Howto Install NextCloud 20 on Ubuntu 20.04.1 The classic way [Wiki]

Hopefully this helps you with an installation of NextCloud.

This will most likely also work to install version 21.0.1.1.

This text is created here in the forum with the text editor of the forum. It took some learning and I have tried to be precise, use at your own risk, there can be typos and mistakes.

During this writing (10-10-2020) I am reinstalling NextCloud on the Hover. Reinstalling NextCloud is a hassle, especially if you threw it away too easily without thinking about the following:

First download calendar, tasks and contacts from the old NextCloud for all users. Very important. It is necessary to do this on the server because different phones are different, VCF 2.1 and 3.0 are common which gives transfer issues sometimes.

Furthermore, the backup of the installation disk of the original installation is very useful if you no longer know what changes you made to configuration files. I am so happy I do that every night automatically.

User files are less troublesome because they are also on the devices. Rename the NextCloud directory so that the files can be reloaded afterwards.

Fresh Install of Ubuntu 20.04.1

Installation of this Ubuntu Server can be found on the Internet. Don’t install anything extra besides SSH to make working on the server easier.

It appears that the new version of grub is causing spin-up of the drives. You can stop this by looking at https://unix.stackexchange.com/questions/56004/how-to-stop-update-grub-from-scanning-all-drives.

I have made the following adjustment:

sudo** **chmod a-x /usr/bin/os-prober

This seems to work. Continue with adding disks to your Ubuntu system, you attach them to /media.

First install WebMin

WebMin is a graphical user interface for your server. It allows you to do a lot of things without the command line. Webmin is easy to be able to adjust files and to carry out configurations remotely and easily. The file browser is really handy Edit the following file:

sudo nano /etc/apt/sources.list

Insert following line at the end of the file:

deb http://download.webmin.com/download/repository sarge contrib

Save and exit. Following that, download the Webmin PGP key with wget and add it to your system’s list of keys:

wget -q -O- http://www.webmin.com/jcameron-key.asc | sudo apt-key add

Again update!

sudo apt update && sudo apt upgrade

Then install Webmin:

sudo apt install webmin

Normally WebMin expects you to log in securely. Because we only use WebMin behind the router, extra security is not necessary. Therefore, change the required WebMin SSL to No. Edit:

sudo nano /etc/webmin/miniserv.conf

Change the line in "ssl=1"in “ssl=0” and save the file.

Then restart WebMin:

sudo /etc/init.d/webmin restart

Now you can reach WebMin with http://yourserverip:10000 in your browser.

More changes to the configuration of Webmin:

Prevent WebMin from blocking hard disk spindown. Go to → Webmin-> Configuration → Collect Background Statuses → Collect System Status in Background. There you will find that this has a value of 5 minutes. Disable this option as this will prevent some hard disks from being stopped.

Automatic update of the system time can be set in WebMin under Hardware / System time.

Spindown of harddisks

Edit the following file:

sudo nano /etc/hdparm.conf

Add the following lines at the end of the file:

# 24-10-2020 Added following lines
# 5 min = 60 / 15 min = 180 / 20 min = 240
# 30 min = 241 / 1 hour = 242 / 2 hours = 244
# All spinning drives will spindown after 10min idle.
/dev/sdb {
spindown_time = 120
}
/dev/sdc {
spindown_time = 120
}
/dev/sdd {
spindown_time = 120
}
/dev/sde {
spindown_time = 120
}*

Of course you have adjust as required for your system. I have 4 drives where sda is the system drive and sdb1 has been mounted as /media/d1. On this drive I have the data directory for NextCloud.

Install Samba

Samba ensures that files are accessible from Windows computers. As I have not all of my files within NextCloud I require separate storage for music, photo’s, archives and so on.

sudo apt-get update
sudo apt-get install samba -y

Make sure that the users, as you require at home for your users, are created in Ubuntu as well as are also creates in Samba server configuration. I use WebMin for the configuration of Samba.

Install Apache:

Apache provides the web server on the server.

sudo apt install -y apache2 apache2-utils
sudo systemctl enable apache2

Check if it works in a browser by putting yourserverip in a browser.

You should get the default page of Apache2

PHP 7.4 Installation

PHP explains as: Hypertext Pre-Processor. PHP is a widely used programming language.

sudo apt install php7.4 libapache2-mod-php7.4 php7.4-mysql php-common php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-readline

Extra packages for Nextcloud:

sudo apt install php-imagick php7.4-common php7.4-mysql php7.4-fpm php7.4-gd php7.4-json php7.4-curl  php7.4-zip php7.4-xml php7.4-mbstring php7.4-bz2 php7.4-intl php7.4-bcmath php7.4-gmp

To test PHP scripts with Apache server, we need to create a info.php file in the document root directory.

sudo nano /var/www/html/info.php

Paste the following PHP code into the file.

