This is an old revision of the document!
Nextcloud
This tutorial is for users of Debian GNU/Linux seeking to set up a basic self-hosted or VPS Nextcloud instance. Before you start, you should read The issue with Public Cloud, which covers a little more about the value of hosting your own content/cloud instance. Also, do not proceed with this tutorial until you have a LAMP stack set up and until you have properly configured TLS encryption for your site. If you need help with doing that, please see the Apache Survivial tutorial. You may need some optional packages and mods, even with a full LAMP stack already set up, so here are the required packages for Nextcloud 15.x. I will cover optional packages below:
sudo apt install libapache2-mod-php7.0 php7.0 php7.0-xml php7.0-curl php7.0-gd php7.0 php7.0-cgi php7.0-cli php7.0-zip php7.0-mysql php7.0-mbstring php7.0-intl php7.0-fpm wget unzip
Once these are installed, make sure you can enable them and that you have no errors in your configurations:
sudo a2enmod ssl sudo a2enmod headers sudo a2enmod proxy_fcgi setenvif sudo a2enconf php7.0-fpm sudo sudo apache2ctl configtest
There may be some others, so run the Overview tool in Settings on Nextcloud after you get the instance up using the commands below, and see if you need to return and enable some more mods or confs - don't assume this is comprehensive (plus, it can/will change with Nextcloud upgrades). Ok, now let's download Nextcloud 15.x and proceed as follows to get your instance up, assuming you have left the webroot in /var/www/html:
cd /var/www/html sudo wget https://download.nextcloud.com/server/releases/nextcloud-15.0.8.zip sudo unzip nextcloud-15.0.8.zip sudo mv /var/www/html/nextcloud/* /var/www/html/ sudo mv /var/www/html/nextcloud/.htaccess /var/www/html/.htaccess sudo mv /var/www/html/nextcloud/.user.ini /var/www/html/.user.ini sudo rm -r nextcloud sudo rm nextcloud-15.0.8.zip sudo chown www-data:www-data -R /var/www/html/* sudo mkdir /var/www/nextclouddata sudo chown www-data:www-data -R /var/www/nextclouddata sudo mkdir assets sudo mkdir data sudo chmod 0640 *.php *.txt *.html AUTHORS COPYING sudo chmod 0750 {3rdparty,apps,assets,config,core,data,lib,ocm-provider,ocs,ocs-provider,resources,settings,themes,updater} sudo chown root:www-data /var/www/html sudo chown www-data:www-data {apps,assets,config,data,themes,updater} sudo chmod 0755 /var/www/html/occ sudo chmod 0644 /var/www/html/.htaccess sudo chown root:www-data /var/www/html/.htaccess sudo systemctl restart mysql sudo systemctl restart mysqld sudo systemctl restart apache2 sudo systemctl restart php7.0-fpm.service
Prepate MariaDB server for 4-byte characters prior to creating database:
sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf
Once inside that file, copy these configurations under the [mysqld] block and restart the service:
innodb_large_prefix=true innodb_file_format=barracuda innodb_file_per_table=1
It is now time to set up your database:
sudo mysql -u root -p
Enter your password for sudo and then for MySQL. Once inside MySQL command mode, you will have a “>” prompt. You will need to create a separate database for Nextcloud, a dedidcated database user for Nextcloud, and establish proper permissions for the dedicated database user. Here goes:
> CREATE DATABASE nextcloud; > CREATE USER nextclouduser@localhost IDENTIFIED BY 'put-password-here'; > GRANT ALL PRIVILEGES ON nextcloud.* to nextclouduser@localhost IDENTIFIED BY 'put-password-here'; > FLUSH PRIVILEGES; > EXIT;
Okay, you can now proceed to the website test.com and make finish the remaining set up using the Nextcloud website that is now active. Let's first restart the web server and mysql services:
sudo systemctl restart mysql sudo systemctl restart apache2
Ok, now that those services are restarted, you should be able to access your website. Visit test.com in your browser, or if you are not using a domain, then visit localhost in your web browser of choice. When you do that you are given the following choices that match the configuration options above:
Ok, you can now use Netcloud. Navigate to Settings / Overview, however, and see if there are any optimizations, security flaws, or recommendations. Nextcloud may need opcache settings optimized, so navigate to the php daemon directory and edit your opcache settings:
sudo nano /etc/php/7.0/cli/conf.d/10-opcache.ini
The settings below are currently recommended by Nextcloud, but always check/verify this before copying and pasting:
opcache.enable=1 opcache.enable_cli=1 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=10000 opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1
Adjust the memory limit for php by finding the line `memory_limit = ` and changing it to 1G:
sudo nano /etc/php/7.0/apache2/php.ini
Find the `memory_limit = ` line and change the value to 1G. Sometimes, the memory limit error persists, and you may need to also edit .user.ini inside the nextcloud directory with the following parameters:
cd /var/www/html sudo nano .user.ini
Add these three lines to the configuration file there (the first two are optional for the memory limit problem, but super helpful for regular use):
upload_max_filesize=10G post_max_size=10G memory_limit=512M
Next, you may get a Header error for your SSL configuration. To adjust that, either adjust your <VirtualHost *:443> as follows:
sudo nano /etc/apache2/sites-enabled/default-ssl.conf
Add the following Header parameter with the other parameters, or anywhere before the </IfModule> marker:
<IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" </IfModule>
Lastly, Nextcloud uses an .htaccess file inside the webroot, and in order for that configuration to be utilized, Overrides must be enabled:
sudo nano /etc/apache2/apache2.conf
Scroll down to the web server root section and adjust it to read as follows:
<Directory /> Options FollowSymLinks AllowOverride All Require all denied </Directory>
Also, your cal and card dav need redirects for some reasons a bit unclear to me, so adjust your ssl.conf as follows:
sudo nano /etc/apache2/sites-enabled/default-ssl.conf
Place the following redirects after <VirtualHost> and before any <IfModules>. If you are using a directory called nextcloud for your instance, change the path to reflect that location instead of the web-root as my configuration utilizes:
Redirect 301 /.well-known/carddav /remote.php/dav Redirect 301 /.well-known/caldav /remote.php/dav
Okay, that is the majority of fundamental configuration details required to have it running smoothly. Here are a few more optional configurations. The first of those is enabling memcache:
sudo apt install php7.0-apcu
After installing the package, make sure to adjust your config.php as follows:
sudo nano /var/www/html/config/config.php
Add the following line to the config file so that Nextcloud knows which program is handling your caching:
'memcache.local' => '\OC\Memcache\APCu',
Lastly, I ran into an error that stated that the database I created above was not set to handle “13 big integers” which are used to “store identifiers and auto-increment keys in the database.” First, disable the apache and php services and take your instance offline:
sudo systemctl stop apache2 sudo systemctl stop php7.0-fpm
Now that your services are stopped, you can safely run Netcloud's “occ” program which will identify the tables that require updating and prompt you to adjust them (> v.12). They do warn this can take some time, so I recommend doing this on your fresh instance before you have accumulated lots of data (if not, email me as I did find the solution for manually altering the db and tables):
sudo -u www-data php occ db:convert-filecache-bigint
Follow the prompts, and then run it again once it completes in order to verify that “All tables are already up to date!” Holy configuring … I finally have no errors on Debian 9.7 …
sudo systemctl restart mysql
sudo systemctl restart mysqld sudo systemctl restart apache2 sudo systemctl restart php7.0-fpm.service sudo reboot
Happy clouding …
– – – – –
This tutorial is a designated “Invariant Section” of the “Technotronic” section of Haack's Wiki as described on the Start Page.
— oemb1905 2019/06/15 17:30