gstone/nextcloud-selfhosted
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48 Commits 1 Branch 0 Tags
main
Commit Graph

48 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Gräfenstein
b5c5c11114 ensure monitoring stack starts before all other services 2026-03-22 22:55:42 +01:00
Thomas Gräfenstein
926766346c add cAdvisor and document detailed alert queries in README 
Add cAdvisor container to the monitoring stack for container-level
metrics. Configure Alloy to scrape cAdvisor. Expand the README
Recommended Alerts section with exact PromQL/LogQL queries, thresholds,
and Grafana alert rule configuration for all five alerts.
 2026-03-22 22:51:22 +01:00
Thomas Gräfenstein
c736c23e9a enable NETWORKS in docker-socket-proxy for Alloy container discovery 2026-03-22 21:27:26 +01:00
Thomas Gräfenstein
a02f33e96e move text compression from Caddy to nginx for lower latency 
Nginx is closer to the origin, so compressing there avoids an
extra hop. Removes the Caddy encode block for Nextcloud and adds
gzip in nginx with level 4 targeting text, CSS, JS, JSON, XML, SVG.
 2026-03-22 21:08:40 +01:00
Thomas Gräfenstein
d62b627093 add .mjs MIME type to nginx to fix NS_ERROR_CORRUPTED_CONTENT 
nginx doesn't know .mjs by default and serves it as
application/octet-stream, which breaks ES module loading
and causes Caddy compression mismatches.
 2026-03-22 20:56:10 +01:00
Thomas Gräfenstein
fb1de4f079 limit Caddy compression to text content types to fix slow file downloads 
Caddy was compressing all responses including binary file downloads
(PDFs, images, videos), which severely throttled download speed to
~130KB/s despite 30MB/s VPS bandwidth. Now only compresses text-based
types (HTML, CSS, JS, JSON, XML, SVG) where compression actually helps.
 2026-03-22 20:26:03 +01:00
Thomas Gräfenstein
3bf80f6940 disable file compression temporary 2026-03-22 20:20:37 +01:00
Thomas Gräfenstein
1c2fb3c807 fix nginx redirect loop 2026-03-22 18:12:18 +01:00
Thomas Gräfenstein
b918e713e5 align nginx and Caddy config with official Nextcloud docs 
Move security headers to Caddy (edge proxy), remove nginx gzip
(Caddy already compresses), add asset_immutable map for versioned
cache control, add missing static file extensions, fix .well-known
block, and hide X-Powered-By header.
 2026-03-22 17:58:26 +01:00
Thomas Gräfenstein
ac3bff9351 fix nginx to fall through to PHP for dynamic assets like theming CSS 
Static file locations were returning hard 404s instead of falling
through to PHP, which broke dynamically generated assets like
theming CSS files.
 2026-03-22 17:49:45 +01:00
Thomas Gräfenstein
0088c11d5e enable Caddy response compression to fix slow page loads 
Caddy was decompressing nginx's gzip responses and sending them
uncompressed to the browser, causing core-common.js (5.7MB) to
take 25s to download. Adding encode zstd gzip compresses it to
1.3MB at the edge.
 2026-03-22 17:43:24 +01:00
Thomas Gräfenstein
4f3f4b0487 add swap check command before setup instructions 2026-03-22 17:33:11 +01:00
Thomas Gräfenstein
a51f86ea0a add swap setup instructions to README prerequisites 2026-03-22 17:32:48 +01:00
Thomas Gräfenstein
22198784d3 tune PHP and FPM for 1-core/3GB VPS performance 
Reduce FPM workers from 12 to 5 max to stop memory thrashing on
a single-core VPS with 3GB RAM. Add OPcache and APCu tuning to
reduce filesystem stat calls and improve cache hit rates.
 2026-03-22 17:31:14 +01:00
Thomas Gräfenstein
0a305a47b9 gitignore claude local settings 2026-03-22 17:21:13 +01:00
Thomas Gräfenstein
d88a8db9f1 fix nginx rewrite loop causing slow page loads and 500 errors 
Static file locations now return 404 instead of falling through to
index.php, and the default location uses a clean rewrite to prevent
/index.php/index.php redirect cycles.
 2026-03-22 17:19:34 +01:00
Thomas Gräfenstein
995dfcc099 add FPM worker tuning and architecture diagram 
Increase PHP-FPM max_children from 5 to 12 to handle concurrent
requests without queuing, sized for a ~3GB VPS. Add Mermaid
architecture diagram to README.
