Nextcloud

Tango-edit-clear.pngThis article or section needs language, wiki syntax or style improvements.Tango-edit-clear.png

Reason: Several Help:Style issues. (Discuss in Talk:Nextcloud#Style Improvement Flag)

Related articles

From Wikipedia: Nextcloud is functionally very similar to the widely used Dropbox, with the primary functional difference being that Nextcloud is free and open-source, and thereby allowing anyone to install and operate it without charge on a private server. In contrary to proprietary services like Dropbox, the open architecture allows adding additional functionality to the server in form of so-called applications.Nextcloud is an actively maintained fork of ownCloud.

Installation

Required Packages

Install the apache php php-apache mariadb packages from the official repositories.

Install the nextcloudAUR package from the Arch User Repository.

Install the required PHP modules packages: php-gd php-intl php-mcrypt from the official repositories.

Install from the official repositories the APCu PHP module for memory caching: php-apcu.

Optional Packages

For file preview generation Install the following packages:

ffmpeg and either libreoffice-still or libreoffice-fresh from the official repositories.

php-imagickAUR from the Arch User Repository.

PHP Configuration

Edit /etc/php/php.ini and uncomment the following required modules:

gd.so
iconv.so
xmlrpc.so
zip.so

Also uncomment the following required modules for mariadb:

extension=pdo_mysql.so

Uncomment the following recommended PHP modules:

bz2.so
curl.so
intl.so
mcrypt.so

Add the following to open_basedir:

/usr/share/webapps/nextcloud:/dev/urandom
Note: You may also need to add the /tmp directory in open_basedir if Apache only displays a blank page. Check /var/log/httpd/error_log file to confirm this problem

Setup mariadb and nextcloud DB

Configure mariadb:

# mysql_install_db –user=mysql –basedir=/usr –datadir=/var/lib/mysql

Enable and start mariadb.service.

Secure mariadb:

# mysql_secure_installation

Create nextcloud database:

$ mysql -u root -p

At the prompt, insert the following lines (make sure to enter them separately).

Note: Change username and password to your specific values and note them down as you will need them later.
CREATE DATABASE IF NOT EXISTS nextcloud;
CREATE USER ‘username’@’localhost’ IDENTIFIED BY ‘password’;
GRANT ALL PRIVILEGES ON nextcloud.* TO ‘username’@’localhost’ IDENTIFIED BY ‘password’;
quit

Setup Apache

Copy Nextcloud’s Apache configuration file to Apache configuration directory:

# cp /etc/webapps/nextcloud/apache.example.conf /etc/httpd/conf/extra/nextcloud.conf

Edit /etc/httpd/conf/httpd.conf and:

Comment the line:

#LoadModule mpm_event_module modules/mod_mpm_event.so

Uncomment the line:

LoadModule mpm_prefork_module modules/mod_mpm_prefork.so

After LoadModule dir_module modules/mod_dir.so, place the following module:

LoadModule php7_module modules/libphp7.so

At the end of the Include list place the following line:

Include conf/extra/php7_module.conf

At the end of the LoadModule list add the following line:

AddHandler php7-script php

At the bottom of /etc/httpd/conf/httpd.conf add the following line:

Include conf/extra/nextcloud.conf

Enable the following modules:

mod_rewrite
headers
env
dir
mime

Enable and start the apache service httpd

Swithch to Cron from AJAX

Nextcloud requires scheduled execution of some tasks, and by default it archives this by using AJAX, however AJAX is the least reliable method, and it is recommended to use Cron instead.

To do so, first install chrony:

# pacman -S chrony

Then create a job for http user:

# crontab -u http -e

This would open editor, paste this:

*/15  *  *  *  * php -f /usr/share/webapps/nextcloud/cron.php

Save the file and exit. Now you should enable and start chrony.service.

You can verify that everything is set by running

# crontab -u http -l

Finally, set Cron option in Nextcloud settings to Cron.

Enable memcache

Enable memcache by uncommenting the following line in /etc/php/conf.d/apcu.ini:

extension=apcu.so

Log onto Nextcloud and set it up by pointing your browser to: http://localhost/nextcloud. Follow the on screen instructions to setup Nextcloud

Note: Remember to use the DB username/password you set up above

After Nextcloud is set up, add the following line to /usr/share/webapps/nextcloud/config/config.php:

'memcache.local’ => ‘\OC\Memcache\APCu’,

Restart the apache httpd service.

(Optional) SSL Setup and its hardening plus SSL hardening

Tip: See the Let's Encrypt for details about free, automated ssl certificates.

Enable SSL with a self signed certificate

Edit /etc/httpd/conf/httpd.conf and uncomment the following lines:

LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-ssl.conf

Still while in /etc/httpd/conf/httpd.conf add port 443 to your Listen ports:

Listen 443

Create the certificate issuing the following commands:

# cd /etc/httpd/conf
# openssl req -new -x509 -nodes -newkey rsa:4096 -keyout server.key -out server.crt -days 1095
# chmod 400 server.key

SSL hardening

Edit /etc/httpd/conf/extra/httpd-ssl.conf and under the VirtualHost:443 section add the following section:

<IfModule mod_headers.c>
Header always set Strict-Transport-Security “max-age=15768000; includeSubDomains; preload”
</IfModule>

Restart the apache httpd service.