<?php phpinfo(); ?>

Check yourserverip/info.php in the browser.

Make changes to php.ini

sudo nano /etc/php/7.4/apache2/php.ini

Change output_buffering from 4096 to Off
Change memory_limit to 512M
Change upload_max_filesize = 2048M
Check and adjust the following items:
opcache.enable=1
opcache.enable_cli=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.save_comments=1
opcache.revalidate_freq=1

Save the file and restart apache2:

sudo systemctl restart apache2

Install MariaDB:

MariaDB is the database that is preferred for NextCloud.

sudo apt-get install mariadb-server php-mysql

New files in the database must be of the barracuda type in order to store emojis. Create a file:

sudo nano /etc/mysql/conf.d/00-innodb.cnf

Put the following text in the file:

[mysqld]
innodb_large_prefix=true
innodb_file_format=barracuda
innodb_file_per_table=1

Then restart mariadb:

sudo systemctl restart mariadb

To secure the installation, the following command is executed:

sudo mysql_secure_installation

enter a strong password and answer all questions with Y.

Then configure a database for NextCloud

sudo mysql -u root -p

The following are commands used within MariaDB:

CREATE DATABASE nextcloud;

The following creates a user within MariaDB NOT within Ubuntu which is not required it looks like:

CREATE USER 'ncroot'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON nextcloud.* TO 'ncroot'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Barracuda was chosen as the default file format this way, which is required for NextCloud.

Install NextCloud:

Find out the latest version of NextCloud at the site https://nextcloud.com/install/#instructions-server

Take the version number and put it in the following line:

wget https://download.nextcloud.com/server/releases/nextcloud-20.0.2.zip

Install unzip utility:

sudo apt install unzip

Unzip may already be installed, ignore the error and continue. Now unpack NextCloud in the current in the current directory by:

unzip nextcloud-20.0.2.zip

Move the directory to the webserver directory:

sudo mv nextcloud /var/www/

The NextCloud data directory is standard at the webserver. This makes backup difficult and also you would like your data to be on a different disk as the system is. Therefore create an external directory:

sudo md /media/d1/nextcloud

Of course you can have an other data directory somewhere else to your liking. Make sure all files in the /var/www/nextcloud directory belong to www-data:

sudo chown -R www-data:www-data /var/www/

Make sure the data directory exists and is writable by www-data:

sudo chown -R www-data:www-data /media/d1/nextcloud

Create a “Virtual Host File” for Nextcloud. Edit een nieuwe file:

sudo nano /etc/apache2/sites-available/nextcloud.conf

Paste the following text in the file:

<VirtualHost *:80>
DocumentRoot /var/www/nextcloud
ServerName www.yourdomain.com

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /var/www/nextcloud/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews

<IfModule mod_dav.c>
Dav off
</IfModule>

SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
Satisfy Any
</Directory>
</VirtualHost>

Then create a symbolic link to /etc/apache2/sites-enabled/:

sudo ln -s /etc/apache2/sites-available/nextcloud.conf /etc/apache2/sites-enabled/nextcloud.conf

Enable the following Apache modules. You will find several that are already turned on, this is to make sure they are on.

sudo a2enmod rewrite
sudo a2enmod headers
sudo a2enmod env
sudo a2enmod dir
sudo a2enmod mime
sudo a2enmod setenvif
sudo a2enmod ssl
sudo a2ensite default-ssl

Set the ‘ServerName’ directive globally, open file:

sudo nano /etc/apache2/conf-available/servername.conf

Put the following text in the file:

ServerName localhost

Save the file. Enable de server name:

sudo a2enconf servername.conf

Restart Apache so the Apache and PHP modules are reloaded:

sudo systemctl restart apache2

Check configuration:

sudo apache2ctl -t

The output should be: “Syntax OK”

And move on: Set the trusted domains for NextCloud

sudo nano /var/www/nextcloud/config/config.php

Adjust the file:

'trusted_domains' =>
array (
0 => '10.220.1.100',
1 => 'www.yourdomain.com',
),

Replace 10.220.1.100 with the local yourserverip. Save the file and start the configuration of NextCloud in your browser with:

yourserverip/nextcloud

Do the rest of the configuration in the web browser. Enter the username and password for the administrator. Enter the username and password for the database user. Put the data directory: /media/d1/nextcloud

Install Redis memory cache

sudo apt install redis-server

Now let’s configure Redis as a cache for NextCloud. Install the PHP extension for connection to Redis.

sudo apt install php-redis

Next, adjust the NextCloud configuration file:

sudo nano /var/www/nextcloud/config/config.php

Add the following lines above the ); line:

'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.local' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => 'localhost',
'port' => 6379,
),

The restart Apache webserver:

sudo systemctl restart apache2

Nextcloud security:

In the configuration of your domain, at your provider, you must have your domain passed on to your local IP address. Hopefully your ip from your provider is stable. Usually the ip you get from your Internet Provider is linked to the MAC address of your modem and is stable as long as the equipment is stable.

