11.6 C
Amsterdam

How to install Nextcloud (LEMP) on Ubuntu 20.04

angeloma
angeloma
Senior Writer and partner

Having a private cloud may, at first sight, be unnecessary, but when you are in a company and decide that it is best to take care of your files yourself, then the matter changes. That’s why, in this post, I’ll show you how to install Nextcloud on Ubuntu 20.04 with Nginx.

A private Cloud with Nextcloud

There are many data storage services in clouds. Technological giants like Apple, Google, and Microsoft have them. However, there are people or companies that want to have absolute control over their own data. Nextcloud is there for that.

Nextcloud is an open-source web application that allows us to create our own private cloud. It was created with the primary objective that it is the user who has absolute control of the files.

Many companies install Nextcloud on their servers to create their private clouds. This way they can rely on their own data management. It is even of great help in educational or personal projects.

Install Nextcloud (LEMP) on Ubuntu

1.- Install LEMP on Ubuntu 20.04

Apache is a fantastic web server and nobody can deny that. However, Nginx is well known for its great performance in high traffic situations. That’s why it’s a favorite of many sysadmins that require a lightweight and efficient server.

So, open a terminal or connect to your server and update the distribution

sudo apt update
sudo apt upgrade

Now install Nginx, along with all the PHP modules, MariaDB and some extra packages we’ll need to run:

sudo apt install nginx php7.4-common php7.4-mysql php7.4-fpm php7.4-gd php7.4-json php7.4-curl php7.4-zip php7.4-xml php7.4-mbstring php7.4-bz2 php7.4-intl php7.4-bcmath php7.4-gmp php-imagick mariadb-server unzip

Then start the php-fpm service

sudo systemctl start php7.4-fpm

And then it increases the maximum size of the uploaded files:

sudo nano /etc/php/7.4/fpm/php.ini

And it changes the value

upload_max_filesize = 2M

Set the value that you prefer, in this example, I will place 512M

upload_max_filesize = 512M

Save the changes and close the editor.

Now configure MariaDB with the mysql_secure_installation script

sudo mysql_secure_installation

And there you can define the root password and secure the installation of MariaDB

Remove anonymous users? [Y/n]
Disallow root login remotely? [Y/n]
Remove test database and access to it? [Y/n]
Reload privilege tables now? [Y/n]

Now create the database as well as the user who will use Nextcloud:

sudo mysql -u root -p
CREATE DATABASE nextcloud;
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextclouduser'@'localhost' IDENTIFIED BY 'nextcloudpss';
FLUSH PRIVILEGES;
exit;

Now we can start the installation.

2.- Download Nextcloud

Now if you can download Nextcloud, you can use the wget command

cd /tmp/
wget -c https://download.nextcloud.com/server/releases/nextcloud-20.0.4.zip
--2021-01-11 16:11:32--  https://download.nextcloud.com/server/releases/nextcloud-20.0.4.zip
 Resolving download.nextcloud.com (download.nextcloud.com)… 2a01:4f9:2a:3119::181, 95.217.64.181
 Connecting to download.nextcloud.com (download.nextcloud.com)|2a01:4f9:2a:3119::181|:443… connected.
 HTTP request sent, awaiting response… 200 OK
 Length: 142325595 (136M) [application/zip]
 Saving to: ‘nextcloud-20.0.4.zip’
 nextcloud-20.0.4.zip                       100%[=====================================================================================>] 135.73M  57.8MB/s    in 2.4s    
 2021-01-11 16:11:35 (57.8 MB/s) - ‘nextcloud-20.0.4.zip’ saved [142325595/142325595]

