What is Nextcloud?
Nextcloud is a recent fork of ownCloud that’s already quickly becoming the newer, better and faster-developed alternative to the self-hosted cloud storage software of old. If you’re an ownCloud user and have ever been frustrated by the dual licenses, the paid vs free model and – as part of it – lack of some of the better features, Nextcloud have gone completely FOSS (free and open-source software) following the Red Hat model of charging for enterprise support rather than enterprise features.
Some of the previously enterprise-only features released as part of the standard FOSS Nextcloud installation include FileDrop, an alternative to Dropbox’s “File Requests” and LibreOffice online, an alternative to Google Docs or Office Online. Upcoming release v.10 will bring two-factor authentication, improved federation, and more.
In this guide
After completing this guide we’ll have the following:
- A newly installed Nextcloud 9.0.53 server
- PHP caching provided by ACPu and Redis for a notable speed increase when navigating even the largest thumbnail-heavy folders
- Pretty links that remove /index.php from the URL
- SSL-enabled with default self-signed certificates and all non-HTTPS traffic redirected
Environment
For this guide Nextcloud will be installed on a virtual machine with the following server spec:
Hardware
Nextcloud doesn’t go into a lot of detail for minimum recommended spec, only advising 512MB of RAM. We’ll provide a bit of a buffer to avoid any possible contention.
- 1GHz CPU
- 1GB RAM
- 20GB HDD
20GB of disk will be enough for this guide, but naturally, the amount chosen should reflect the amount of data to be stored. The disks on the ElasticHosts cloud are in a RAID 1 array which provides high redundancy due to mirroring, but no matter what level of redundancy is set up, it’s not a replacement for a good backup strategy.
Software
- Ubuntu server 16.04 LTS with root access
- Apache 2.4.18
- PHP 7.0
- mySQL 5.7.13
- Nextcloud 9.0.53
Due to the advanced requirements in this guide, root access to the 16.04 instance is mandatory.
Setting up the environment
For those with a functioning Ubuntu server and required components, please skip this section.
First, we need to spin up a virtual machine (VM). The first few steps will run through the configuration and imaging of the new server.
1. Spin up the virtual server
After logging into the ElasticHosts console, select Add followed by Server under Virtual Machines.
In the new modal, define the server spec to that listed under Hardware above.
For Type select Pre-installed system, for Image select Ubuntu 16.04 LTS (Xenial Xerus). Click Add when done.
2. Assign a static IP
On ElasticHosts, new servers are created with a dynamic IP. As we want to permanently assign a hostname to this server for web access to Nextcloud, we’ll assign a static IP. If one isn’t already assigned to the account, create a new static IP from the Add menu.
Once a static IP is available, enter the newly-created (and still powered-off) server settings by clicking the "cog" icon under the power button. This will open a new page.
Under Network select the static IP from the dropdown menu and click the relevant IP under Allowed IPs.
Click Save and Start to boot up the server for the first time.
At this point, it would be a good idea to create a DNS entry for the server. For this guide, we’ll use nc.bayton.org.
3. Connect to the server
After clicking Start the button will change to Connect. On clicking this, a new window will open with server connection details:
Using an SSH client, SSH to toor@IP
(where IP is the IP address) and use the VNC/toor password provided.
4. Update the server & install LAMP, APCu, Redis
As this is a brand new installation based on images that don’t update very often, it’s a good idea to upgrade the server before we begin:
apt update && apt upgrade
When the update has completed, it’ll provide a list of packages to be upgraded. Providing we’re happy with what we see, tap Enter.
With the server updated, a non-root user created with sudo privileges and the root account disabled, we’ll now install the required components for Nextcloud:
sudo apt install lamp-server^
Note: The use of ^ (caret) in the package name is important. It suggests that the installed package is a ‘meta-package’. Meaning a number of programs that are usually installed together.
This command will install Apache 2, MySQL 5.7 and PHP 7.0 along with several PHP/Apache modules to ensure seamless collaboration between the packages. Once happy with the package selection to be installed, tap Enter.
MySQL will request a root
user password. Ensure this is strong and keep the password safe; losing it can cause all manner of issues.
