How to Install Nextcloud on Ubuntu Linux with Nginx

template 1599663 640
template 1599663 640

This post shows students and new users steps to install and configure Nextcloud on Ubuntu Linux with Nginx and Let’s Encrypt free SSL certificate.

Nextcloud is an open-source, self-hosted file sync and share platform similar to Dropbox, OneDrive, and other proprietary online storage services. It is a fork of Nextcloud and 100% open source.

With the Nextcloud app, which can be installed on mobile and desktops, you can access & sync your files, contacts, and data across all devices and platforms.

If you’re looking for a true self-hosted file share and sync platform, then Nextcloud should be a good place to start. We’ll show you how to install and configure Nextcloud on your Ubuntu server with a link to the Let’s Encrypt SSL post.

Also, for students and new users learning Linux, Ubuntu Linux is the easiest place to start learning. Ubuntu is the modern, open-source Linux operating system for desktops, servers, and other devices.

Follow the steps below to start installing and configuring Nextcloud on Ubuntu Linux.

How to install Nginx on Ubuntu Linux

As mentioned above, we will use the Nginx web server to run Nextcloud. Nextcloud requires a web server to function, and Nginx is the most popular open-source web server available today.

To install Nginx on Ubuntu, run the commands below:

sudo apt update
sudo apt install nginx

After installing Nginx, the commands below can stop, start and enable Nginx services to start up every time your server starts up.

sudo systemctl stop nginx.service
sudo systemctl start nginx.service
sudo systemctl enable nginx.service

To test whether Nginx is installed and functioning, open your web browser and browse to the server’s IP address or hostname.

http://localhost

nginx default home page test

If you see the above page in your browser, Nginx works as expected.

How to install MariaDB on Ubuntu Linux

A database server is required for Nextcloud to function. Nextcloud stores its content in a database, and MariaDB is probably the best database server available to run Nextcloud.

MariaDB is fast, secure, and the default server for almost all Linux servers. To install MariaDB, run the commands below:

sudo apt install mariadb-server
sudo apt install mariadb-client

After installing MariaDB, the commands below can stop, start and enable MariaDB services to start up when the server boots.

sudo systemctl stop mariadb.service
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

Next, run the commands below to secure the database server with a root password if you were not prompted to do so during the installation.

sudo mysql_secure_installation

When prompted, use the guide below to answer:

If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): PRESS ENTER

Switch to unix_socket authentication [Y/n] n

Change the root password? [Y/n] n

Remove anonymous users? [Y/n] y

Disallow root login remotely? [Y/n] y

Remove test database and access to it? [Y/n] y

Reload privilege tables now? [Y/n] y

All done!

To verify and validate that MariaDB is installed and working, log in to the database console using the commands below:

sudo mysql -u root -p

You should automatically be logged in to the database server since we initiated the login request as root. Only the root can log in without a password and from the server console.

mariadb welcome

The server was successfully installed if you see a similar screen.

How to install PHP on Ubuntu Linux

Also, PHP is required to run Nextcloud. PHP packages are added to Ubuntu repositories. The versions of the repositories might not be the latest. If you need to install the latest versions, you’ll need to add a third-party PPA repository.

Run the commands below to a third-party repository with the latest versions of PHP.

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:ondrej/php

At the time of this writing, the latest PHP version is 8.0.

sudo apt update

Next, run the commands below to install PHP 8.0 and related modules.

sudo apt install php7.4-fpm php7.4-imagick php7.4-common php7.4-mysql php7.4-gmp php7.4-imap php7.4-json php7.4-pgsql php7.4-ssh2 php7.4-sqlite3 php7.4-ldap php7.4-curl php7.4-intl php7.4-mbstring php7.4-xmlrpc php7.4-gd php7.4-xml php7.4-cli php7.4-zip

Next, you’ll want to change some great PHP configuration settings with Nextcloud. Run the commands below to open the PHP default configuration file.

sudo nano /etc/php/7.4/fpm/php.ini

Then change the line settings to be something like the lines below. Save your changes and exit.

file_uploads = On
allow_url_fopen = On
short_open_tag = On
memory_limit = 256M
upload_max_filesize = 100M
max_execution_time = 360
date.timezone = America/Chicago

How to create a Nextcloud database on Ubuntu

At this point, we’re ready to create the Nextcloud database. As mentioned above, Nextcloud uses databases to store its content.

To create a database for Nextcloud, run the commands below:

sudo mysql -u root -p

Then create a database called nextcloud

CREATE DATABASE nextcloud;

Next, create a database user called nextclouduser and set a password

CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'new_password_here';

Then grant the user full access to the database.

