Configuration
(1) Add the following in/etc/httpd/httpd.conf
Alias/nextcloud "/srv/httpd/htdocs/nextcloud/"
Options +FollowSymlinks
AllowOverride All
Dav off
SetEnv HOME "/srv/httpd/htdocs/nextcloud"
SetEnv HTTP_HOME "/srv/httpd/htdocs/nextcloud"
(2) In /etc/httpd/httpd.conf, enable mod_rewrite and PHP by uncommenting
"LoadModule rewrite_module ..." and "Include/etc/httpd/mod_php.conf",
then restart httpd.
I just installed Nextcloud on Arch and the official packages caused the most headaches I ever had within my 3 years of arch. In contrast I installed the official Jellyfin and Prometheus Server packages and they ran OOTB.
I ended up with not using the official packages but extracting the tar.bz2 into /var/www/nextcloud and slightly modifying the nginx config from their site. I had to move the inclusion of the MIME-Types file to a different block for nextcloud to deliver its CSS, SVGs and images. It wasn’t exactly straight-forward too considering permissions. I found it a beast compared to many other server software.
I mean… I would consider anywhere that you might download software from sensitive. This isn’t really a smart move. And sure, the mirror’s page they link to uses https, but if the regular site doesn’t a man-in-the-middle could change the url and serve an official looking malicious version… I wouldn’t consider putting your users at an elevated risk when it’s relatively easy to set up TLS “a smart move”.
My “I don’t have time for this” moment came when I tried to set up Nextcloud on Arch:
https://wiki.archlinux.org/title/Nextcloud
Meanwhile on Slackware:
Configuration (1) Add the following in /etc/httpd/httpd.conf Alias /nextcloud "/srv/httpd/htdocs/nextcloud/" Options +FollowSymlinks AllowOverride All Dav off SetEnv HOME "/srv/httpd/htdocs/nextcloud" SetEnv HTTP_HOME "/srv/httpd/htdocs/nextcloud" (2) In /etc/httpd/httpd.conf, enable mod_rewrite and PHP by uncommenting "LoadModule rewrite_module ..." and "Include /etc/httpd/mod_php.conf", then restart httpd.I just installed Nextcloud on Arch and the official packages caused the most headaches I ever had within my 3 years of arch. In contrast I installed the official Jellyfin and Prometheus Server packages and they ran OOTB.
I ended up with not using the official packages but extracting the tar.bz2 into /var/www/nextcloud and slightly modifying the nginx config from their site. I had to move the inclusion of the MIME-Types file to a different block for nextcloud to deliver its CSS, SVGs and images. It wasn’t exactly straight-forward too considering permissions. I found it a beast compared to many other server software.
ngl, I love how “I don’t give a fuck” the slackware authors are, they didn’t even bother with https on their official website.
I love how their official “support” page links to a website that includes this:
https://www.steubentech.com/~talon/desktop/
lmao this is exactly the image that would pop into my head if I imagine a Slackware user in 2023.
You don’t need SSL if you’re not exchanging sensitive information.
If they aren’t exchanging sensitive information, then it’s less not giving a fuck and more not using technologies ‘just because’ everyone else is.
It’s a smart move.
I mean… I would consider anywhere that you might download software from sensitive. This isn’t really a smart move. And sure, the mirror’s page they link to uses https, but if the regular site doesn’t a man-in-the-middle could change the url and serve an official looking malicious version… I wouldn’t consider putting your users at an elevated risk when it’s relatively easy to set up TLS “a smart move”.
What do you think is stopping someone from doing this?