Once installed, we’ll now install APCu and Redis:
sudo apt install php-apcu redis-server php-redis
Confirm the packages to be installed match expectations and hit Enter.
Finally, we’ll install the minimal Nextcloud PHP modules required not to error during installation (more can be enabled later):
sudo apt install php-zip php-dompdf php-xml php-mbstring php-gd php-curl
And enable a few apache modules to support our configuration:
sudo a2enmod rewrite headers env dir mime
Now we’ll restart Apache:
sudo service apache2 restart
Before moving on check via a browser that Apache is up and running:
5. Enable SSL
With the server currently running over HTTP port 80, we can now additionally configure SSL to ensure the Nextcloud installation is secure.
We’ll begin by enabling the SSL module for Apache:
sudo a2enmod ssl
Apache sets up self-signed certificates as part of the installation, so for this guide, we’ll use those. They can be replaced at any time with functioning 3rd party certificates by editing the vhost file we’ll create next.
sudo vim /etc/apache2/sites-available/nextcloud.conf
Insert the following (all items in bold can be changed to suit the environment):
<IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin jason@bayton.org ServerName nc.bayton.org DocumentRoot /var/www/html <IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15768000; preload" </IfModule> SSLEngine on SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key </VirtualHost> </IfModule>
Save and quit, then enable the new configuration:
sudo a2ensite nextcloud.conf
Then restart Apache:
sudo service apache2 restart
SSL should now be enabled, allowing us to navigate to https://nc.bayton.org when we install Nextcloud later.
Optionally, we can also force a redirect from non-SSL to SSL with the following:
sudo vim /etc/apache2/sites-available/nc-redir.conf
Insert the following (all items in bold can be changed to suit the environment):
<VirtualHost *:80> ServerName nc.bayton.org ServerAdmin jason@bayton.org RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L] </VirtualHost>
Save and quit, then enable the new configuration:
sudo a2ensite nc-redir.conf
Then restart Apache:
sudo service apache2 restart
With that, all traffic will be forced to HTTPS.
Install Nextcloud
With the server environment ready (excluding some final NC-related configurations) we’ll move on to installing Nextcloud itself.
1. Download Nextcloud
Change to the webroot directory at /var/www/html
with cd /var/www/html
Download Nextcloud via command line with sudo wget https://download.nextcloud.com/server/releases/nextcloud-9.0.53.tar.bz2
NB: future versions can be obtained from Nextcloud.
Unpack the compressed tar.bz2 with sudo tar -xvjf nextcloud-9.0.53.tar.bz2
As shown above with ls there’s now a nextcloud folder situated under /var/www/html/ but currently, root owns it. We can change that:
sudo chown -R www-data:www-data /var/www/html/nextcloud
Now the Apache account, www-data, will have write-access to the Nextcloud installation directory.
2. Create the Nextcloud database
By default, Nextcloud can create a database and database user when supplying the root user and password in the Nextcloud web-based installer. The following steps are intended for either someone who wants to create their own database or does not want to supply Nextcloud with the root account credentials.
Before switching to Chrome to run the web-based installer, we’ll first create a database.
We can open a session with MySQL by running the command mysql -u root -p
and providing the root password we entered earlier.
Now we’ll create a dedicated database and user for Nextcloud with the following commands:
CREATE DATABASE nextcloud;
CREATE USER 'ncuser'@'localhost' IDENTIFIED BY 'ncpassword';
GRANT ALL PRIVILEGES ON nextcloud . * TO 'ncuser'@'localhost';
Then exit the mysql session with quit
.
3. Install Nextcloud
Open up a browser and navigate to ip-or-hostname/nextcloud. Hopefully, by this point a DNS entry has propagated; we’ll navigate to nc.bayton.org/nextcloud to continue installation.
Success! The Nextcloud installation screen is there and showing no errors. Installation from here is simple:
- Provide a username and secure password for the admin account.
- Select a location for the data directory.
- Provide the database user we configured earlier: ncuser
- Provide the database user password: ncpassword
- Provide the database name: nextcloud
- Confirm the database is on localhost (it is).
When selecting a location for the data directory, keeping it in the webroot is OK, providing .htaccess rules work. If they do not, as is the case at this point due to the way Apache is setup by default, the data directory will be publicly visible. We don’t want that. If the data directory is situated outside of the webroot, ensure the user www-data can write to it in its final location.
Scroll down and click Finish Setup.
Configuration
As it stands currently, Nextcloud isn’t very happy.
1. Enable .htaccess
The .htaccess file doesn’t work because we’ve put Nextcloud in the main /var/www/html
webroot controlled by the apache.conf
file. By default,m it is set to disallow .htaccess
overrides and we’ll need to change that:
sudo vim /etc/apache2/apache2.conf
Then change
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
To
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
Save and quit, then restart Apache with:
sudo service apache2 restart
2. Enable caching
The difference in speed between a Nextcloud server without cache and one with is huge. Particularly as the file and folder counts increase and more multimedia files make their way onto the server, caching becomes increasingly important for maintaining speed and performance. Having installed both APCu and Redis earlier, we’ll now configure them.
First, open the Redis configuration file at /etc/redis/redis.conf
with your preferred text editor (we will use vim):
sudo vim /etc/redis/redis.conf
Now, find and change:
port 6370
to port 0
Then uncomment:
unixsocket /var/run/redis/redis.sock
unixsocketperm 700
while changing permissions to 770 at the same time: unixsocketperm 770
Save and quit, then add the Redis user redis
to the www-data
group:
sudo usermod -a -G redis www-data
Finally, restart Apache with:
sudo service apache2 restart
And start Redis server with:
sudo service redis-server start
With Redis configured, we can add the caching configuration to the Nextcloud config file:
sudo vim /var/www/html/nextcloud/config/config.php
Add the following:
'memcache.local' => '\OC\Memcache\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'filelocking.enabled' => 'true',
'redis' =>
array (
'host' => '/var/run/redis/redis.sock',
'port' => 0,
'timeout' => 0.0,
),
A reboot may be required before the configuration change takes effect, but before we do we’ll make sure Redis is enabled to start on boot with:
sudo systemctl enable redis-server
Caching is now configured.
With both of these now resolved, the admin interface is looking a lot healthier:
3. Pretty links
Much like theming, pretty links aren’t mandatory, but they add to the overall aesthetics of the server.
Most of the hard work was already done during the setup of the environment with the enabling of mod_env
and mod_rewrite
, however, to complete the removal of index.php in every URL, re-open the Nextcloud config file:
sudo vim /var/www/html/nextcloud/config/config.php
Add 'htaccess.RewriteBase' => '/nextcloud', (where nextcloud is the location of the installation) below one of the existing configuration options and finally, from /var/www/html/nextcloud, run:
sudo -u www-data php occ maintenance:update:htaccess
From:
To (don’t simply refresh the page, remove index.php from the URL and load the page again, otherwise it looks like it doesn’t work):
4. Max upload
Until we try to upload files this is easy to miss. By default PHP ships with a file-upload limitation reminiscent of file sizes in the early 2000’s – 2MB. As we’re installing a personal cloud that may hold on to files gigabytes in size, we can change the PHP configuration to allow far more flexibility.
Open the php.ini
file:
sudo vim /etc/php/7.0/apache2/php.ini
Locate and amend:
upload_max_filesize = 2048M
post_max_size = 2058M
The max size can be tweaked to suit, however be sure to always give post_max_size
a bit more than upload_max_filesize
to prevent errors when uploading files that match the maximum allowed upload size.
Restart Apache:
sudo service apache2 restart
Conclusion
So following this guide we now have a new virtual server running Nextcloud 9.0.53 on Ubuntu 16.04 supporting both caching and pretty links.
While this is yet another long-winded guide, as usual, there’s nothing here I would consider to be overly complex which, for a platform that empowers self-hosting data, is a big plus over other solutions.
Want to know more about Nextcloud? Visit nextcloud.com or their thriving support community at help.nextcloud.com.
I hope this guide has been helpful, as always I’m @jasonbayton on Twitter, @bayton.org on Facebook and will also respond to comments below if you have any questions.
If you spot any errors in the above or have suggestions on how to improve this guide, feel free to reach out.
The tutorial was originally published on bayton.org.