GRANT ALL ON nextcloud.* TO 'nextclouduser'@'localhost' WITH GRANT OPTION;

Finally, save your changes and exit.

FLUSH PRIVILEGES;
EXIT;

How to download Nextcloud on Ubuntu

We’re ready to download Nextcloud and begin configuring it. First, run the commands below to download the latest version of Nextcloud from its repository.

Next, extract the downloaded content into the Nginx root directory. This will create a folder called nextcloud.

wget https://download.nextcloud.com/server/releases/nextcloud-22.2.0.zip -P /tmp
sudo unzip /tmp/nextcloud-22.2.0.zip -d /var/www

Then run the command below to allow the www-data user to own the new Nextcloud directory.

sudo chown -R www-data:www-data /var/www/nextcloud/
sudo chmod -R 755 /var/www/nextcloud/

How to configure Nginx for Nextcloud

We have downloaded Nextcloud content into a new folder we called Nextcloud. Let’s configure Nginx to create a new server block for our Nextcloud website. You can create as many server blocks with Nginx.

To do that, run the commands below to create a new configuration file called nextcloud.conf in the /etc/nginx/sites-available/ directory to host our Nextcloud server block.

sudo nano /etc/nginx/sites-available/nextcloud.conf

In the file, copy and paste the content below into the file and save.

upstream php-handler { 
    server unix:/var/run/php/php7.4-fpm.sock;
}
server {
    listen 80;
    listen [::]:80;
    root /var/www;
    index  index.php index.html index.htm;
    server_name  example.com;


  location ^~ /nextcloud {

        client_max_body_size 512M;
        fastcgi_buffers 8 4K;
        fastcgi_ignore_headers X-Accel-Buffering;

        gzip off;

        error_page 403 /nextcloud/core/templates/403.php;
        error_page 404 /nextcloud/core/templates/404.php;

        location /nextcloud {
            rewrite ^ /nextcloud/index.php$uri;
        }

        location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|changelog|data)/ {
            return 404;
        }
        location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console|core/skeleton/) {
            return 404;
        }
        location ~ ^/nextcloud/core/signature\.json {
            return 404;
        }

        location ~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[sm]-provider/.+|core/templates/40[34])\.php(?:$|/) {
            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param SCRIPT_NAME $fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param modHeadersAvailable true;
            fastcgi_read_timeout 180;
            fastcgi_pass php-handler;
            fastcgi_intercept_errors on;
            fastcgi_request_buffering off;
        }

        location ~ ^/nextcloud/(?:updater|oc[sm]-provider)(?:$|/) {
            try_files $uri $uri/ =404;
            index index.php;
        }

        # Adding the cache control header for js and css files
        # Make sure it is BELOW the PHP block
        location ~ /nextcloud/.*\.(?:css|js) {
            try_files $uri /nextcloud/index.php$uri$is_args$args;
            add_header Cache-Control "max-age=15778463" always;
            add_header X-Content-Type-Options "nosniff" always;
            add_header X-Frame-Options "SAMEORIGIN" always;
            add_header X-XSS-Protection "1; mode=block" always;
            add_header X-Robots-Tag "none" always;
            add_header X-Download-Options "noopen" always;
            add_header X-Permitted-Cross-Domain-Policies "none" always;
            access_log off;
        }

        location ~ /nextcloud/.*\.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map|json) {
            try_files $uri /nextcloud/index.php$uri$is_args$args;
            add_header Cache-Control "public, max-age=7200" always;
            access_log off;
        }
    }
}

Save the file and exit.

After saving the file above, run the commands below to enable the new file that contains our Nextcloud server block and other important Nginx modules.

Restart Nginx after that.

sudo ln -s /etc/nginx/sites-available/nextcloud.conf /etc/nginx/sites-enabled/

Reload Nginx when the configuration is above.

sudo systemctl restart nginx.service

Now that Nextcloud is downloaded and the necessary services are configured open your browser and start the Nextcloud installation by visiting your server’s domain name or IP address followed by /nextcloud :

http://example.com/nextcloud

However, we want to protect our server with Let’s Encrypt free SSL certificates. So, continue below to learn how to generate a Let’s Encrypt SSL certificate for websites.

How to setup Let’s Encrypt for Nextcloud

We have written a great post on generating and managing Let’s Encrypt SSL certificates for the Nginx web servers. You can use that post to apply it here for your Nextcloud website.

