Hey guys, I recently setup my own Nextcloud after I saw the great De-Google video from @wendell (Huge thanks!) on YT. So far everything works really good and I copied over everything from Dropbox etc. but I noticed some errors in the logs that Nextcloud provides which are:
file_get_contents(/proc/meminfo): failed to open stream: Operation not permitted at
file_get_contents(): open_basedir restriction in effect. File(/proc/meminfo) is not within the allowed path(s):
Should I add /proc/meminfo to my open_basedir as well because it didn't appear as a warning on the server settings page like /dev/urandom.
I also get the warning that I should activate HSTS on my server and I read about this in the docs from Nextcloud but I am still not sure where I can activate this. Is there a more detailed description for it?
Then I also added another friends cloud to my federation servers and he did the same with mine but so far the yellow light only indicates that they connected but shouldn't it be green instead? How can I make the server trying to exchange user lists with the other cloud server?
HSTS is HTTP Strict Transport Security, it essentially forces the site to only use HTTPS. You have to enable it in your web servers configuration files with your supplied SSL certificates, I use letsencrypt for my certificates and this page to set my SSL configuration: https://mozilla.github.io/server-side-tls/ssl-config-generator/. It lets you set the level of security you want (more security means older browsers/devices can't access your site) and I test it with SSL Labs.
I am using Letsencrypt too but probably in a more easier way since I am running a server with Plesk on it. Where do I have to put the outcome of this SSL generator? I am still learning, thank you for your patience and help.
SSL Labs gave my site an "A-". That sounds pretty good to me, they only had this complaint "he server does not support Forward Secrecy with the reference browsers."
Plesk is the web ui for the server but I can also use ssh. Due to limited knowlegde I only use it to update the server, create users or move, copy files and other simple stuff.
The only part where I could find something about HSTS on SSL Labs was this "HSTS Preloading Not in: Chrome Edge Firefox IE "
I have separate files for each site but my assumption is that the nextcloud site will be inside the 000-default.conf file, you can also add multiple sites to a single file if you want and its fine so whatever works for you.