Here is what I did to get rid of different errors in Nextcloud in nextcloud/settings/admin/overview
running in UCS:
A.)
The “Strict-Transport-Security” HTTP header is not configured to at least “15552000” seconds. For enhanced security we recommend enabling HSTS as described in our security tips
As explained here to keep changes consistent through upgrades variables have to be set in UCS / System / Univention Configuration Registry
:
apache2/hsts
: Default value <empty>
, set to yes
Commentary in UCS: Enable HTTP Strict Transport Security (HSTS) by setting this variable to ‘yes’. ‘apache2/force_https’ should be enabled additionally to take full advantage of HSTS.
apache2/hsts/max-age
: Default value <empty>
, set to 15552000
as indicated by Nextcloud.
Commentary in UCS: Time in seconds of how long web browsers will cache and enforce the HSTS policy on the host. Defaults to ‘10886400’ - which are 18 weeks.
apache2/hsts/includeSubDomains
: Default value <empty>
, set to yes
Commentary in UCS: Applies HSTS policy also to subdomains if set to ‘yes’.
Addionally I activated:
apache2/force_https
: Default value <empty>
, set to yes
as indicated in apache2/hsts
.
In UCS / System / System services
: Restart apache2
! Be aware about connected users !
B.)
As indicated in Nextcloud I executed occ db:convert-filecache-bigint
by using for example Putty as administrator. In console:
$ sudo su
to switch to root user
$ univention-app shell nextcloud sudo -u www-data /var/www/html/occ db:convert-filecache-bigint
to execute the command in nextcloud app.
I couldn’t solve the following errors:
- Your web server is not properly set up to resolve “/.well-known/caldav”. Further information can be found in the documentation.
- Your web server is not properly set up to resolve “/.well-known/carddav”. Further information can be found in the documentation.
Are there any UCS variables to set? This post was not concluding for me.
As I’m a beginner in Linux terminal all hints, critics are welcome.
Stay healthy
mangrovenjazz