Project

General

Profile

Support #960

Install Nextcloud 13 on Debian 9

Added by Daniel Curtis about 3 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Web Server
Target version:
Start date:
02/21/2021
Due date:
% Done:

100%

Estimated time:

Description

This is a guide on setting up NextCloud 13 with Nginx on Debian 9.

Prepare the Environment

  • Before installation of the components, make sure everything is up to date using the following command:
    apt update && apt upgrade
    
  • Create the nextcloud user:
    groupadd nextcloud
    useradd -M -g nextcloud -s /usr/sbin/nologin -c "NextCloud" nextcloud
    

Install Nginx

  • Install Nginx
    apt install nginx
    
  • Start and enable nginx at boot:
    systemctl enable nginx
    systemctl start nginx
    

Install PHP

  • Install PHP and additional dependencies for nextcloud:
    apt install php-fpm php-curl php-cli php-pgsql php-gd php-common php-xml php-json php-intl php-pear php-imagick php-dev php-common php-mbstring php-zip php-soap php-bz2 sudo unzip
    
  • Edit the php fpm config:
    vi /etc/php/7.0/fpm/php.ini
    
    • And modify the following values:
      date.timezone = America/Los_Angeles
      cgi.fix_pathinfo=0
      
  • Edit the php cli config:
    vi /etc/php/7.0/cli/php.ini
    
    • And modify the following values:
      date.timezone = America/Los_Angeles
      cgi.fix_pathinfo=0
      
  • Create the nextcloud php-fpm pool config file:
    vi /etc/php/7.0/fpm/pool.d/nextcloud.example.com.conf
    
    • And add the following:
      [nextcloud.example.com]
      user = nextcloud
      group = www-data
      listen = /var/run/nextcloud.sock
      listen.owner = nextcloud
      listen.group = www-data
      pm = dynamic
      pm.max_children = 5
      pm.start_servers = 2
      pm.min_spare_servers = 1
      pm.max_spare_servers = 3
      
      env[HOSTNAME] = $HOSTNAME
      env[PATH] = /usr/local/bin:/usr/bin:/bin
      env[TMP] = /tmp
      env[TMPDIR] = /tmp
      env[TEMP] = /tmp
      
      php_admin_value[session.save_path] = "/var/www/nextcloud/tmp" 
      
  • Start and enable php-fpm:
    systemctl start php7.0-fpm
    systemctl enable php7.0-fpm
    

Install PostgreSQL

  • Start by installing the postgresql packages:
    apt-get install postgresql{,-contrib,-client}-9.6
    
  • Edit the pg_hba.conf file:
    vi /etc/postgresql/9.6/main/pg_hba.conf
    
    • And add the following to the end of the file to enable password authentication:
      host    all        all        samehost        md5
      
  • Enable, initialize and start PostgreSQL
    systemctl enable postgresql
    systemctl start postgresql
    
  • Log in to postgresql user account
    su - postgres
    
  • Connect to postgresql database
    psql -d template1
    
    • Create a user and database for NextCloud:
      CREATE USER nextclouduser WITH PASSWORD 'SuperSecretPassword' CREATEDB;
      
      CREATE DATABASE nextclouddb OWNER nextclouduser;
      
  • Quit postgresql and exit the user:
    \q
    exit
    

Install Nextcloud

  • Download nextcloud:
    cd /var/www
    wget https://download.nextcloud.com/server/releases/nextcloud-13.0.12.zip
    unzip nextcloud-13.0.12.zip
    
  • Create an nextcloud.example.com server block config file:
    vi /etc/nginx/sites-available/nextcloud.example.com.conf
    
    • Add the following:
      upstream nextcloud-handler {
        server unix:/var/run/nextcloud.sock;
      }
      
      server {
        listen 80;
        server_name nextcloud.example.com;
      
        # Path to the root of your installation
        root /var/www/nextcloud/;
      
        # set max upload size
        client_max_body_size 10G;
        fastcgi_buffers 64 4K;
      
        # Disable gzip to avoid the removal of the ETag header
        gzip off;
      
        rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
        rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
        rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
      
        index index.php;
        error_page 403 /core/templates/403.php;
        error_page 404 /core/templates/404.php;
      
        location = /robots.txt {
          allow all;
          log_not_found off;
          access_log off;
        }
      
        location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
          deny all;
        }
      
        location / {
          # The following 2 rules are only needed with webfinger
          rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
          rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
      
          rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
          rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
      
          rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
      
          try_files $uri $uri/ =404;
        }
      
        location ~ \.php(?:$|/) {
          fastcgi_split_path_info ^(.+\.php)(/.+)$;
          include fastcgi_params;
          fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
          fastcgi_param PATH_INFO $fastcgi_path_info;
          fastcgi_pass nextcloud-handler;
          fastcgi_intercept_errors on;
        }
      
        # Adding the cache control header for js and css files
        # Make sure it is BELOW the location ~ \.php(?:$|/) { block
        location ~* \.(?:css|js)$ {
          add_header Cache-Control "public, max-age=7200";
          # Add headers to serve security related headers
          add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
          add_header X-Content-Type-Options nosniff;
          add_header X-Frame-Options "SAMEORIGIN";
          add_header X-XSS-Protection "1; mode=block";
          add_header X-Robots-Tag none;
          # Optional: Don't log access to assets
          access_log off;
        }
      
        # Optional: Don't log access to other assets
        location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
          access_log off;
        }
      }
      
  • Create the temporary session folder and restrict its permissions:
    mkdir -p /var/www/nextcloud/tmp
    chmod o-rwx /var/www/nextcloud/tmp
    
  • Change the ownership of the nextcloud directory:
    chown -R nextcloud:www-data /var/www/nextcloud
    
  • Enable the site:
    ln -s /etc/nginx/sites-available/nextcloud.conf /etc/nginx/sites-enabled/
    
  • Restart nginx :
    systemctl restart nginx
    

Redis

  • Install Redis and PHP extension:
    apt-get install redis-server php-redis
    
  • Edit the redis config:
    vi /etc/redis/redis.conf
    
    • And modify the following parameters in the config:
      port 0
      unixsocket /var/run/redis/redis.sock
      unixsocketperm 770
      
  • Add nextcloud user to redis group
    usermod -aG redis nextcloud
    
  • Start and enable Redis at boot:
    systemctl enable redis-server
    systemctl start redis-server
    
  • Edit the NextCloud config:
    vi /var/www/nextcloud/config/config.php
    
    • And add the following before the ending );:
        'memcache.locking' => '\OC\Memcache\Redis',
        'memcache.local' => '\OC\Memcache\Redis',
        'redis' => array(
           'host' => '/var/run/redis/redis.sock',
           'port' => 0,
        ),
      

Resources

#1

Updated by Daniel Curtis about 3 years ago

  • Description updated (diff)
#2

Updated by Daniel Curtis about 3 years ago

  • Description updated (diff)
  • Status changed from New to Resolved
#3

Updated by Daniel Curtis about 3 years ago

  • Description updated (diff)
  • % Done changed from 0 to 100
#4

Updated by Daniel Curtis about 3 years ago

  • Description updated (diff)
#5

Updated by Daniel Curtis about 2 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF