fix some mistakes in luks2

ssh: add instructions on clipboard sharing
nextcloud: cleanup
2025-07-04 13:22:41 +02:00 · 2024-09-09 11:44:05 +02:00 · 2024-01-25 16:13:23 +01:00 · 2024-01-03 13:00:35 +01:00 · 2024-01-03 12:52:20 +01:00
3 changed files with 120 additions and 3 deletions
--- a/docs/luks2.md
+++ b/docs/luks2.md
@ -34,14 +34,17 @@ mkfs.ext4 /dev/vg/home
 mkswap /dev/vg/swap
 ```
 and finally mount them. EFI should be mounted to `/mnt/efi`
-
+If you have not yet created a filesystem on your efi partition, do so now:
 ```sh
 mkfs.fat -F32 /dev/sda1
 ```
 ```sh
 mount /dev/vg/root /mnt
 mount --mkdir /dev/vg/home /mnt/home
 swapon /dev/vg/swap
-mount --mkdir /dev/sda2 /mnt/efi
+mount --mkdir /dev/sda1 /mnt/efi
 ```
 ## Continue with your normal Arch install:
@ -98,7 +101,7 @@ and adjust two things in the file:
 ```/etc/default/grub
 GRUB_ENABLE_CRYPTODISK=y
 ```
-and add to `GRUB_CMDLINE_LINUX`: (can have multiple, space-separated arguments so don't delete anything if it's there, just add.)
+and add to `GRUB_CMDLINE_LINUX_DEFAULT`: (can have multiple, space-separated arguments so don't delete anything if it's there, just add.)
 ```/etc/default/grub
 GRUB_CMDLINE_LINUX="cryptdevice=UUID=device-UUID:cryptlvm"
 ```
--- a/docs/nextcloud.md
+++ b/docs/nextcloud.md
@ -213,12 +213,19 @@ systemctl enable --now nextcloud-cron.timer
 ### Performance Improvements by in-memory caching
 Nextcloud's documentation recommends to apply some kind of in-memory object cache to significantly improve performance.
 You are able to use both APCu and Redis simultaneously for caching. The combination should be faster than either one alone.
 #### APCu
 Install `php-legacy-apcu`:
 ```sh
 pacman -S php-legacy-apcu --asdeps
 ```
 Uncomment the follwing in `/etc/php-legacy/conf.d/apcu.ini`:
 ```ini
 extension=apcu.so
 ```
 In `/etc/webapps/nextcloud/php.ini` enable the following extensions by uncommenting this:
 ```ini
 extension=apcu
@ -245,6 +252,100 @@ A second application server retart is required and everything should be working.
 ```sh
 systemctl restart php-fpm-legacy
 ```
 #### Redis
 Install redis and the php-legacy extensions:
 ```sh
 pacman -S redis
 pacman -S php-legacy-redis php-legacy-igbinary --asdeps
 ```
 Adjust the following in `/etc/redis.conf`:
 ```ini
 protected-mode yes # only listen on localhost
 port 0 # only listen on unix socket
 unixsocket /run/redis/redis.sock
 unixsocketperm 770
 ```
 The rest should be able to stay as is.
 Start and enable the redis service:
 ```sh
 systemctl enbale --now redis
 ```
 and check that it is running:
 ```sh
 systemctl status redis
 ```
 Also check that the socket is created:
 ```sh
 ls -l /run/redis/redis.sock
 ```
 You can also run a sanity check by connecting to the socket:
 ```sh
 redis-cli -s /run/redis/redis.sock ping
 ```
 (You should get a `PONG` response)
 If everything works fine on the redis side, we can now configure php to use it.
 In `/etc/php-legacy/conf.d/redis.ini` uncomment the following:
 ```ini
 extension=redis
 ```
 and analogously in `/etc/php-legacy/php-fpm.d/igbinary.ini`:
 ```ini
 [igbinary]
 extension=igbinary.so
 igbinary.compact_strings=On
 ```
 Now we can configure Nextcloud to use redis as a cache.
 First, add the nextcloud user to the redis group:
 ```sh
 usermod -a -G redis nextcloud
 ```
 You can verify that nextcloud now has access to the redis socket by running:
 ```sh
 sudo -u nextcloud redis-cli -s /run/redis/redis.sock ping
 ```
 In `/etc/webapps/nextcloud/php.ini` uncomment the following:
 ```ini
 ; REDIS
 extension=igbinary
 extension=redis
 ```
 and add the redis unix socket directory to the `open_basedir` directive:
 ```ini
 open_basedir = <your_current_value>:/run/redis
 ```
 In /etc/webapps/nextcloud/config/config.php add the following to the `CONFIG` array:
 ```php
 'memcache.distributed' => '\\OC\\Memcache\\Redis',
 'filelocking.enabled' => 'true',
 'memcache.locking' => '\\OC\\Memcache\\Redis',
 'redis' =>
 array (
    'host' => '/run/redis/redis.sock',
    'port' => 0,
 ),
 ```
 And finally in `/etc/php-legacy/fpm.d/nextcloud.conf` uncomment:
 ```ini
 php_value[extension] = igbinary
 php_value[extension] = redis
 ```
 Also, add to the `open_basedir` directive the redis unix socket directory:
 ```ini
 php_value[open_basedir] = <your_current_value>:/run/redis
 ```
 Restart your application server:
 ```sh
 systemctl restart php-fpm-legacy
 ```
 Check that everything works by visiting cloud.example.com and checking the admin overview page.
 If you have an internal server error and are not even able to access cloud.example.com, check the nginx error log for details.
 ### Do not bruteforce throttle local connections
 You might see in your admin overview (https://cloud.example.com/settings/admin/overview) an error message like this:
--- a/docs/ssh.md
+++ b/docs/ssh.md
@ -77,3 +77,16 @@ Host EXEMPwork
 ```
 to your `~/.ssh/config`.
 To connect to the working server, just type `ssh EXEMPwork`.
 ## Share your clipboard with the server
 To be able to copy/paste between server and client we need to install `xclip` and `xorg-clipboard` on the server. (Arch: `pacman -S xclip xorg-clipboard`)
 Ensure that the server has enabled X11 forwarding by adding `X11Forwarding yes` to `/etc/ssh/sshd_config` and restarting the sshd service.
 You should now be able to share the clipboard via `ssh -XY user@domain` or by making it permanent adding
 the following to the corresponding Host block in your `~/.ssh/config`:
 ```
 ForwardX11 yes
 ForwardX11Trusted yes
 ```
Author	SHA1	Message	Date
Alexander Bocken	2abb5ec721	fix some mistakes in luks2	2024-09-09 11:44:05 +02:00
Alexander Bocken	dcf7021bd4	ssh: add instructions on clipboard sharing	2024-01-25 16:13:23 +01:00
Alexander Bocken	5e111ba430	nextcloud: cleanup	2024-01-03 13:00:35 +01:00
Alexander Bocken	d95fd3186e	fix APCu instructions, add redis	2024-01-03 12:52:20 +01:00