Nextcloud 18 (NextcloudHub) was released and there are many new News about it:
see the ChangeLog
But now let us install the new NextcloudHub with postreSQL and php7.4-fpm on Debian Buster.
Requirements:
– an VPS with Debian Buster installed
– shell access and appropriate rights
– One DNS A and possibly AAAA record for our Apache vhost
Step 1: Install postgreSQL
First, we install the postgreSQL as Database-Server:
apt install -y postgresql postgresql-contrib
Now you can connect to postgreSQL with:
root@db01:/# sudo -u postgres psql psql (11.5 (Debian 11.5-1+deb10u1)) Type "help" for help. postgres=#
you can get information about connection with:
postgres=# \conninfo You are connected to database "postgres" as user "postgres" via socket in "/var/run/postgresql" at port "5432".
and end session with:
postgres-# \q
Step 2: Install Apache2
With the following command we will install the Apache-Webserver:
apt install -y apache2 apache2-utils
Step 3: Install php7.4-fpm an recommended moduls
Before installing php7.4 we have to add the following Repositories to Debian Buster:
sudo apt -y install lsb-release apt-transport-https ca-certificates sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/sury_php.list sudo apt update
Now we can start to install the needed packages with the following command:
apt install -y php7.4-cli php7.4-common php7.4-mbstring php7.4-gd php-imagick php7.4-intl php7.4-bz2 php7.4-xml php7.4-pgsql php7.4-zip php7.4-dev php7.4-curl php7.4-fpm php-dompdf redis-server php-redis php-smbclient php7.4-ldap
Step 4: Configure Apache2 and php7.4-fpm
Now we enable the needed modules in Apache2 with:
a2enmod proxy_fcgi setenvif mpm_event rewrite headers env dir mime ssl http2
and after that we activate php7.4-fpm:
a2enconf php7.4-fpm
now we have edit the apache2.conf to allow the usage of .htaccess-files:
nano /etc/apache2/apache2.conf
and change the following code:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
to:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
To enable HTTP/2, we need to add this line to apache2.conf:
Protocols h2 h2c http/1.1
now we have to prepare the php.ini for nextcloud:
nano /etc/php/7.4/fpm/php.ini
extend with the following directives:
opcache.enable=1 opcache.enable_cli=1 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=10000 opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1
and adjust the following Lines:
max_execution_time = 300 max_input_time = 600 memory_limit = 512M upload_max_filesize = 10240M
Afterwards, the web server and php7.4-fpm must be restarted:
systemctl restart apache2 php7.4-fpm
Step 5: Install Certbot and other tools
To request a ssl-sert from LetsEncrypt we use Certbot and the apache-plugin:
apt install python-certbot-apache certbot wget curl sudo unzip
Step 6: Create Database
Before we can install Nextcloud, we first have to create a database in postgreSQL. To do this, we execute the following commands:
sudo -u postgres psql
then execute:
CREATE USER nextcloud WITH PASSWORD 'your-password'; CREATE DATABASE nextclouddb TEMPLATE template0 ENCODING 'UNICODE'; ALTER DATABASE nextclouddb OWNER TO nextcloud; GRANT ALL PRIVILEGES ON DATABASE nextclouddb TO nextcloud; \q
Step 7: Download Nextcloud and create filesystem
Now it’s time to download the latest Release of Nextcloud 18 from nextcloud:
wget https://download.nextcloud.com/server/releases/latest-18.zip
and unzip the downloaded archive:
unzip latest-18.zip
Afterwards we move the folder nextcloud to the right place.
we move the entire folder into the path /var/www/html/
mv nextcloud /var/www/html/ chown -R www-data:www-data /var/www/html/nextcloud
You can delete the downloaded archive now:
sudo rm latest-18.zip
For our nextcloud-files we prepare a directory outside of /var/www/html/nextcloud:
mkdir /nextcloud_data
and change the owner to www-data:
chown -R www-data:www-data /nextcloud_data
The document-root for Apache is now /var/www/html/nextcloud
Step 8: Create Apache2 vHost and secure with SSL
To create an Apache vhost, we simply create a new .conf in /etc/apache2/sites-available/:
nano /etc/apache2/sites-available/001-nextcloud.conf
add the following content and adjust your names:
<VirtualHost *:80>
ServerName nextcloud.your-domain.tld
ServerAdmin webmaster@your-domain.tld
DocumentRoot /var/www/html/nextcloud
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
then we activate this site and disable the default vHost:
a2ensite 001-nextcloud.conf a2dissite 000-default.conf systemctl reload apache2
Since we want to reach the site of course via https, we create a LetEncrypt certificate. The easiest way to do this is with Certbot, which we already installed above:
certbot --apache --rsa-key-size 4096
In the last query, we confirm with „2“ that a redirect should occur.
Certbot then creates a second vhost configuration file, which we then process again:
nano /etc/apache2/sites-available/001-nextcloud-le-ssl.conf
we add the following block under DocumentRoot-directive:
<IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15768000; preload" Header always set Referrer-Policy "strict-origin-when-cross-origin" # Prevent MIME based attacks Header always set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "SAMEORIGIN" </IfModule> # SSL Configuration - uses strong cipher list - these might need to be downgraded if you need to support older browsers/devices SSLEngine on SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On <Directory /var/www/html/nextcloud/> Require all granted AllowOverride All Options FollowSymLinks MultiViews <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/html/nextcloud SetEnv HTTP_HOME /var/www/html/nextcloud Satisfy Any </Directory>
then we have to reload the webserver again:
systemctl reload apache2
Step 9: Configure Nextcloud
For final configuration, we call our domain in the browser:
and enter the corresponding data, as DB host we enter localhost and the data directory is /nextcloud_data.
You have to finish the Installation with the Button on the botton.
Now, let’s take Nextcloud’s config.php to configure the recommended memory cache:
nano /var/www/html/nextcloud/config/config.php
add the following code:
'memcache.local' => '\OC\Memcache\Redis', 'memcache.locking' => '\\OC\\Memcache\\Redis', 'redis' => array( 'host' => 'localhost', 'port' => 6379, ),
It looks like this:
In the basic settings, we customize the background tasks and use cron:
and configure the user’s cron job accordingly www-data(adjust path and/or user if you use another one):
sudo crontab -u www-data -e
add the following line at the end:
*/5 * * * * php7.4 -f /var/www/html/nextcloud/cron.php
Restart Apche2 and php-fpm:
systemctl restart apache2 && sudo systemctl restart php7.4-fpm
Last, we have to add some indices and convert some tables in nextclouddb to big int with the following two commands as user www-data:
sudo -u www-data php7.4 /var/www/html/nextcloud/occ db:add-missing-indices sudo -u www-data php7.4 /var/www/html/nextcloud/occ db:convert-filecache-bigint
then refresh your browser and Check the Security and Setup Warnings in Settings Overview.
Step 10: ONLYOFFICE if failed during initialization
If the app documentserver_community get not installed during initialization, you could manually install via shell:
cd /var/www/html/nextcloud/apps/ sudo -u www-data wget https://github.com/nextcloud/documentserver_community/releases/download/v0.1.5/documentserver_community.tar.gz sudo -u www-data tar -xvzf documentserver_community.tar.gz rm documentserver_community.tar.gz
Check if the app ONLYOFFICE is installed and enabled then enable Community Document Server too, the seetings will published autmatically.
Check that the document server is enabled in ONLYOFFICE Settings:
This is a Guide for fresh Install, if you used OnlyOffice before, then clear all settings in OnlyOffice-App before enabling Community Document Server.
If you forget, the settings will not publish automatically.
the URL for OnlyOffice is:
https://nextcloud.your-domain.tld/index.php/apps/documentserver_community/
Do not forget to configure your mail-settings
Now we have a freshly installed NextcloudHub and can enjoy… Remember: If you find issues within the Nextcloud, then report here on GitHub.
Problems with the tutorial? Then comment below or contact me per Mail or Mastodon.
Happy nextclouding and do not forget to share 🙂