Next Cloud Installation 24.04LTS: Difference between revisions

Latest revision as of 17:46, 19 March 2024

https://docs.nextcloud.com/server/12/admin_manual/installation/index.html

Prerequisites

Set up DNS (CNAME) to point to your nextcloud server.

scottcloud.scottworld.net CNAME ---> Solaris

Also make sure it is set internally (if we are using split DNS)

Set up some directories

Create a directory to hold the nextcloud files .. make this outside the standard WWW readable dirrectory

mkdir /opt/nextcloud/

Create a directory (outside of your WWW to hold the personal cloud files for our users)

mkdir /srv/data/scottcloud

Set the permissions / ownership on this

chown www-data:www-data /srv/data/scottcloud -R

Download Nextcloud

We can down grab a copy of the latest NetCloud install.

Check the latest version.

https://nextcloud.com/install/#instructions-server

cd /opt/
wget https://download.nextcloud.com/server/releases/latest.tar.bz2  (for example)
tar -xvf <tarfile>

Change the perms to let apache can r/w

chown www-data:www-data /opt/nextcloud -R
chmod 770 /opt/nextcloud -R

Create the database

We should create the NextCloud database first. I tend to use phpMyAdmin (you can use the terminal if you are savvy)

Make sure the charset is    utf8mb4_unicode_ci  (this ensure you have the full character set)

Create a user "nextcloud" with an empty database of the same name with full privileges.

php Tweaks

We need some extra php modules.

apt install php-gd php-json php-mysql php-curl php-mbstring php-intl php-gmp php-imagick php-zip php-xml php-smbclient smbclient php-bcmath imagemagick php-bz2

Apache Web Server Configuration

On Debian, Ubuntu, and their derivatives, Apache installs with a useful configuration so all you have to do is create a /etc/apache2/sites-available/scottcloud.conf file with these lines in it, replacing the Directory and other filepaths with your own filepaths:

<VirtualHost *:80>
    ServerName scottcloud.scottworld.net
    Redirect permanent / https://scottcloud.scottworld.net/
</VirtualHost>

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerName scottcloud.scottworld.net 
        DocumentRoot /opt/nextcloud
        CustomLog ${APACHE_LOG_DIR}/scottcloud.log combined
        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLCertificateFile /etc/letsencrypt/live/scottcloud.scottworld.net/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/scottcloud.scottworld.net/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/scottcloud.scottworld.net/chain.pem
        SSLCACertificateFile /etc/ssl/certs/ca-certificates.crt

        <Directory /opt/nextcloud>
            Require all granted
            AllowOverride All
            Options FollowSymLinks MultiViews
            <IfModule mod_dav.c>
                Dav Off
            </IfModule>
        </Directory>

        <IfModule mod_headers.c>
            Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"
            Header always set X-Frame-Options SAMEORIGIN
        </IfModule>
    </VirtualHost>
</IfModule>

Additional Apache Configurations

For Nextcloud to work correctly, we need the module mod_rewrite. Enable it by running:

   a2enmod rewrite
   a2enmod headers
   a2enmod env
   a2enmod dir
   a2enmod mime

When using SSL, take special note of the ServerName. You should specify one in the server configuration, as well as in the CommonName field of the certificate. If you want your Nextcloud to be reachable via the internet, then set both of these to the domain you want to reach your Nextcloud server.

Now enable the site and restart Apache:

 a2ensite scottcloud.conf
 systemctl restart apache2.service

Web Installation

Point a browser at...

scottcloud.scottworld.net/

Fill in the fields for your admin user / database / default data directory

Tweak some settings to remove errors

Add a php override file in

nano /etc/php/8.x/apache2/conf.d/nextcloud.ini

In there place these params

memory_limit = 512M
upload_max_filesize = 5G
post_max_size = 5G
max_execution_time = 3600
redis.session.locking_enabled = 1
redis.session.lock_retries = -1
redis.session.lock_wait_time = 10000
opcache.save_comments = 1
opcache.revalidate_freq = 60
opcache.interned_strings_buffer = 16

Mirror apache php settings when running CLI (occ command)

ln -s /etc/php/8.x/apache2/conf.d/nextcloud.ini /etc/php/8.x/cli/conf.d/

Restart Apache2

systemctl restart apache2.service

House Keeping

Create a file in /etc/cron.d

nano /etc/cron.d/nextcloud

Add the line to do some housekeeping every 15 mins.

 
 */5  *  *  *  * www-data php -f /opt/nextcloud/cron.php

Certbot SSL

Enable SSL on your cloud install with LetsEncrypt.

Clone into a git repository

cd /opt/
git clone https://github.com/certbot/certbot

Now enter the git and run ...

cd /opt/
./letsencrypt-auto --non-interactive --agree-tos --email mark@scottworld.net --apache -d solaris.scottworld.net --hsts

You should now have a A* rating.. check here

https://www.ssllabs.com/ssltest/analyze.html?d=solaris.scottworld.net

Set up a renewal check...

nano /etc/cron.d/letsencrypt

* 1 * * 1 root /etc/certbot/certbot-auto renew --quiet

Make things look a bit nicer

Make browsers redirect to HTTPS

nano /opt/nextcloud/config/config.php

Add / check these lines... to make a clean URL and set default locale etc.

 'htaccess.RewriteBase' => '/',
 'default_locale' => 'en_GB',
 'default_phone_region' => 'GB',
 'trashbin_retention_obligation' => 'auto, 90',
 'versions_retention_obligation' => 'auto, 365',
 'maintenance_window_start' => 1,

Now commit the changes

sudo -u www-data php /opt/nextcloud/occ maintenance:update:htaccess

Setup Memory caching (REDIS)

apt install redis-server php-redis
adduser www-data redis

nano /etc/redis/redis.conf

Comment out the bind line

#bind 127.0.0.1 ::1

Change the following lines

# Accept connections on the specified port, default is 6379 (IANA #815344).
# If port 0 is specified Redis will not listen on a TCP socket.
port 0

# Unix socket.
#
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
unixsocket /run/redis/redis-server.sock
unixsocketperm 770

Edit the /opt/nextcloud/config/config.php and add these lines.

  'memcache.local' => '\OC\Memcache\Redis',
  'memcache.distributed' => '\OC\Memcache\Redis',
  'memcache.locking' => '\OC\Memcache\Redis',
  'redis' => [
             'host' => '/run/redis/redis-server.sock',
             'port' => 0,
             ],
);

Restart ...

systemctl restart redis
systemctl restart apache2

Next Cloud Installation 24.04LTS: Difference between revisions

Latest revision as of 17:46, 19 March 2024

Contents

Prerequisites

Set up some directories

Download Nextcloud

Create the database

php Tweaks

Apache Web Server Configuration

Additional Apache Configurations

Web Installation

Tweak some settings to remove errors

House Keeping

Certbot SSL

Make things look a bit nicer

Setup Memory caching (REDIS)

Navigation menu

Next Cloud Installation 24.04LTS: Difference between revisions

Latest revision as of 17:46, 19 March 2024

Prerequisites

Set up some directories

Download Nextcloud

Create the database

php Tweaks

Apache Web Server Configuration

Additional Apache Configurations

Web Installation

Tweak some settings to remove errors

House Keeping

Certbot SSL

Make things look a bit nicer

Setup Memory caching (REDIS)

Navigation menu

Search