Nextcloud: Full Setup & Implementation Guide

The popular LearnLinuxTV guide to setting up your own cloud with Nextcloud has been freshly updated for 2022! In this video, Jay will walk you through setting up an Ubuntu server for use with Nextcloud. In this tutorial, you’ll be walked through the process of installing Nextcloud, setting up a TLS cert, implementing online document editing, and more!

YouTube player

Commands and code samples

Initial server setup

Adding a user

After setting up Ubuntu Server, create a user for yourself if you don’t already have one:

adduser <username>

Adding the user to the sudo group:

sudo usermod -aG sudo <username>

After creating your user, be sure to log out from root, log in as that user.

Updating packages

Before continuing, let’s make sure all installed packages are up to date.

sudo apt update
sudo apt dist-upgrade

Clean up orphan packages (if there are any):

sudo apt autoremove

Updating the hostname

Edit the following files, and be sure they include the proper hostname or domain name for your server:

sudo nano /etc/hostname
sudo nano /etc/hosts

Reboot your server so that all the changes we’ve made so far will take effect.

sudo reboot

While that’s rebooting, update DNS for the domain name if you have one, so that can replicate while we finish the other steps.

Downloading Nextcloud

We’ll need to grab the Nextcloud zip file, which contains the necessary files we’ll be needing. Click here to open the download page, then copy the URL for the zip file.

On the server, download the Nextcloud zip file using the URL that you copied from the site:

wget h<version-number>.zip

Note: Change the URL in the command above to whatever the current download URL is for Nextcloud, this changes from time to time. Just grab the URL from the Nextcloud site.

MariaDB Setup

Setting up the database server

First, let’s install the mariadb-server package:

sudo apt install mariadb-server

Check the status of the mariadb service:

systemctl status mariadb

Running the secure installation script

Although there’s many tweaks and adjustments you can make to secure MariaDB, running the following command and answering the prompts will give us a decent starting point:

sudo mysql_secure_installation

Follow the prompts to set up some very basic security defaults for the database server.

Creating the Nextcloud Database

Next, we’ll create the database we’ll be using for Nextcloud. To do this, we’ll need to access the MariaDB console:

sudo mariadb

Then, we’ll create the database and set up permissions with the following commands:

GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost' IDENTIFIED BY 'mypassword';

CTRL+D to exit

Apache Webserver Setup

Installing the required packages to support Apache:

sudo apt install php php-apcu php-bcmath php-cli php-common php-curl php-gd php-gmp php-imagick php-intl php-mbstring php-mysql php-zip php-xml

Check the status with of Apache:

systemctl status apache2

Enable the recommended PHP extensions:

sudo phpenmod bcmath gmp imagick intl

Install zip and unzip the Nextcloud zip file:

sudo apt install unzip
unzip nextcloud-<version>.zip

Now that we’ve unzipped the files, let’s move the files to where they’ll be served from and also set the permissions as well:

mv nextcloud
sudo chown -R www-data:www-data
sudo mv /var/www
sudo a2dissite 000-default.conf

Creating a host configuration file for Nextcloud

Next, we’ll set up a config file for Apache that tells it how to serve Nextcloud.

sudo nano /etc/apache2/sites-available/

Add the following contents to the file (be sure to adjust the file names to match yours):

<VirtualHost *:80>
    DocumentRoot "/var/www/"

    <Directory "/var/www/">
        Options MultiViews FollowSymlinks
        AllowOverride All
        Order allow,deny
        Allow from all

   TransferLog /var/log/apache2/nextcloud.learnlinux.cloud_access.log
   ErrorLog /var/log/apache2/nextcloud.learnlinux.cloud_error.log


Enable the site:

sudo a2ensite apache-config-file-name.conf

Configuring PHP

Almost there! The next step will have us change some PHP options. First, edit the following file:

sudo nano /etc/php/7.4/apache2/php.ini

Adjust the following parameters:

memory_limit = 512M
upload_max_filesize = 200M
max_execution_time = 360
post_max_size = 200M
date.timezone = America/Detroit

Enable the following PHP mods for Apache:

sudo a2enmod dir env headers mime rewrite ssl

Restart Apache to ensure the new PHP settings take effect:

sudo systemctl restart apache2

Acquiring a TLS certificate

Let’s set up Let’s Encrypt and obtain a certificate for our Nextcloud installation. The following steps will guide you through the process.

Note: Instructions are taken from this link, which you may want to visit in case the instructions change in the future.