 2026-03-22 17:07:43 +01:00
Thomas Gräfenstein
4329cfd3f2 switch nextcloud to FPM + Nginx for better static file performance 
Replace the all-in-one Apache image with nextcloud:33-fpm and an Nginx
sidecar that serves static assets directly with gzip compression and
cache headers, avoiding the prefork concurrency bottleneck.
 2026-03-22 17:00:33 +01:00
Thomas Gräfenstein
c0c20a42ed add gzip/zstd compression and Redis caching for Nextcloud performance 2026-03-22 16:47:02 +01:00
Thomas Gräfenstein
a17c63a39b remove nextcloud review, all issues fixed 2026-03-22 16:44:15 +01:00
Thomas Gräfenstein
cdec4e3e22 fix trusted_proxies to use CIDR instead of hostname 2026-03-22 16:39:54 +01:00
Thomas Gräfenstein
0e0a6ff1eb add trusted proxy, post-install/upgrade hooks, occ docs and admin review 
- Add TRUSTED_PROXIES=caddy to fix reverse proxy header warning
- Add post-installation hook: maintenance window, phone region, DB indices, MIME migrations
- Add post-upgrade hook: DB indices and MIME migrations
- Add occ commands section to README
- Add nextcloud-review.md with admin warning fixes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-22 16:33:40 +01:00
Thomas Gräfenstein
7225f526da enhanced readme 2026-03-22 16:14:19 +01:00
Thomas Gräfenstein
8b5c9bdbfc bump nextcloud versions 2026-03-22 16:07:18 +01:00
Thomas Gräfenstein
770081397c enhanced readme 2026-03-22 16:00:55 +01:00
Thomas Gräfenstein
8f5b73dffc fix readme and script 2026-03-22 15:46:29 +01:00
Thomas Gräfenstein
5e57d5258a add migration plan 2026-03-22 13:09:13 +01:00
Thomas Gräfenstein
522207b9d9 add claude permissions 2026-03-22 13:09:02 +01:00
Thomas Gräfenstein
09aee112da add local setup doc 2026-03-22 13:02:11 +01:00
Thomas Gräfenstein
158a8e6eb4 update readme 2026-03-22 12:38:24 +01:00
Thomas Gräfenstein
f3eea007f7 improve .env handling 2026-03-22 12:38:17 +01:00
Thomas Gräfenstein
1fed3dde51 simplified docker compose setup 2026-03-22 12:32:37 +01:00
Thomas Gräfenstein
89b806fd5b fix more issues 2026-03-22 12:29:58 +01:00
Thomas Gräfenstein
caa1c7f471 pin versions 2026-03-22 12:23:52 +01:00
Thomas Gräfenstein
0f12c5f5a8 added basic caddy rate limits 2026-03-22 12:22:00 +01:00
Thomas Gräfenstein
ce9dba4923 limit docker socket api access to alloy 2026-03-22 12:19:10 +01:00
Thomas Gräfenstein
9771fc620e fix source command 2026-03-22 12:15:11 +01:00
Thomas Gräfenstein
cdc2ce5d05 fix username 2026-03-22 12:14:33 +01:00
Thomas Gräfenstein
0b334a5daf fix critical issues 2026-03-22 12:12:21 +01:00
Thomas Gräfenstein
a66b9cea5f claude init 2026-03-22 12:11:11 +01:00
Thomas Gräfenstein
56e3131b67 move scripts to own dir 2026-03-22 12:06:22 +01:00
Thomas Gräfenstein
58625602c9 scripts 2026-03-22 12:05:01 +01:00
Thomas Gräfenstein
befb32129f nextcloud setup 2026-03-22 12:04:48 +01:00
Thomas Gräfenstein
c563e9de5f monitoring setup 2026-03-22 12:04:37 +01:00
Thomas Gräfenstein
cf57bc163f gitea setup 2026-03-22 12:04:19 +01:00
Thomas Gräfenstein
e12cdb6e68 caddy setup 2026-03-22 12:04:10 +01:00
Thomas Gräfenstein
8e10bf4524 add gitignore 2026-03-22 12:03:54 +01:00
Thomas Gräfenstein
ece5fd817a init 2026-03-22 12:03:20 +01:00