NextCloud on Ubuntu - Server setup and Installation
Ubuntu 22.04 LTS
Software Foundation
sudo apt update
Apache
v2.4.52
sudo apt install apache2
apachectl -v
start the Apache2
sudo service apache2 start
sudo service apache2 status
enable on boot
sudo systemctl enable apache2
visiting server IP to check if "It works"
PHP
v8.1
sudo apt install php
php --version
Redis
v7.2
sudo apt install redis-server
redis-server --version
enable on boot up
sudo systemctl enable redis-server
PostgreSQL
v15
# Create the file repository configuration:
sudo sh -c 'echo "deb https://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
# Import the repository signing key:
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
# Update the package lists:
sudo apt-get update
sudo apt install postgresql15 -y
pg_config --version
enable on boot up
sudo systemctl enable postgresql
Additions
Apache Modules
enable mod_fcgi to replace mod_php for better performance
mod_fcgi: a bridge between Apache and PHP-FPM
sudo a2dismod php8.1
sudo service apache2 restart
sudo apt-get install libapache2-mod-fcgid
sudo a2enmod fcgid
check enabled modules
apachectl -M
enable required modules
sudo a2enmod http2 rewrite headers env dir mime proxy_fcgi setenvif
sudo service apache2 restart
disable incompatible modules
sudo a2dismod mpm_prefork
sudo a2enmod mpm_event
PHP Extensions
install Required Modules
sudo apt install php-{common,curl,xml,gd,json,mbstring,zip,pgsql,bz2,intl,apcu,gmp,bcmath,imap,imagick,redis}
For better image manipulation
sudo apt install imagemagick
php-fpm for Better Performance
sudo apt install php-fpm
sudo service php8.1-fpm start
enable on boot
sudo systemctl enable php8.1-fpm
add the following config to direct apache to use php-fpm for php processing
site.conf
<VirtualHost *:80>
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/php/php8.1-fpm.sock|fcgi://localhost/"
</FilesMatch>
</VirtualHost>
Apache Config File
nextcloud.conf
<VirtualHost *:80>
DocumentRoot /var/www/nextcloud/
ServerName your.server.com
<Directory /var/www/nextcloud/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
</VirtualHost>
test config syntax and reload
sudo apache2ctl configtest
sudo service apache2 reload
php-fpm Settings
nextcloud/.user.ini
memory_limit = 1024M
upload_max_filesize = 1024M
post_max_size = 1024M
.htaccess: php-fpm can't read it
Dedicated Database
sudo -u postgres psql
CREATE DATABASE database_name;
CREATE USER username WITH ENCRYPTED PASSWORD 'password';
ALTER DATABASE database_name OWNER TO username;
GRANT ALL PRIVILEGES ON DATABASE database_name TO username;
\q
- database_name
- username
- password
Data Disk (Optional)
S3
External
- S3 bucket name
- S3 region
- S3 access key
- S3 secret key
- Hostname in China: s3.cn-north-1.amazonaws.com.cn
Primary
Files must be accessed via Nextcloud and won't be accessible directly via S3
config
'objectstore' => [
'class' => '\\OC\\Files\\ObjectStore\\S3',
'arguments' => [
'bucket' => 'bucketname',
'region' => 'ap-east-1',
'key' => 'access_key',
'secret' => 'access_secret',
],
],
EBS
mount as a local drive
EFS
ideal for the data directory for compatibility
SSL (Optional)
Make sure port 443 is opened
sudo apt install certbot python3-certbot-apache
sudo certbot --apache
Auto Renew
Check if built-in auto renewal service is active
sudo systemctl status certbot.timer
sudo certbot renew --dry-run
/etc/cron.d/certbot
This script runs twice a day and will automatically renew any certificate that’s within thirty days of expiration
Caching (Optional)
config.php
'filelocking.enabled' => true,
'memcache.local' => '\OC\Memcache\APCu',
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => 'localhost',
'port' => 6379,
),
Install NextCloud
- download the installer
- open it from the browser
- follow the instruction to install NextCloud
sudo chown -R www-data:www-data /var/www/nextcloud/
HTTPS only
nextcloud.conf
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
Indeing
add database index afterward, run this command in the root folder
sudo -u www-data php occ db:add-missing-indices
Pretty URLs
config.php
'overwrite.cli.url' => 'https://example.org/nextcloud',
'htaccess.RewriteBase' => '/nextcloud',
sudo -u www-data php /var/www/nextcloud/occ maintenance:update:htaccess
Background Jobs
edit the cronjob file
sudo crontab -u www-data -e
insert to the bottom of the file
*/5 * * * * php --define apc.enable_cli=1 -f /var/www/nextcloud/cron.php
verify the edit
sudo crontab -u www-data -l
Default Phone Region
config.php
'default_phone_region' => 'CN',
Email server configuration
config.php
'mail_smtpmode' => 'smtp',
'mail_sendmailmode' => 'smtp',
'mail_from_address' => 'no-reply',
'mail_domain' => 'youdomain.com',
'mail_smtphost' => 'smtp.server.com',
'mail_smtpport' => '465',
'mail_smtpauth' => 1,
'mail_smtpname' => 'username',
'mail_smtppassword' => 'password',
'mail_smtpsecure' => 'ssl',
Logging
by default, stored in nextcloud.log in the data directory
log errors and fatal errors
config.php
"log_type" => "file",
"logfile" => "data_directory/nextcloud.log",
"loglevel" => 3,
"logdateformat" => "F d, Y H:i:s",
'log_rotate_size' => 100 * 1024 * 1024,
Empty Space for new Users
delete all files in core/skeleton
Error Handling
Memcache \OC\Memcache\APCu not available
sudo -u www-data php --define apc.enable_cli=1 /var/www/nextcloud/occ maintenance:repair
Opcache
.user.ini
opcache.revalidate_freq = 60
opcache.jit = 1255
opcache.jit_buffer_size = 128M
The OPcache interned strings buffer is nearly full
opcache.memory_consumption=256
opcache.interned_strings_buffer=128
Apps
Auditing / Logging
enable Auditing / Logging
add the following config
config.php
'log.condition' => [
'apps' => [ 'admin_audit'],
],
'logfile_audit' => 'data_directory/nextcloud.log',
set it to be the same file as the default log so the Web Log Viewer can pick it up
Activity: the personal log for each user
Nextcloud Office
- connecter to a Collabora Online Server
- a separate Office Server for editing is required
Collabora Online - Built-in CODE Server
the app will install a CODE server locally to work with Nextcloud Office
TODO
encounter multiple errors, to be explored
Client Push
Push update support for the desktop app
TODO
Error while parsing nextcloud config.php
S3 Versioning
- user S3 for versioning
- rely on S3 to manage file livecycle
APP Store Mirror in Mainland, China
config.php
‘appstoreurl’ => 'https://www.orcy.net/ncapps/v2/',