On your router you have to pass the ports 80 and 443 to yourserverip.

Then install Certbot:

sudo apt update
sudo apt install software-properties-common
sudo apt update
sudo apt install python3-certbot-apache

Be sure your router is pointed at your server!

Start the request for a certificate:

sudo certbot --apache

Enter an email address and your domain. Answer the questions. Please note: reroute the non-secured entrance www.yourdomain.com:80 to www.yourdomain.com:443. If this is not done it is not safe and will issue a warning after installation.

The certificate gets installed. What also happens is the automatic update of the certificate as it is required. This is done by extra files and a cron job to call so the update of the certificates is completely automatic. Very nice!

For extra hardening of the site edit the Apache configuration file for Nextcloud:

sudo nano /etc/apache2/sites-available/nextcloud-le-ssl.conf

Add the following lines after Servername:

<IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>

and save the changes.

After this the server can be found through www.yourdomain.com.

  1. Cleanup

Replace the standard Apache2 web page:

sudo nano /var/www/html/index.html

Replace the contants of the file by:

<META HTTP-EQUIV="Refresh" CONTENT="2;URL=https://www.yourdomain.com/">

Save de file. If someone tries to start the default Apache file he will be redirected to the login screen.

Delete the php information page:

sudo rm /var/www/html/info.php

Update background processes

On the settings page, basic settings tab, it is recommended to use a cron job to update background processes. After the following settings you can indicate that this is done by a cron job.

Make a cronjob by:

sudo crontab -u www-data -e

Choose for the nano editor en paste the following line in the file:

*/5  *  *  *  * php -f /var/www/nextcloud/cron.php

Save the file. Within NextCloud on the settings page choose basic settings. At Background Tasks choose Cron.

And you are done!!!

You can login to your cloud with the username and password you have chosen during the web configuration of NextCloud. I am so happy with it!

Edit 09/04/2021: Upgraded to Version 21.0.1.1 with just two small adjustments which are publicised elsewhere on this forum. Also improved the formatting of the text.

Edit 12/04/2021: Modified the Apache2 configuration file that had a small error. Now the site has an A+ rating thanks to support of NextCloud people!

Edit 13/04/2021: Small changes.

Edit 02/05/2021: Formatting updated.

6 Likes

Thanks you very much for your tutorial. It is very clear. I used it to compare with mine and it is very very similar.

I have a little question: Why setup the two types of caching? instead of only “local”. Why the “distributed”?

sudo nano /var/www/nextcloud/config/config.php

‘memcache.distributed’ => ‘\OC\Memcache\Redis’,
‘memcache.local’ => ‘\OC\Memcache\Redis’,

The example of Documentation shows use the two. But I do not know why.

After searching on the net I find that memcache.distributed seems to be for large installation where more than one Nextcloud installation are working together. It does not harm you when you have this line in I think.

1 Like

Yeah, I think so…

But I would like to know what do Nextcloud in the backend when we set up twice:

  'memcache.local' => '\OC\Memcache\Redis',
  'memcache.distributed' => '\OC\Memcache\Redis',

I am sorry but my knowledge is very limited. I am already tremendously happy that it works for me.

Nice write up.

For people less technical I recommend Nextcloud VM.

It’s simple to start with NextcloudVM!

Grab a FREE copy of VMWare Player. Install it. (or buy VMWare Workstation Pro and have automatic snapshots!)

Download the FREE Nextcloud VM.

Open it in VMWare Player. Tweak the hardware if needed (I have found for home use and small installations setting the RAM to 4 Gigs and the Processors to 1 with 2 Cores performs well).

Power it up, follow the prompts. You’ll have an A+ instance of Nextcloud running in just a few minutes.

Feel free to tinker with install options. No worries about breaking anything since you are using a VM. It’s easy to roll back to a prior snapshot or the downloaded VM image.

I use the Nextcloud VM myself. To me the use of a VM offers a ton of benefits versus a direct install (sandboxed, easy to move, easy to backup, no worry of an OS update blowing up my cloud since it resides in it’s own environment, etc.)

