Install Apache, MariaDB and PHP
NextCloud runs on the webserver, written in PHP and uses MariaDB to store their data. So you will need to install Apache, MariaDB, PHP and other required packages on your system. You can install all of them by running the following command:
apt-get install apache2 libapache2-mod-php mariadb-server php-xml php-cli php-cgi php-mysql php-mbstring php-gd php-curl php-zip wget unzip -y
Once all the packages are installed, open the php.ini file and tweak some recommended settings:
nano /etc/php/7.3/apache2/php.ini
Change the following settings:
memory_limit = 512M upload_max_filesize = 1024M post_max_size = 1024M max_execution_time = 300 date.timezone = Asia/Dhaka
Save and close the file when you are finished. Then, start the Apache and MariaDB service and enable them to start after system reboot with the following command:
systemctl start apache2 systemctl start mariadb systemctl enable apache2 systemctl enable mariadb
Once you are done, you can proceed to the next step.
Configure Database for NextCloud
Next, you will need to create a database and database user for NextCloud. To do so, log in to MariaDB shell with the following command:
mysql -u root -p
Provide your root password when asked then create a database and user with the following command:
MariaDB [(none)]> CREATE DATABASE nextclouddb; MariaDB [(none)]> CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'password';
Next, grant all the privileges to the nextclouddb with the following command:
MariaDB [(none)]> GRANT ALL ON nextclouddb.* TO 'nextclouduser'@'localhost';
Next, flush the privileges and exit from the MariaDB shell with the following command:
MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> EXIT;
Once you are done, you can proceed to the next step.
Download NextCloud
First, visit the NextCloud download page and download the latest version of the NextCloud on your system. At the time of writing this article, the latest version of NextCloud is 17.0.1. You can download it with the following command:
wget https://download.nextcloud.com/server/releases/nextcloud-17.0.1.zip
Once the download is completed, unzip the downloaded file with the following command:
unzip nextcloud-17.0.1.zip
Next, move the extracted directory to the Apache web root directory:
mv nextcloud /var/www/html/
Next, give proper permissions to the nextcloud directory with the following command:
chown -R www-data:www-data /var/www/html/nextcloud/ chmod -R 755 /var/www/html/nextcloud/
Once you are finished, you can proceed to the next step.
Configure Apache for NextCloud
Next, you will need to create an Apache virtual host configuration file to serve NextCloud. You can create it with the following command:
nano /etc/apache2/sites-available/nextcloud.conf
Add the following lines:
<VirtualHost *:80> ServerAdmin admin@example.com DocumentRoot /var/www/html/nextcloud/ ServerName nextcloud.example.com Alias /nextcloud "/var/www/html/nextcloud/" <Directory /var/www/html/nextcloud/> Options +FollowSymlinks AllowOverride All Require all granted <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/html/nextcloud SetEnv HTTP_HOME /var/www/html/nextcloud </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
Save and close the file when you are finished. Then, enable the Apache virtual host file and other required modules using the following commands:Advertisement
a2ensite nextcloud.conf a2enmod rewrite a2enmod headers a2enmod env a2enmod dir a2enmod mime
Finally, restart the Apache service to apply the new configuration:
systemctl restart apache2
Secure NextCloud with Let’s Encrypt Free SSL
NextCloud is now installed and configured. Next, it is recommended to secure it with Let’s Encrypt free SSL. To do so, first install the Certbot client with the following command:
apt-get install python-certbot-apache -y
Once installed, you can run the following command to install Let’s Encrypt Certificate for your domain nextcloud.example.com.
certbot --apache -d nextcloud.example.com
During the installation, you will be asked to provide your email address and accept the term of service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): admin@example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for nextcloud.example.com Enabled Apache rewrite module Waiting for verification... Cleaning up challenges Created an SSL vhost at /etc/apache2/sites-available/nextcloud-le-ssl.conf Deploying Certificate to VirtualHost /etc/apache2/sites-available/nextcloud-le-ssl.conf Enabling available site: /etc/apache2/sites-available/nextcloud-le-ssl.conf Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Next, type 2 and hit Enter to download and install a free SSL certificate for your domain. Once the installation has been completed successfully. You should get the following output:
Enabled Apache rewrite module Redirecting vhost in /etc/apache2/sites-enabled/nextcloud.conf to ssl vhost in /etc/apache2/sites-available/ nextcloud-le-ssl.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://nextcloud.example.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=nextcloud.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/example.com/privkey.pem Your cert will expire on 2019-10-22. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Once you are finished, you can proceed to the next step.
Access NextCloud Web Interface
Your NextCloud is now configured and secured with Let’s Encrypt SSL. Next, open your web browser and type the URL https://nextcloud.example.com. You will be redirected to the following page:
Now, provide your admin username and password, Data folder, Correct database credentials and click on the Finish setup button. You will be redirected to the NextCloud dashboard in the following page:
That’s it for now.
Conclusion
Congratulations! you have successfully installed and secured NextCloud with Let’s Encrypt Free SSL on Debian 10. You can now easily share files, documents, and media with other users using NextCloud web interface.
Src: https://www.howtoforge.com/tutorial/how-to-install-nextcloud-on-debian-10/