Ensure snapd is installed:

sudo apt install snapd

Install the core snap:

sudo snap install core; sudo snap refresh core

Install Certbot:

sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

Attempt to obtain a certificate (DNS must have already propagated):

sudo certbot --apache

Answer the prompts carefully, and as long as you didn’t overlook everything you should have your very own TLS certificate!

Misc. Tweaks and Adjustments

Correct the permissions of the config.php file

We definitely wouldn’t want the config.php file to fall into the wrong hands, as it contains valuable setup information regarding our Nextcloud setup. Let’s adjust the permissions to better protect it.

sudo chmod 660 /var/www/<nextcloud_directory>/config/config.php
sudo chown root:www-data /var/www/<nextcloud_directory/config/config.php

Enable memory caching

Edit the Nextcloud config file:

sudo vim /var/www/

Add the following line to the bottom:

'memcache.local' => '\\OC\\Memcache\\APCu',

Resolving warnings pertaining to the default phone region

Edit the Nextcloud config file:

sudo vim /var/www/

Add the following line to the bottom of the file:

'default_phone_region' => 'US',

Note: Be sure to change “US” in the above example to your two-character country code, if yours is not US.

Get rid of the Image Magick error

Install the libmagickcore-6.q16-6-extra package:

sudo apt install libmagickcore-6.q16-6-extra

Enabling Strict Transport Security

Edit the SSL config file for our Nextcloud installation:

sudo vim /etc/apache2/sites-available/

Add the following line after the ServerName line:

<IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"

Notable Replies

  1. If you have a reverse proxy running and you want to deploy with docker, you can use the following stack. Edit your preferences and deploy in less than a minute.

    Make sure to add DNS records and reverse proxy settings for both and

    version: '3'
        image: linuxserver/nextcloud:latest
        container_name: nextcloud-cloud
          - PUID=1000
          - PGID=1000
          - TZ=Europe/Copenhagen               # Edit this line
          - /path/to/docker-data/nextcloud/nextcloud-conf:/config  # Edit this line
          - /path/to/docker-data/nextcloud/nextcloud-data:/data    # Edit this line
          - 8775:443      # Edit the first number to your preferred port for Nextcloud
        restart: unless-stopped
        image: collabora/code:latest
        container_name: nextcloud-office
          - MKNOD
          - 'domain=cloud\\.yourdomain\\.com'  # Edit this line
          - 'dictionaries=en_GB en_US da_DK'   # Edit this line
          - 'DONT_GEN_SSL_CERT=True'
          - 'extra_params=--o:ssl.enable=false --o:ssl.termination=true'
          - 'TZ=Europe/Copenhagen'             # Edit this line
    # Include this if you want to map the Collabora config file - make sure you have a working config first (after inital deployment)
    #    volumes:
    #      - /path/to/docker-data/nextcloud/collabora-conf/coolwsd.xml:/etc/coolwsd/coolwsd.xml
          - 8780:9980      # Edit the first number to your preferred port for Collabora
        restart: unless-stopped
          - nextcloud
  2. WHOOPS !!! Somehow, I broke it!
    2022 Nextcloud: Full Setup & Implementation Guide (Updated for 2022!)

    Little help please. A year ago, I successfully set up my NEXTCLOUD on Linode following this tutorial: Nextcloud: Complete Setup Guide - YouTube

    Everything worked from the original tutorial…but with a few “complaints” from NextCloud. I went through the 2022 update tutorial: Nextcloud: Full Setup & Implementation Guide (Updated for 2022!) - YouTube
    and made a few changes to my original instance this tutorial recommended substituting my domain info instead of Jay’s. The changes I made did NOT throw any error messages. Specifically I made these changes:

    • sudo chmod 660 /var/www/<nextcloud_directory>/config/config.php
    • sudo chown root:www-data /var/www/<nextcloud_directory/config/config.php
    • ‘default_phone_region’ => ‘US’,
    • sudo apt install libmagickcore-6.q16-6-extra
    • sudo vim /etc/apache2/sites-available/
    • Header always set Strict-Transport-Security “max-age=15552000; includeSubDomains”

    And without knowing why…my bookmarked log in page no longer loads and my Android will not let me access my files. My hunch is that something related to the sudo chmod commands fouled the system.

