How to: make an HTTP3 Nextcloud on Openlitespeed and saturate your internet line

ℹ️ Support
5

Detailed Openlitespeed Setup guide

Containing plenty of copy-pastable commands and handy screenshots.

Update packages


apt update

apt upgrade -y

Install necessary packages


apt install -y sudo

Install Nextcloud Dependencies


apt install -y gnupg2 mariadb-server apt-transport-https ffmpeg libreoffice imagemagick ghostscript software-properties-common

Install certbot for SSL


apt install -y certbot

Install Redis for locking


apt install -y redis-server

Install Openlitespeed


wget -O - http://rpms.litespeedtech.com/debian/enable_lst_debian_repo.sh | bash

apt install -y openlitespeed

Install PHP


apt install -y lsphp81

apt install -y lsphp81-apcu lsphp81-common lsphp81-curl lsphp81-imagick lsphp81-intl lsphp81-ldap lsphp81-mysql lsphp81-opcache lsphp81-redis

Set up PHP for large file transfers


php_loc8="/usr/local/lsws/lsphp81/etc/php/8.1/litespeed/php.ini"

mods_loc8="/usr/local/lsws/lsphp81/etc/php/8.1/mods-available"

sed -i 's/^\(max_execution_time = \?\).*$/\13600/' "$php_loc8"

sed -i 's/^memory_limit =.*$/memory_limit = 1024M/' "$php_loc8"

sed -i "s/^output_buffering = .*/output_buffering = 0/" "$php_loc8"

echo "apc.enable_cli = 1" >> "$php_loc8"

echo "apc.enable_cli = 1" >> "$mods_loc8/40-apcu.ini"

Make Nextcloud Virtual Host folder structure


ncvhost_name="Nextcloud"

ncvhost_root="/usr/local/lsws/$ncvhost_name"

mkdir "$ncvhost_root"

mkdir "$ncvhost_root"/{conf,html,logs}

chown -R lsadm:lsadm "$ncvhost_root/conf"

chown -R nobody:nogroup "$ncvhost_root/html"

Make Nextcloud Virtual Host config file


ncvhost_name="Nextcloud"

ncvhost_conf="/usr/local/lsws/conf/vhosts/$ncvhost_name"

mkdir "$ncvhost_conf"

chown lsadm:lsadm "$ncvhost_conf"

touch "$ncvhost_conf"/vhconf.conf

chown lsadm:lsadm "$ncvhost_conf"/vhconf.conf

chmod 750 "$ncvhost_conf"/vhconf.conf

Set admin password for Openlitespeed


/usr/local/lsws/bin/lswsctrl start

/usr/local/lsws/admin/misc/admpass.sh

Now you can log in to the Openlitespeed dashboard and configure in the GUI:

  • External App (PHP binary to be used)

  • Virtual Host

  • HTTP & HTTPS Listeners

External App (PHP binary)

Edit SAPI App:

Edit the SAPI App
Edit the SAPI App1271×317 82.6 KB

Change command to lsphp81:

php command
php command835×51 5.58 KB

Virtual Host

Make a ‘Nextcloud’ Virtual Host:

Add VHost
Add VHost1274×321 70.5 KB

Set up Virtual Host:

VHost Basic
VHost Basic1274×284 89.4 KB

VHost General
VHost General1274×284 89 KB

For security, make data and config inaccessible (this mimics htaccess configs in NC on Apache)

VHost Context
VHost Context1274×280 84.5 KB

Listeners

One listener for HTTP, one for HTTPS:

Listener Summary
Listener Summary1274×317 75.2 KB

HTTP is port 80, mapped to Nextcloud

Listener HTTP General
Listener HTTP General1274×503 115 KB

Listener HTTP VHost Mapping
Listener HTTP VHost Mapping1274×404 114 KB

HTTPS is port 443, mapped to Nextcloud

Listener HTTPS General
Listener HTTPS General1274×502 114 KB

Listener HTTPS VHost Mapping
Listener HTTPS VHost Mapping1274×401 113 KB

The HTTPS Listener contains the file paths to the certs we will get from Certbot

Listener HTTPS SSL
Listener HTTPS SSL1274×324 95.7 KB

(Make sure to have plain HTTP working for certbot. We will redirect all HTTP traffic to HTTPS later)

Get cert from LetsEncrypt

certbot certonly

Adjust Virtual Host settings here to use HTTPS only

Now we have got our cert, we can redirect all HTTP traffic to HTTPS as well as enabling htaccess (which Nextcloud needs)

VHost Rewrite
VHost Rewrite1274×540 125 KB

Download Nextcloud

ncvhost_root="/usr/local/lsws/Nextcloud"

ncdl="https://download.nextcloud.com/server/releases/latest.tar.bz2"

ncsha="https://download.nextcloud.com/server/releases/latest.tar.bz2.sha256"

latest="latest.tar.bz2"

wget "$ncdl" -P "$ncvhost_root/html/"

wget "$ncsha" -P "$ncvhost_root/html/"

cd "$ncvhost_root/html" || exit 1

sha256sum -c "${latest}.sha256" < "$latest"

tar -xjf "$latest" --directory "$ncvhost_root/html/"

rm $latest*

shopt -s dotglob

mv nextcloud/* ./

rmdir nextcloud

# Litespeed runs as nobody

chown -R nobody:nogroup "$ncvhost_root/html"

Enable OCC command

php_bin="/usr/local/lsws/lsphp81/bin/php"

ncvhost_root="/usr/local/lsws/Nextcloud"

echo "

alias occ='sudo -u nobody ${php_bin} ${ncvhost_root}/html/occ'

" >> ~/.bashrc

source ~/.bashrc

Setup mariadb


mysql_secure_installation

Create Nextcloud database and user

Optional: use apg here to generate a strong password


apt install -y apg

nc_db_pass=$(apg -a 1 -M ncl -n 1 -m 16)

Create Nextcloud database and user


nc_db_user="nextcloud"

nc_db_db="nextcloud"

# If you didn't use apg

nc_db_pass=ql1zGBf2DlEKi2nv

echo "

CREATE USER '$nc_db_user'@'localhost' IDENTIFIED BY 'ql1zGBf2DlEKi2nv';

CREATE DATABASE IF NOT EXISTS $nc_db_db CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;

GRANT ALL ON $nc_db_db.* TO '$nc_db_user'@'localhost' with grant option;

FLUSH PRIVILEGES;

" | mysql -u root

Install Nextcloud

Navigate to GUI and run installer

Speed things up in Nextcloud


# Disable rich workspaces

occ config:app:set text workspace_available --value=0

# Turn off upload chunking

occ config:app:set files max_chunk_size --value 0

NOT SHOWN: Customize Nextcloud config.php

Setup Nextcloud to use cron for background tasks


ncvhost_root="/usr/local/lsws/Nextcloud"

echo "

*/5 * * * * /usr/local/lsws/lsphp81/bin/lsphp -f ${ncvhost_root}/html/cron.php

0 7 * * * /usr/local/lsws/lsphp81/bin/lsphp ${ncvhost_root}/html/occ trashbin:cleanup --all-users

*/45 * * * * /usr/local/lsws/lsphp81/bin/lsphp ${ncvhost_root}/html/occ files:scan --all

0 5 * * * /usr/local/lsws/lsphp81/bin/lsphp ${ncvhost_root}/html/updater/updater.phar --no-interaction

" | crontab -u nobody -

occ background:cron

By now, your Nextcloud should be good enough for testing.

NOT SHOWN: configure Redis for file locking and APCU for caching.

2 Likes