Example installation on Ubuntu 22.04.03 LTS with Apache2, APCu, redis and mariadb behind a NGINX proxy

saettel.beifuss0 · October 23, 2023, 12:57pm

Hi guys!
I wrote a Nextcloud installation Guide for an Ubuntu bare meta installation behind an NGINX proxy. The goal was to follow Nextclouds recommendations and pass the security scan without errors.

Would love to hear your input. Feel free to give me feedback here or open an issue here:

github.com

jameskimmel/Nextcloud_Ubuntu/blob/main/nextcloud_behind_NGINX_proxy.md

# Example installation on Ubuntu 22.04.03 LTS with Apache2, APCu, redis and mariadb behind a NGINX proxy, no Docker, no Snap

## Who is this for?
This is an example installation for Ubuntu users who want to host a Nextcloud instance behind a NGINX proxy. No Docker, no Snap.
It assumes that you have a working NGINX proxy server.
The goal of this guide is to have no warnings in the admin center and the instance should get a perfect security score from scan.nextcloud.com.
There are some placeholder values or variables that always start with x_. You need to replace them with your data. 
This is the structure of the setup used in this guide.

![setup](https://github.com/jameskimmel/Nextcloud_Ubuntu/assets/17176225/a5aae0e5-6560-4c4f-9a6d-cf062b1fdb8b)

## Split DNS
This guide assumes you have some kind of split DNS. Why is this necessary? 
Let's assume your WAN IPv4 is 85.29.10.1 and your NGINX Proxy has the IP 192.168.1.10 and your domain is cloud.yourdomain.com. 

If you are on the road and try to connect to your Nextcloud, your client will ask "Hey what IP is cloud.yourdomain.com?" some DNS servers will answer with 85.29.10.1.
Then traffic will go to your firewall and some kind of NAT will redirect it to your NGINX Proxy on 192.168.1.10. 

But if you are on your local network, that probably will not work, because your firewall only NATs from WAN to LAN and not LAN to LAN. 
There are two simple solutions to this.

This file has been truncated. show original