Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- content:serverbasics:docker-nextcloud_aio [2025/02/08 14:32] – Daniel
+++ content:serverbasics:docker-nextcloud_aio [2025/04/14 11:54] (aktuell) – [Dockers Yaml] Daniel
@@ Zeile 106: / Zeile 106: @@
 In your Docker- Compose- Drirectory, create a new Directory called ''nextcloud_aoi'' and put the ''docker-compose.yml'' in it. You can finde some good documented example here: [[https://github.com/nextcloud/all-in-one/blob/main/compose.yaml|https://github.com/nextcloud/all-in-one/blob/main/compose.yaml]]
+Adjustements:
+  * For long Fileuploads, set NEXTCLOUD_MAX_TIME=3600 = one Hour to a higher value, like 14400 = four hours
+  * Also maybe NEXTCLOUD_UPLOAD_LIMIT=12G and
+  * maybe NEXTCLOUD_MEMORY_LIMIT=2048M
 ===== AIO Webinterface =====
@@ Zeile 128: / Zeile 135: @@
 ===== Caddy Service =====
-Now you need to add the Nextcloud- Service to you Caddyfile ( https://obel1x.de/dokuwiki/doku.php?id=content:serverbasics:docker-caddy#caddy_configuration )
+Now you need to add the Nextcloud- Service to you Caddyfile ( [[https://obel1x.de/dokuwiki/doku.php?id=content:serverbasics:docker-caddy#caddy_configuration|https://obel1x.de/dokuwiki/doku.php?id=content:serverbasics:docker-caddy#caddy_configuration]] )
 Add those lines First:
@@ Zeile 135: / Zeile 142: @@
 https://nextcloud.domain.tld:443 {
        header Strict-Transport-Security max-age=31536000;
+#Large fileuploads
+       request_body {
+           max_size 10240M
+       }
 #       reverse_proxy nextcloud-aio-apache:11000
 #For install Domaincheck needed:
@@ Zeile 156: / Zeile 167: @@
 Enjoy your fully flagged Nextcloud.
-The next step wpuld now be to integrate Nextcloud with your IPA- Domain. Checkout IPA- Docs here and come back, when its working.
+The next step would now be to integrate Nextcloud with your IPA- Domain.
+===== Enable SSO to Logon with FreeIPA/Authentik =====
+Before proceeding, you should have integrated you Client to the domain as written in [[.:docker-freeipa|]] , you should be logged into your PC as freeipa- user.
+Than, check, that Authentik- Kerberos is working as described at [[.:docker-authentik|]] and that you can authenticate in Authentik only by using the Kerberos- Symbol at Authentik- Logon- Page.
+If this is working, check this docs to integrate Nextcloud with Authentik/SSO: [[https://docs.goauthentik.io/integrations/services/nextcloud/|https://docs.goauthentik.io/integrations/services/nextcloud/]]
+**Attention**: to have the UserID of FreeIPA be used by Nextcloud, i had to:
+   * In Authentik / Provider Nextcloud: under Advance Protocol Settings: Subject mode = Based on user's username
+  * And in ODIC- Settings of Nextcloud, use "sub" as userid-mapping.
+  * Turn off "Use unique Userids" and Turn on Group Provisioniong so that your Admins will become NC- Admins
+All other Settungs either made Admins not beeing Admins in NC or had hashed- userids in Nexctcloud, which make it complicated to get acces to NC with your PCs UserID.
+==== Disable User Logon-Screen ====
+After you can logon with authentik, disable the user-input screen by opening container shell of ''nextcloud-aio-nextcloud''  container and enter:
+<code>
+containerid:/var/www/html# sudo -u www-data php /var/www/html/occ config:app:set --value=0 user_oidc allow_multiple_user_backends
+</code>
+Remember, that you now need to go to
+''[[http://nextcloud.domain.tld/login?direct=1|http://nextcloud.domain.tld/login?direct=1]]''
+to logon to nextcloud with the local admin.