The VM is headless so I manage it via CLI, SSH and Webmin (the Nextcloud VM is built around Ubuntu Linux 20.04.2 at the time of this post.)

I use my admin account inside Nextcloud for everything else.

The VM has an A+ rating as well.

I am also hosting a Bitwarden instance as well as OnlyOffice and Talk high performance backends. These are easily installed via the Nextcloud VM app options. During install the Nextcloud VM will also take care of the reverse proxy stuff as well as getting your Cert’s setup for subdomains and it’s all done automatically.

I have contemplated going through the full install but honestly the VM just has too many pluses. The best part being that they(Daniel Hannson) get to deal with updates that break Nextcloud. If and when that happens I spend about 30 seconds rolling back to a prior snapshot and then just wait a day for the Nextcloud VM to get fixed before I update.

I highly recommend the Nextcloud VM.

PS…I do not work for Nextcloud VM. They have a great paid and free product and it has been a pleasure to use.

3 Likes

Thanks for this doc :slight_smile:

Thanks a ton @ironmaiden! :heart_eyes:

Great to hear such great feeback from happy users. :rocket:

Aloha,

Have you tried installing NC 20 using Oracle’s VM VirtualBox instead of VMWare? I curious if the results are the same!

Wonderful article and thanks for sharing… :sunglasses: :desert_island:

Mahalo,
Douglas
Hawaii - The Big Island

Hi Douglas, before 2016 I ran my server with Virtualbox, worked fine. With Nextcloud I do not feel the requirement to run with virtualisation.
Best R, Cees

I installed it in a VM the classic way, (pretty similar like yours) simply for the reason, that I want to run more then one thing on my server and that way my Nextcloud is strictley isolated from the rest of the things running on the same server.

@ironmaiden The official Nextcloud VM is in fact a “classic” installation, pretty similar to the one @NextCees posted. The advantage of the official VM is, that you don’t have to do the installation by yourself and as an addition you get useful scripts, which will make your life easier, if you want to install additional things like Collabora, Bitwarden etc…

The old saying “two heads are better than one” seems true to me.

The Nextcloud VM works well for me because I can pop over to Github and see the issues and resolutions other people are having in different scenarios. Occasionally I can offer a little of my own experience and a little debug and tweaking help as well.

I just uploaded this today. How does your Nextcloud performance compare to mine? This is realtime:

Don’t get me wrong. I think the nextcloud VM is pretty awesome. But if people want do things by them self, that’s fine too. And there are advantages doing things by your self, and if it is just for the learning expirience…

No matter what route someone takes in the beginning Nextcloud will require maintenance, updates and repairs. You will have to get your hands dirty sooner or later OR hire someone to manage it for you.

I have enough knowledge, tech skills and Google expertise that I could barebone it if I wanted to. As a matter of fact I had done it before. I was on Linux initially and because of my passion for billiards and the lack of audio support for ShootersPool.net I decided to go back to Windows 10. I gave the Nextcloud VM a shot to compare performance and also to reap the time savings benefit. Honestly with a modern PC and a headless VM the difference between running it barebones or in VMware is really unnoticeable as my video example clearly indicates. There is a minimal amount of extra RAM and CPU overhead. I would never consider barebones now that I’ve got the VM screaming fast.

The Nextcloud VM is great for someone that might not have the technical knowledge that wants to give self hosting a try or for anyone wanting to get a head start. It’s a much easier step to take then every other option in my opinion.

Reality is that once it’s running the VM has a lot more positives versus barebones so I doubt I will ever go back.

But yet you say you are a beginner! HA!
This is exactly what happens when you spend a lot of time with a hobby you enjoy. You my friend are no beginner. Excellent guide for anyone wanting to go all in.

My apologies for hijacking your post.

My intentions are to help any less technical people that will find this thread and not the Linux fans.

Very good work sir!

Thank you for this great and easy guide! Fits how I got it up and running and how it runs today in a Linux Container.

I have a few points to add though:

IF you will be using a reverse proxy with SSL passthrough in front of your nextcloud server, then I highly recommends to use the newest release of Apache2, which supports remoteIP. Without it you have to disable suspecious login, as the remoteIP in that case always will be the reverseProxy and not the actual public IP of the connecting client. In other words: Suspecious login is useless.

Use a little time to work the SSL settings for hardening your server. As a minimum (unles having REALLY old devices), allow only TLSv1.2 and 1.3, and allow only ciphers with no reported weaknesses. Choose ECC ciphers as preffered but not only supported key for both optimum security and a slight speed increase.

Disable Apache info on error pages and headers.

1 Like