Skip to main content

Dedicated Server: Installation of Nextcloud

This guide was created with the following products:

(Details may vary with products from different providers but the main concepts remain the same)

Introduction

Nextcloud is an open source cloud solution and fork of Owncloud, which was founded in 2016 by former Owncloud founder Frank Kalitschek.

In order to achieve optimal performance, stability and functionality, the following setup is recommended for hosting a Nextcloud server. The Nextcloud server is not compatible with Windows and MacOS. At least not without any further virtualization or similar workarounds.

Prerequisites

The following requirements are recommended by the developers and are based on our own experience. You may face issues if you do not meet these prerequisites.

Hardware

ComponentsMinimumRecommended
CPU2x 1 GHz4x 2+ GHz
RAM512 MB4+ GB
Storage10 GB50+ GB
Bandwidth100 mbit/s (up & down)500mbit/s (up & down) Recommended if several users are supposed to use the cloud

Software

PlatformOptions
Operating SystemUbuntu (14.04, 16.04, 18.04), Debian(8,9,10), CentOS 6.5/7
DatabaseMySQL or MariaDB 5.5+ (recommended), SQLite (only recommended for testing and minimal-instances)
Web serverApache 2.4 with mod_php or php-fpm (recommended)
PHP5.6, 7.0 (recommended), 7.1 (recommended), 7.2

Preparation

A connection has to be established via a SSH client in order to install the cloud on a Linux server. In case you are not sure how to use SSH, here is a guide how to do so: Initial access (SSH)

Once the connection is established, you can start to install the necessary packages that are required for the actual installation of Nextcloud. This includes the installation of a web server as well as PHP.


Apache (Web server)

🗄️ Debian 8/9/10:

sudo apt update && sudo apt -y upgrade
sudo apt -y install apache2

PHP (Hypertext Preprocessor)

🗄️ Debian 8:

# Step 1: Adding the PHP 7.3 PPA repository
sudo apt -y install lsb-release apt-transport-https ca-certificates
sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php7.3.list

# Step 2: Install PHP 7.3
sudo apt -y install php7.3

# Step 3: Install PHP 7.3 extensions
sudo apt install php7.3-cli php7.3-fpm php7.3-json php7.3-pdo php7.3-mysql php7.3-zip php7.3-gd php7.3-mbstring php7.3-curl php7.3-xml php7.3-bcmath php7.3-json

🗄️ Debian 9:

# Step 1: Adding the PHP 7.3 PPA repository
sudo apt -y install lsb-release apt-transport-https ca-certificates
sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php7.3.list

# Step 2: Install PHP 7.3
sudo apt -y install php7.3

# Step 3: Install PHP 7.3 extensions
sudo apt install php7.3-cli php7.3-fpm php7.3-json php7.3-pdo php7.3-mysql php7.3-zip php7.3-gd php7.3-mbstring php7.3-curl php7.3-xml php7.3-bcmath php7.3-json

🗄️ Debian 10:

# Step 1: Install PHP 7.3
sudo apt -y install php php-common

# Step 2: Install PHP 7.3 extensions
sudo apt -y install php-cli php-fpm php-json php-pdo php-mysql php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath

Check PHP version for functionality

php -v

The next step is to define a database type to store the relevant information. There are several options:


If you have decided to use this type of database, then you have to follow these steps:

Package installation:

sudo apt-get install mariadb-server php-mysql

During the installation you will be asked to set a root password. If there is no password request, then the default password is blank. This is not secure and should therefore be changed immediately afterwards!

The next step is to connect to the database server and create the required database:

mysql -u root -p
CREATE DATABASE nextcloud;

Afterwards a user has to be created, which gets access to the Nextcloud database.

CREATE USER 'nc_user'@'localhost' IDENTIFIED BY 'YOUR_PASSWORD_HERE';
info

Don't skip this step by using the root user. This is not safe and can put your data at risk!

The last step is to assign the permissions to the new user:

GRANT ALL PRIVILEGES ON nextcloud.* TO 'nc_user'@'localhost';
FLUSH PRIVILEGES;

Once you are done, you can press Ctrl-D to exit the database and continue with the next steps.

Installation

Now the actual installation of Nextcloud can be started. The software needs to be downloaded and unpacked:

cd /var/www/
wget https://download.nextcloud.com/server/releases/latest.zip
apt-get install unzip
unzip latest.zip
chown -R www-data:www-data nextcloud
rm latest.zip

Once this step is finished, it's time to run the installation script. Access is possible via the browser via the following URL:

The installation script configuration appears, in which a root user is created and database information defined:

Security and safety

Setup Warnings

Data Directory

It is strongly recommended to place the data directory outside of the web root directory (i.e. outside of /var/www). The easiest way to do this is with a new installation. The directory can be defined during the setup. However, the directory must first be created and the corresponding permissions have to be set. The data could for example be stored in a directory called Cloud in the home directory.

mkdir /home/cloud/
chown -R www-data:www-data /home/cloud/

HTTPS via SSL certificate (Let's Encrypt)

A good cloud solution should only be accessible via SSL connection. Without SSL encryption, data and information is transferred in plain text. Such information can easily and quickly be intercepted and read without encryption.

<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot "/var/www/nextcloud"
ServerName domain.tld

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All

<IfModule mod_dav.c>
Dav off
</IfModule>

SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
Satisfy Any

</Directory>

SSLCertificateFile /etc/letsencrypt/live/domain.tld/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.tld/privkey.pem
</VirtualHost>
</IfModule>

<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15768000; preload"
</IfModule>

Furthermore, all HTTP traffic should be redirected to HTTPS by using a permanent redirection with status code 301. This can be achieved by using Apache with a configuration like the following Apache VirtualHosts configuration:

<VirtualHost *:80>
ServerName domain.tld
Redirect permanent / https://domain.tld/
</VirtualHost>

Manage Nextcloud

Access to Nextcloud is possible via the browser, as well as via the smartphone and computer using the app. The download sources can be found here: https://nextcloud.com/install/#install-clients

Under settings you can adjust a few more options even after the setup and view important information like logs, activities. This includes additional security settings (two-factor authentication, encryption, ... ), design settings (logo, color, slogan, header), access settings and much more.

Apps

Moreover, there is also the possibility to install additional apps apart from the default apps. You can access them via the menu item Apps.

With such Apps it is possible to further individualize Nextcloud according to your wishes.