4 min read

NextCloud on Ubuntu - Server setup and Installation

A guideline for setting up a Ubuntu server and install all the dependency of NextCloud manually

NextCloud on Ubuntu - Server setup and Installation
Photo by Markus Winkler / Unsplash

Ubuntu 22.04 LTS

Software Foundation

sudo apt update

Apache

v2.4.52

sudo apt install apache2
apachectl -v

start the Apache2

sudo service apache2 start
sudo service apache2 status

enable on boot

sudo systemctl enable apache2

visiting server IP to check if "It works"

PHP

v8.1

sudo apt install php
php --version

Redis

v7.2

sudo apt install redis-server
redis-server --version

enable on boot up

sudo systemctl enable redis-server

PostgreSQL

v15

# Create the file repository configuration:
sudo sh -c 'echo "deb https://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'

# Import the repository signing key:
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -

# Update the package lists:
sudo apt-get update

sudo apt install postgresql15 -y
pg_config --version

enable on boot up

sudo systemctl enable postgresql

Additions

Apache Modules

enable mod_fcgi to replace mod_php for better performance
mod_fcgi: a bridge between Apache and PHP-FPM

sudo a2dismod php8.1
sudo service apache2 restart
sudo apt-get install libapache2-mod-fcgid
sudo a2enmod fcgid

check enabled modules

apachectl -M

enable required modules

sudo a2enmod http2 rewrite headers env dir mime proxy_fcgi setenvif
sudo service apache2 restart

disable incompatible modules

sudo a2dismod mpm_prefork
sudo a2enmod mpm_event

PHP Extensions

install Required Modules

sudo apt install php-{common,curl,xml,gd,json,mbstring,zip,pgsql,bz2,intl,apcu,gmp,bcmath,imap,imagick,redis}

For better image manipulation

sudo apt install imagemagick

php-fpm for Better Performance

sudo apt install php-fpm
sudo service php8.1-fpm start

enable on boot

sudo systemctl enable php8.1-fpm

add the following config to direct apache to use php-fpm for php processing
site.conf

<VirtualHost *:80>
    <FilesMatch \.php$>
        SetHandler "proxy:unix:/var/run/php/php8.1-fpm.sock|fcgi://localhost/"
    </FilesMatch>
</VirtualHost>

Apache Config File

nextcloud.conf

<VirtualHost *:80>
  DocumentRoot /var/www/nextcloud/
  ServerName  your.server.com

  <Directory /var/www/nextcloud/>
    Require all granted
    AllowOverride All
    Options FollowSymLinks MultiViews

    <IfModule mod_dav.c>
      Dav off
    </IfModule>
  </Directory>
</VirtualHost>

test config syntax and reload

sudo apache2ctl configtest
sudo service apache2 reload

php-fpm Settings

nextcloud/.user.ini

memory_limit = 1024M
upload_max_filesize = 1024M
post_max_size = 1024M

.htaccess: php-fpm can't read it

Dedicated Database

sudo -u postgres psql

CREATE DATABASE database_name;
CREATE USER username WITH ENCRYPTED PASSWORD 'password';
ALTER DATABASE database_name OWNER TO username;
GRANT ALL PRIVILEGES ON DATABASE database_name TO username;
\q
  • database_name
  • username
  • password

Data Disk (Optional)

S3

External

  • S3 bucket name
  • S3 region
  • S3 access key
  • S3 secret key
  • Hostname in China: s3.cn-north-1.amazonaws.com.cn

Primary
Files must be accessed via Nextcloud and won't be accessible directly via S3
config

'objectstore' => [
    'class' => '\\OC\\Files\\ObjectStore\\S3',
    'arguments' => [
        'bucket' => 'bucketname',
        'region' => 'ap-east-1',
        'key' => 'access_key',
        'secret' => 'access_secret',
    ],
],
EBS

mount as a local drive

EFS

ideal for the data directory for compatibility

SSL (Optional)

Make sure port 443 is opened

sudo apt install certbot python3-certbot-apache
sudo certbot --apache
Auto Renew

Check if built-in auto renewal service is active

sudo systemctl status certbot.timer

sudo certbot renew --dry-run

/etc/cron.d/certbot
This script runs twice a day and will automatically renew any certificate that’s within thirty days of expiration

Caching (Optional)

config.php

'filelocking.enabled' => true,
'memcache.local' => '\OC\Memcache\APCu',
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
     'host' => 'localhost',
     'port' => 6379,
),

Install NextCloud

Web Installer

  • download the installer
  • open it from the browser
  • follow the instruction to install NextCloud
sudo chown -R www-data:www-data /var/www/nextcloud/

HTTPS only
nextcloud.conf

<IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>

Indeing
add database index afterward, run this command in the root folder

sudo -u www-data php occ db:add-missing-indices

Pretty URLs
config.php

'overwrite.cli.url' => 'https://example.org/nextcloud',
'htaccess.RewriteBase' => '/nextcloud',

sudo -u www-data php /var/www/nextcloud/occ maintenance:update:htaccess

Background Jobs
edit the cronjob file

sudo crontab -u www-data -e

insert to the bottom of the file

*/5  *  *  *  * php --define apc.enable_cli=1 -f /var/www/nextcloud/cron.php

verify the edit

sudo crontab -u www-data -l

Default Phone Region
config.php

'default_phone_region' => 'CN',

Email server configuration
config.php

'mail_smtpmode' => 'smtp',
'mail_sendmailmode' => 'smtp',
'mail_from_address' => 'no-reply',
'mail_domain' => 'youdomain.com',
'mail_smtphost' => 'smtp.server.com',
'mail_smtpport' => '465',
'mail_smtpauth' => 1,
'mail_smtpname' => 'username',
'mail_smtppassword' => 'password',
'mail_smtpsecure' => 'ssl',

Logging
by default, stored in nextcloud.log in the data directory
log errors and fatal errors
config.php

"log_type" => "file",
"logfile" => "data_directory/nextcloud.log",
"loglevel" => 3,
"logdateformat" => "F d, Y H:i:s",
'log_rotate_size' => 100 * 1024 * 1024,

Empty Space for new Users
delete all files in core/skeleton

Error Handling

Memcache \OC\Memcache\APCu not available

sudo -u www-data php --define apc.enable_cli=1  /var/www/nextcloud/occ  maintenance:repair

Opcache

.user.ini

opcache.revalidate_freq = 60
opcache.jit = 1255
opcache.jit_buffer_size = 128M

The OPcache interned strings buffer is nearly full

opcache.memory_consumption=256
opcache.interned_strings_buffer=128

Apps

Auditing / Logging

enable Auditing / Logging
add the following config
config.php

'log.condition' => [
        'apps' => [ 'admin_audit'],
],
'logfile_audit' => 'data_directory/nextcloud.log',

set it to be the same file as the default log so the Web Log Viewer can pick it up
Activity: the personal log for each user

Nextcloud Office

  • connecter to a Collabora Online Server
  • a separate Office Server for editing is required

Collabora Online - Built-in CODE Server

the app will install a CODE server locally to work with Nextcloud Office
TODO
encounter multiple errors, to be explored

Client Push

Push update support for the desktop app
TODO
Error while parsing nextcloud config.php

S3 Versioning

  • user S3 for versioning
  • rely on S3 to manage file livecycle

APP Store Mirror in Mainland, China

config.php

‘appstoreurl’ => 'https://www.orcy.net/ncapps/v2/',