    How do I begin to diagnose and fix this? Thanks to all. Whew…what a lesson in "if it ain’t broke…don’t fix it:…
    Mint Daddy
    PS - re ran: sudo system ctl status and got this error. Can it help diagnose? Changed my domain and user name for my privacy…

    $ sudo systemctl status

    ● <>
    State: degraded
    Jobs: 0 queued
    Failed: 1 units
    Since: Wed 2022-03-09 22:47:31 UTC; 21h ago
    CGroup: /
    │ └─user-1001.slice
    │ ├─session-205.scope
    │ │ ├─22333 sshd: <me_user> [priv]
    │ │ ├─22452 sshd: <me_user>@pts/0
    │ │ ├─22458 -bash
    │ │ ├─23650 sudo systemctl status
    │ │ ├─23651 systemctl status
    │ │ └─23652 pager
    │ └─user@1001.service …
    │ └─init.scope
    │ ├─22346 /lib/systemd/systemd --user
    │ └─22347 (sd-pam)
    │ └─1 /sbin/init autoinstall
    │ └─531 /usr/sbin/haveged --Foreground --verbose=1 -w 1024
    │ ├─ 749 /usr/sbin/apache2 -k start
    │ ├─ 2491 /usr/sbin/apache2 -k start
    │ ├─ 2493 /usr/sbin/apache2 -k start
    │ ├─ 2494 /usr/sbin/apache2 -k start
    │ ├─ 2497 /usr/sbin/apache2 -k start
    │ ├─ 2498 /usr/sbin/apache2 -k start
    │ ├─ 2596 /usr/sbin/apache2 -k start
    │ └─21308 /usr/sbin/apache2 -k start
    │ └─22708 /usr/lib/packagekit/packagekitd
    │ └─567 /lib/systemd/systemd-networkd
    │ └─375 /lib/systemd/systemd-udevd
    │ └─584 /usr/sbin/cron -f
    │ └─serial-getty@ttyS0.service
    │ └─617 /sbin/agetty -o -p – \u --keep-baud 115200,38400,9600 t>
    │ └─730 /usr/sbin/mysqld
    │ └─672 /usr/lib/policykit-1/polkitd --no-debug
    │ └─594 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startu>
    │ └─469 /sbin/multipathd -d -s
    │ └─580 /usr/lib/accountsservice/accounts-daemon
    │ └─23243 /usr/sbin/ModemManager
    │ └─353 /lib/systemd/systemd-journald
    │ └─603 /usr/sbin/atd -f
    │ └─745 /usr/bin/python3 /usr/share/unattended-upgrades/unattended>
    │ ├─ 658 sshd: /usr/sbin/sshd -D [listener] 6 of 10-100 startups
    │ ├─22468 sshd: [accepted]
    │ ├─23639 sshd: [accepted]
    │ ├─23640 sshd: root [priv]
    │ ├─23641 sshd: root [net]
    │ ├─23644 sshd: unknown [priv]
    │ ├─23645 sshd: unknown [net]
    │ ├─23646 sshd: unknown [priv]
    │ ├─23647 sshd: unknown [net]
    │ ├─23648 sshd: [accepted]
    │ └─23649 sshd: [net]
    │ └─23387 /usr/libexec/fwupd/fwupd
    │ └─597 /usr/lib/snapd/snapd
    │ └─595 /usr/sbin/rsyslogd -n -iNONE
    │ └─18227 /usr/lib/upower/upowerd
    │ └─569 /lib/systemd/systemd-resolved
    │ └─602 /usr/lib/udisks2/udisksd
    │ └─585 /usr/bin/dbus-daemon --system --address=systemd: --nofork >
    │ └─508 /lib/systemd/systemd-timesyncd
    │ └─getty@tty1.service
    │ └─619 /sbin/agetty -o -p – \u --noclear tty1 linux
    └─600 /lib/systemd/systemd-logind

  3. Hello and 1st of all - thank you very much for the video. :wave:

    Since I recently began digging my way into Linux I thought I might as well set up a Nextcloud server.
    I’ve already watched the video 2 times took notes and then went on to try it myself.

    Now I ran into trouble at setting up the mariadb part.
    When I do the “GRANT ALL PRIVILEGES…” part it doesn’t confirm or anything and just indents the command line below with a > leading.

    I guess I probably missed something…
    Btw I checked for typos multiple times.

    Thanks in advance for replying. :slight_smile:

  4. I believe you may have missed a ; (semi-colon). SQL commands require those to end the line.

  5. @ThatGuyB thank you for your quick response.
    I just found out what the issue was… and that’s kind of embarrassing. :sweat_smile:
    I actually included a \ at the end of the password not thinking about the meaning of that symbol for the shell.
    I just changed that and now it works.

    Sorry to bother your and thanks again for your quick reply. :smiley:

Continue the discussion at

10 more replies


Avatar for system Avatar for eredwood007 Avatar for MintDaddy Avatar for EdLa Avatar for ameinild Avatar for kuldeep Avatar for frederik Avatar for ThatGuyB