabora (Libre Office OnLine)
proxmox-summary

Setup

  • electron: 192.168.1.41 the hardware hypervisor to run proxmox

  • cloud: 192.168.1.50 the LXC container to run NextCloud
  • lool: 192.168.1.51 the LXC container to run LibreOffice OnLine

Setup ProxMox

download Proxmox VE installation CD http://www.proxmox.com/en/downloads

burn to CD
start computer and boot from CD
select "install proxmox"
graphical:
accept the EULA (I agree)
installer wipes harddisk!
install options: zfs (if you have enough RAM)
Select country, timezone, keyboardlayout
Select root password and e-mailaddress
Select managementinterface (enp1s0), hostname (electron.hondeman.net) ip-settings (192.168.1.41, 255.255.255.0, 192.168.1.12)
...
Reboot
(unmounting /mnt fails)
SSH to host (electron)

ssh root@electron
add 4 lines to .bashrc:
declare -x LANGUAGE=C.UTF-8
declare -x LC_ALL=C.UTF-8
declare -x LC_TIME="nl_NL.UTF-8",
declare -x LANG=C.UTF-8
start upgrade and configuration:
root@electron:~# . .bashrc
root@electron:~# apt-get update
root@electron:~# apt-get upgrade
root@electron:~# apt-get install ntp
(set /etc/ntp.conf:)
server ntp.hondeman.net iburst prefer
server 1.nl.pool.ntp.org

add to /etc/apt/sources.list:
# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian/pve stretch pve-no-subscription

Setup NextCloud


root@electron:~# apt-get clean
root@electron:~# pveam update
root@electron:~# pveam available | grep nextcloud
turnkeylinux    debian-8-turnkey-nextcloud_14.2-1_amd64.tar.gz
root@electron:~# pveam download local debian-8-turnkey-nextcloud_14.2-1_amd64.tar.gz

other computer:
webbrowser to https://electron.hondeman.net:8006
(your connection is not private selfsigned certificate)
Username: root
Password: xxxx
Realm: Linux PAM standard authentication
Language: english
(you do not have a valid subscribtion)
Select Datacenter > electron and press (upperright) button Create CT
Node: electron
CT ID: 100
Hostname: cloud
Unprivileged container: (empty)
Resouce Pool:
Password: xxxx
Confirm password: xxxx
SSH public key: (empty)
-> next
Storage: local
Template: debian-8-turnkey-nextcloud
-> next
Storage: local-lvm
Disksize: 6 GB
-> next
cores: 4
-> next
Memory: 2048
Swap: 512
-> next
Name: eth0
MAC address: auto
Bridge: vmbr0
Vlan: no vlan
Rate limit: unlimited
Firewall: (clear)
IP4: static
IP4/CIDR: 192.168.1.50/24
Gateway: 192.168.1.1
-> next
DNS domain: use host settings createcontainer

select Datacenter > electron > 100 cloud
set options:
Start at boot: Yes
Order: 10

Start the CT
open the console and login as root:
new MySQL admin password (... Mysql)
new Nextcloud admin password (... Cloud)
the cloud address: cloud.hondeman.net
Turnkey backup: skip
admin mail account: ...@...
Install updates
...
Reboot the cloud
...

ssh to root@cloud.hondeman.net
root@cloud# chown -Rh www-data:www-data nextcloud
timezone seems confused:
root@cloud ~# dpkg-reconfigure tzdata

# extra ports (and forward throug router) # make nextcloud also listen to port 444: vi /etc/apache2/ports.conf Listen 444 vi /etc/apache2/sites-available/nextcloud.conf SSLEngine on ServerAdmin webmaster@cloud.hondeman.net DocumentRoot /usr/share/nextcloud/

browser to https://cloud.hondeman.net/
login as admin
select (topright) admin v Admin
start updater (11.0.3 stable -> 12.0.3)
start update
select (topright) config > +apps
select (left) Office
enable calendar
enable collabora online
enable contacts
enable mail
select Tools
enable Draw.IO
enable passman
enable weather
enable External Storage Support
select (topright) config -> admin
setup tips:
1: enable hsts
2: configure memcache
3: PHP OPcache

1: complicated in combination with other websites
2: apt-get install php5-apcu
apachectl -k restart
'memcache.local' => '\OC\Memcache\APCu', in /usr/share/nextcloud/config/config.php
3: add comments to /etc/php5/apache2/php.ini
select (left) theming
select (topright) config -> users
add users
configure "external storage CIFS"

Setup Collabora

become root at electron and download centos7:

root@electron:~# pveam  available | grep -i centos
system          centos-7-default_20170504_amd64.tar.xz
root@electron:~# pveam download local centos-7-default_20170504_amd64.tar.xz

in Proxmox create new CT:
Node: electron
ID: 101
Hostname: lool (LibreOfficeOnLine)
Password: xxxx
-> next
Storage: local
Template: centos-7-default_20170504_amd64.tar.xz
-> next
Storage: local-lvm
DiskSize: 4GB
ACLs: default
-> next
Cores: 2
-> next
Memory: 1024MB
Swap: 512MB
-> next
Name: eth0
Bridge: vmbr0
IP4/Cidr: 192.168.1.51/24
Gateway: 192.168.1.1
-> next
DNS: use host settings
-> next
-> finish
...
(configure autostart (before nextcloud: order 9)
login as root on lool:
root@lool# yum install openssh-server openssl wget yum-utils
systemctl enable sshd
systemctl start sshd

# import the signing key root@lool ~# wget https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7/repodata/repomd.xml.key && rpm --import repomd.xml.key # add the repository URL to yum root@lool ~# yum-config-manager --add-repo https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-centos7 # perform the installation yum install loolwsd
# certificates: root@lool ~# grep pem /etc/loolwsd/loolwsd.xml /etc/loolwsd/cert.pem # cd to that folder and create certificates: root@lool # cd /etc/loolwsd/ root@lool loolwsd# openssl genrsa -out server.key 2048 root@lool loolwsd# openssl rsa -in server.key -out server.key root@lool loolwsd# openssl req -sha256 -new -key server.key -out server.csr -subj '/CN=lool.hondeman.net' root@lool loolwsd# openssl x509 -req -sha256 -days 3650 -in server.csr -signkey server.key -out server.crt root@lool loolwsd# ln -s cert.pem ca-chain.cert.pem root@lool loolwsd# ln -s cert.pem key.pem root@lool loolwsd# cat server.crt server.key > cert.pem # and make nextcloud trust it: root@lool loolwsd# scp cert.pem cloud:/tmp root@cloud ~# cat /tmp/cert.pem >> /usr/share/nextcloud/resources/config/ca-bundle.crt # allow cloud to lool: edit /etc/loolwsd/loolwsd.xml: localhost cloud.hondeman.net
root@lool# systemctl enable loolwsd root@lool# systemctl start loolwsd
https://lool.hondeman.net:9980/ (ok)
config > admin
Select (left) Collabora Online
Collabora Online Server: https://lool.hondeman.net:9980/