Installing Nextcloud

This is a reference for installing Nextcloud with from scratch with PHP, MariaDB, and Apache on an Ubuntu server, without using any containers. Please note that this guide is outdated, and it is still published for archival purposes.

Please refer to my Self-hosting logs for more context, and links to the updated practices I am following now.

Resources

official installation documentation
complete installation tutorial for Ubuntu 20.04, in dutch
in-depth guide for Nextcloud 15
check vulnerabilities with Nextcloud Scan

Permissions

Firstly, it’s necessary to create the folder where Nextcloud interface, thus public application files, will be stored.

In this case, I configured a directory which is named exactly as the domain where the content it’s hosting will be found, for simplicity.

sudo mkdir /var/www/cloud.tommi.space

then, permissions can be changed, such that Nextcloud itself can handle this data, once installed. As you can see, these permissions must be set -R recursively.

sudo chown -R $USER:$USER /var/www/cloud.tommi.space
sudo chmod -R 755 /var/www/cloud.tommi.space

make the (private) directory where all of Nextcloud data will be stored, and change its permissions, too

mkdir /home/tommi/nextcloud-data
sudo chown -R www-data:www-data /home/tommi/nextcloud-data/

Apache

This is the essential content of an Apache configuration fil for nextcloud. It should be placed in /etc/apache2/sites-available/

create the configuration file by running

sudo vim /etc/apache2/sites-available/cloud.tommi.space.conf

then, add this content:

<VirtualHost *:80>
	ServerAdmin tommiboom@protonmail.com
	ServerName cloud.tommi.space
	ServerAlias www.cloud.tommi.space
	DocumentRoot /var/www/cloud.tommi.space/public_html

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Install MariaDB

sudo apt install mariadb-server

Basic database configuration

sudo mysql_secure_installation

log into MariaDB

sudo mariadb

Create a new database for Nextcloud (in MariaDB):

mysql> CREATE DATABASE nextcloud;

Create a new Nextcloud user

mysql> GRANT ALL ON nextcloud.* TO 'user_name'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;

Install PHP

Install PHP modules

sudo apt install php libapache2-mod-php php-mysql

install Nextcloud dependencies

sudo apt install php-curl php-dom php-gd php-json php-xml php-mbstring php-zip

adjust PHP.ini

sudo vim /etc/php/7.4/apache2/php.ini

edits:

memory_limit = 1024M # based on how much RAM the server has
upload_max_filesize = 16G # max size of uploaded files
post_max_size = 16G # something similar to the above
date.timezone = Europe/Rome # or your timezone

Install Nextcloud

download Nextcloud and place it in the virtual host directory

sudo cd /var/www/cloud.tommi.space/public_html && sudo wget https://download.nextcloud.com/server/releases/nextcloud-18.0.4.zip

extract the downloaded package

unzip nextcloud-18.0.4.zip

Install Let’s Encrypt

Certbot will be use to establish a secure connection to the instance. To make things simple, it’s the one which makes an unencrypted http:// connection magically become an encrypted https:// connection

sudo apt install certbot python3-certbot-apache

Enable port 443 instead of port 80

sudo ufw allow 'Apache Full'
sudo ufw delete allow 'Apache'

Generate TLS certificate

sudo certbot --apache -d cloud.tommi.space -d www.cloud.tommi.space

Enable HTTP/2, and rewrite module

sudo apt install php7.4-fpm
sudo a2enmod proxy_fcgi
sudo a2enconf php7.4-fpm
sudo a2dismod php7.4
sudo a2dismod mpm_prefork
sudo a2enmod mpm_event
sudo service apache2 restart
sudo a2enmod http2
sudo service apache2 restart

Enable HSTS

In cloud.tommi.space-le-ssl.conf add

<IfModule mod_headers.c>
      Header always set Strict-Transport-Security 'max-age=15552000; includeSubDomains'
</IfModule>

to enable what has just been inserted, headers must be enabled

sudo a2enmod headers

then, enable .htaccess

sudo vim /etc/apache2/sites-available/cloud.tommi.space/cloud.tommi.space-le-ssl.conf

paste in <VirtualHost *:443>

<Directory '/var/www/cloud.tommi.space/public_html'>
	Options Indexes FollowSymLinks
	AllowOverride All
	Require all granted
</Directory>

restart Apache

systemctl restart apache2

Domain linking

point the chosen domain and subdomain to the server IP address
wait for the domain to propagate (it could take up to 48 hours)
go to cloud.example.com

Do not insert any data in the dialogue page above until connection is encrypted with https://. To obtain a SSL Certificate, thus an encrypted connection, follow the next step.

Final adjustments

Final adjustments are to be performed from the Nextcloud GUI. There are a lot of very useful Nextcloud apps which are trivial to install.

fixes

fix this encryption error

Cheat Sheet

Using OCC

sudo -u nextcloud php8.0 --define apc.enable_cli=1 /var/www/nextcloud/occ

Manually install applications

move to the Nextcloud apps folder

cd /var/www/nextcloud/apps

download the application package from Nextcloud apps website

wget https://github.com/nextcloud/documentserver_community/releases/download/v0.1.5/documentserver_community.tar.gz # url to the package

extract it (by substituting package_name with the name of the app package)

tar -xvzf package_name.tar.gz

remove compressed package

rm -rf package_name.tar.gz

change permissions for the app’s directory

chown -R www-data:www-data /var/www/nextcloud/apps/app_name
chmod -R 755 /var/www/nextcloud/apps/app-name

Maintenance mode

Toggle maintenance mode

sudo -u nextcloud php8.0 --define apc.enable_cli=1 /var/www/nextcloud/occ --on # or --off