After that, unzip it in the Nginx root directory:

sudo unzip nextcloud-20.0.4.zip -d /var/www/html/

Change the owner of the folder:

sudo chown -R www-data:www-data /var/www/html/

Now create a new ServerBlock with the following guidelines that will facilitate the documentation of Nextcloud:

server {
     listen 80;
     listen [::]:80;
     server_name angtest.ga;
     client_max_body_size 512M;
     fastcgi_buffers 64 4K;
     gzip on;
     gzip_vary on;
     gzip_comp_level 4;
     gzip_min_length 256;
     gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
     gzip_types application/atom+xml application/javascript application/json application/ld+json     application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

     add_header Referrer-Policy                      "no-referrer"   always;
     add_header X-Content-Type-Options               "nosniff"   always;
     add_header X-Download-Options                   "noopen"   always;
     add_header X-Frame-Options                      "SAMEORIGIN"    always;
     add_header X-Permitted-Cross-Domain-Policies    "none"  always;
     add_header X-Robots-Tag                         "none"           always;
     add_header X-XSS-Protection                     "1; mode=block" always;
     
     fastcgi_hide_header X-Powered-By;
     root /var/www/html/nextcloud;
     index index.php index.html /index.php$request_uri; 
     expires 1m;
     location = / {
              if ( $http_user_agent ~ ^DavClnt ) { 
                            return 302 /remote.php/webdav/$is_args$args;
                  } 
                  } 
     location = /robots.txt {     
              allow all;
              log_not_found off;
              access_log off;
              } 
     location ^~ /.well-known {     
               # The following 6 rules are borrowed from `.htaccess`
              rewrite ^/\.well-known/host-meta\.json  /public.php?service=host-meta-json  last;
              rewrite ^/\.well-known/host-meta        /public.php?service=host-meta       last;
              rewrite ^/\.well-known/webfinger        /public.php?service=webfinger       last;     
              rewrite ^/\.well-known/nodeinfo         /public.php?service=nodeinfo        last;     

              location = /.well-known/carddav     { return 301 /remote.php/dav/; }
              location = /.well-known/caldav      { return 301 /remote.php/dav/; }     

              try_files $uri $uri/ =404; 
            } 

location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)  { return 404; } 
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console){ return 404; } 

location ~ \.php(?:$|/) {
             fastcgi_split_path_info ^(.+?\.php)(/.*)$;
             set $path_info $fastcgi_path_info;
             try_files $fastcgi_script_name =404;
             include fastcgi_params;
             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
             fastcgi_param PATH_INFO $path_info;
             fastcgi_param HTTPS on;
             fastcgi_param modHeadersAvailable true; 
             fastcgi_param front_controller_active true;
             fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
             fastcgi_intercept_errors on;
             fastcgi_request_buffering off;

            } 

   location ~ \.(?:css|js|svg|gif)$ {
             try_files $uri /index.php$request_uri;
             expires 6M;
             access_log off;
             } 
   location ~ \.woff2?$ {
             try_files $uri /index.php$request_uri;
             expires 7d;
             access_log off;
            } 
   location / {
             try_files $uri $uri/ /index.php$request_uri; 
     }
 }
1.- Configuring Nginx
1.- Configuring Nginx

Remember to change the ServerName values to your own. Save the changes and close the editor

Check the Nginx configuration to make sure everything is fine:

sudo nginx -t

Output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

And now you have to get a certificate for your domain. This is quite simple thanks to Certbot.

sudo apt install certbot python3-certbot-nginx

Then you can start the process:

sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d angtest.ga

Replace the email and domain values with your own.

At the end of the process, apply the changes by restarting nginx.

sudo systemctl reload nginx

3.- Install Nextcloud

Now open your web browser and go to https://your-domain and you will see the following screen

2.- Nextcloud on Ubuntu
2.- Nextcloud on Ubuntu

There you will have to create the administrator user and configure the database parameters below.

You can also change the path where the data is stored, but you have to create the folder on your server.

When you are ready, Nextcloud will be ready for you.

3.- Nextcloud running
3.- Nextcloud running

So, enjoy it.

Conclusion

Nextcloud is a very useful tool for small and medium businesses that want to create a private cloud quickly and secure.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Donate to Osradar

Latest article

x