To read the post on how to generate Let’s Encrypt SSL certificates for a website, click on the link below:

How to Setup Let’s Encrypt on Ubuntu Linux with Nginx

If you successfully generate a Let’s Encrypt SSL certificate, you should reopen the server block for our Nextcloud website by running the commands below.

sudo nano /etc/nginx/sites-available/nextcloud.conf

The new Nextcloud server block configurations should look similar to the line below. Take notes of the highlighted lines.

  • The first server block listens on port 80. It contains a 301 redirect to redirect HTTP to HTTPS.
  • The second server block listens on port 443. It contains a 301 redirect to redirect www to the non-www domain.
upstream php-handler { 
    server unix:/var/run/php/php7.4-fpm.sock;
}

server {
    listen 80;
    listen [::]:80;
    root /var/www;
    index  index.php index.html index.htm;
    server_name  example.com www.example.com;

    include snippets/well-known.conf;

    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    root /var/www;
    index  index.php index.html index.htm;
    server_name www.example.com;
   
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

    add_header Strict-Transport-Security "max-age=31536000;  includeSubDomains";
    
    include snippets/well-known.conf;

    return 301 https://example.com$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    root /var/www;
    index  index.php index.html index.htm;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 1d;
    ssl_session_tickets off;

    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 30s;

    ssl_dhparam /etc/ssl/certs/dhparam.pem;

    add_header Strict-Transport-Security "max-age=31536000;  includeSubDomains";


 location / {
        return 301 https://$server_name:443$request_uri;
    }

  location ^~ /nextcloud {

        client_max_body_size 512M;
        fastcgi_buffers 8 4K;
        fastcgi_ignore_headers X-Accel-Buffering;

        gzip off;

        error_page 403 /nextcloud/core/templates/403.php;
        error_page 404 /nextcloud/core/templates/404.php;

        location /nextcloud {
            rewrite ^ /nextcloud/index.php$uri;
        }

        location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|changelog|data)/ {
            return 404;
        }
        location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console|core/skeleton/) {
            return 404;
        }
        location ~ ^/nextcloud/core/signature\.json {
            return 404;
        }

        location ~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[sm]-provider/.+|core/templates/40[34])\.php(?:$|/) {
            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param SCRIPT_NAME $fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param HTTPS on;
            fastcgi_param modHeadersAvailable true;
            fastcgi_read_timeout 180;
            fastcgi_pass php-handler;
            fastcgi_intercept_errors on;
            fastcgi_request_buffering off;
        }

        location ~ ^/nextcloud/(?:updater|oc[sm]-provider)(?:$|/) {
            try_files $uri $uri/ =404;
            index index.php;
        }

        # Adding the cache control header for js and css files
        # Make sure it is BELOW the PHP block
        location ~ /nextcloud/.*\.(?:css|js) {
            try_files $uri /nextcloud/index.php$uri$is_args$args;
            add_header Cache-Control "max-age=15778463" always;
            add_header X-Content-Type-Options "nosniff" always;
            add_header X-Frame-Options "SAMEORIGIN" always;
            add_header X-XSS-Protection "1; mode=block" always;
            add_header X-Robots-Tag "none" always;
            add_header X-Download-Options "noopen" always;
            add_header X-Permitted-Cross-Domain-Policies "none" always;
            access_log off;
        }

        location ~ /nextcloud/.*\.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map|json) {
            try_files $uri /nextcloud/index.php$uri$is_args$args;
            add_header Cache-Control "public, max-age=7200" always;
            access_log off;
        }
    }
}

Save the file above, then restart Nginx and PHP using the commands below.

sudo systemctl reload nginx

Finally, if everything went as planned, you should be able to start the Nextcloud setup wizard by browsing to the server hostname or IP address over HTTPS.

https://example.com/nextcloud

A Nextcloud setup wizard should appear. Follow the wizard to complete the setup.

  • Create an admin account and password
  • leave Data folder default
  • Select MySQL/MariaDB
  • Enter the database username
  • Enter the database user password
  • Enter the database name
  • Leave the database host as the local host if Nextcloud and the database server are on the same host.

Click Finish setup

Wait for the setup to complete. Then log in and begin configuring your environment.

That should do it!

Conclusion:

This post showed you how to set up Nextcloud on Ubuntu Linux with Nginx and Let’s Encrypt. Please use the comment form below if you find any errors above or have something to add.

Posted by
Richard

I love computers; maybe way too much. What I learned I try to share at geekrewind.com.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: