It’s time to install Nextcloud! Nextcloud is the best platform for building your very own self-hosted collaboration platform, complete with features such as online document editing, file synchronization, calendar, contacts, and countless plugins. In this video, you’ll be walked through the entire process, and by the end you’ll have your very own Nextcloud server that’s completely set up and ready for action by the end.
Note: This is the same process as the previous video, but updated for Ubuntu 24.04.
Commands and code samples
Initial server setup
Adding a user
After setting up Ubuntu Server, create a user for yourself if you don’t already have one:
adduser <username>Adding the user to the sudo group:
usermod -aG sudo <username>After creating your user, be sure to log out from root, log in as that user.
Minimum Practices
Note: Mention minimum practices, and “every server” video here, link to it…
Updating packages
Before continuing, let’s make sure all installed packages are up to date.
sudo apt updatesudo apt dist-upgradeClean up orphan packages (if there are any):
sudo apt autoremoveUpdating the hostname
Edit the following files, and be sure they include the proper hostname or domain name for your server:
sudo nano /etc/hostnamesudo nano /etc/hostsReboot your server so that all the changes we’ve made so far will take effect.
sudo rebootWhile that’s rebooting, update DNS for the domain name if you have one, so that can replicate while we finish the other steps.
Downloading Nextcloud
We’ll need to grab the Nextcloud zip file, which contains the necessary files we’ll be needing. Click here to open the download page, then copy the URL for the zip file.
On the server, download the Nextcloud zip file using the URL that you copied from the site:
wget https://download.nextcloud.com/server/releases/latest.zipNote: If that URL doesn’t work (it can change at any time) grab the URL from the Nextcloud site.
MariaDB Setup
Setting up the database server
First, let’s install the mariadb-server package:
sudo apt install mariadb-serverCheck the status of the mariadb service:
systemctl status mariadbRunning the secure installation script
Although there’s many tweaks and adjustments you can make to secure MariaDB, running the following command and answering the prompts will give us a decent starting point:
sudo mysql_secure_installationFollow the prompts to set up some very basic security defaults for the database server.
Creating the Nextcloud Database
Next, we’ll create the database we’ll be using for Nextcloud. To do this, we’ll need to access the MariaDB console:
sudo mariadbThen, we’ll create the database and set up permissions with the following commands:
CREATE DATABASE nextcloud;SHOW DATABASES;GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost' IDENTIFIED BY 'mypassword';FLUSH PRIVILEGES;CTRL+D to exit the MariaDB shell.
Apache Webserver Setup
Installing the required packages to support Apache:
sudo apt install libmagickcore-6.q16-6-extra php php-apcu php-bcmath php-cli php-common php-curl php-gd php-gmp php-imagick php-intl php-mbstring php-mysql php-zip php-xmlCheck the status with of Apache:
systemctl status apache2Enable the recommended PHP extensions:
sudo phpenmod apcu bcmath gmp imagick intlInstall zip and unzip the Nextcloud zip file:
sudo apt install unzipunzip latest.zipNow that we’ve unzipped the files, let’s move the files to where they’ll be served from and also set the permissions as well:
mv nextcloud nc.learnlinux.tvsudo chown -R www-data:www-data nc.learnlinux.tvsudo mv nc.learnlinux.tv /var/www/Also, let’s disable the default web page that ships with Apache since we won’t be needing it for anything:
sudo a2dissite 000-default.confCreating a host configuration file for Nextcloud
Next, we’ll set up a config file for Apache that tells it how to serve Nextcloud.
sudo nano /etc/apache2/sites-available/nc.learnlinux.tv.confAdd the following contents to the file (be sure to adjust the file names to match yours):
<VirtualHost *:80>
DocumentRoot "/var/www/nc.learnlinux.tv"
ServerName nc.learnlinux.tv
<Directory "/var/www/nc.learnlinux.tv/">
Options MultiViews FollowSymlinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
TransferLog /var/log/apache2/nc.learnlinux.tv_access.log
ErrorLog /var/log/apache2/nc.learnlinux.tv_error.log
</VirtualHost>Enable the site:
sudo a2ensite nc.learnlinux.tv.confConfiguring PHP
Almost there! The next step will have us change some PHP options. First, edit the following file:
sudo nano /etc/php/8.3/apache2/php.iniFind the options in the following list, and ensure they equal the values shown here. Some may already be set to the appropriate value. Also, be sure to remove the semicolon that may be in front of one or more of these options, because we want to ensure none of these are commented out:
memory_limit = 512M
upload_max_filesize = 200M
max_execution_time = 360
post_max_size = 200M
date.timezone = America/Detroit
opcache.enable=1
opcache.interned_strings_buffer=16
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1Enable the following PHP mods for Apache:
sudo a2enmod dir env headers mime rewrite sslLet’s also enable the apcu module within PHP as well:
sudo nano /etc/php/8.3/mods-available/apcu.iniAdd the following to the end of the file:
apc.enable_cli=1Restart Apache to ensure the new PHP settings take effect:
sudo systemctl restart apache2Tuning MySQL
Next, let’s add some indices that Nextcloud needs, but also doesn’t add during installation (for some reason). But first, we need to mark the occ file executable:
sudo chmod +x /var/www/nc.learnlinux.tv/occThen, we can use it to add the missing indices:
sudo /var/www/nc.learnlinux.tv/occ db:add-missing-indicesAfter that, let’s remove the executable bit we added earlier (for security purposes):
sudo chmod +x /var/www/nc.learnlinux.tv/occAcquiring a TLS certificate
Let’s set up Let’s Encrypt and obtain a certificate for our Nextcloud installation. The following steps will guide you through the process.
Note: Instructions are taken from this link, which you may want to visit in case the instructions change in the future.
Ensure snapd is installed:
sudo apt install snapdInstall the core snap:
sudo snap install core; sudo snap refresh coreInstall Certbot:
sudo snap install --classic certbotsudo ln -s /snap/bin/certbot /usr/bin/certbotAttempt to obtain a certificate (DNS must have already propagated):
sudo certbot --apacheAnswer the prompts carefully, and as long as you didn’t overlook everything you should have your very own TLS certificate!
Misc. Tweaks and Adjustments
Correct the permissions of the config.php file
We definitely wouldn’t want the config.php file to fall into the wrong hands, as it contains valuable setup information regarding our Nextcloud setup. Let’s adjust the permissions to better protect it.
sudo chmod 660 /var/www/nc.learnlinux.tv/config/config.phpsudo chown root:www-data /var/www/nc.learnlinux.tv/config/config.phpEnable memory caching
Edit the Nextcloud config file:
sudo nano /var/www/nc.learnlinux.tv/config/config.phpAdd the following line to the bottom:
'memcache.local' => '\\OC\\Memcache\\APCu',Also add the following line after the previous in order to set your default phone region:
'default_phone_region' => 'US',Note: Be sure to change “US” in the above example to your two-character country code, if yours is not US.
Enabling Strict Transport Security
Edit the SSL config file for our Nextcloud installation:
sudo nano /etc/apache2/sites-available/nc.learnlinux.tv-le-ssl.confAdd the following line after the ServerName line:
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>Finally, restart Apache again:
sudo systemctl restart apache2There’s more you can do in order to improve security, and tweak Nextcloud overall. But now you have a Nextcloud server of your own, and with a pretty decent set of defaults to begin with!
