NextCloud: installing server on Debian behind NGINX with PHP-FPM and client on Arch Linux

By | 03/17/2019
 

After the news that Dropbox adds a new limitation for users by the three devices only – I’m finally ready to install my own NextCloud to store and synchronize data.

The sad thing is not exactly the three devices limit (and it will be applied for a new users only – old user who already has three or more devices can still use them but will have to play for a new additional one), but the fact of such new limitation itself.

When big companies begin changing rules of a game just because they want more money – this is unpleasant.

Thus for now will do a quick manual setup just to take a closer look on the NextCloud itself and on a next time – I’ll add its setup to my RTFM’s automation (check the Prometheus: RTFM blog monitoring set up with Ansible – Grafana, Loki, and promtail post for such an example): the NextCloud instance later will be hosted on the same server where is this blog and will use an additional Digital Ocean Block Storage (aka Volumes).

Digital Ocean also has the Object Storage, which is the AWS S3 analog and I guess it could better to use it instead of simple volume attached to a host, but I didn’t use it yet and it will cost $5/month.

Digital Ocean storages documenation available here>>>.

In any case – a data can be moved later

Also, you can keep your server hosted on a DigitalOcean’s droplet and use AWS S3 as backend storage for your NextCloud.

The NexСloud documentation available here>>>.

NexСloud vs ownCloud

NextCloud (created at 2016) is the ownCloud’s for (started at 2010).

Good to read about them here:

Digital Ocean droplet’s disk

Run a new droplet and add a new Volume.

Droplet’s creation is out of the scope of this post, you can check the DigitalOcean: знакомство — Droplet, Floating IP, Firewall(Rus) for details.

Create volume with the Manually Format & Mount option:

Connect to it:

ssh root@174.138.14.155 -i do-rtfm-dev-droplet

Check disks:

root@nextcloud-testing:~# lsblk
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda      8:0    0    1G  0 disk
vda    254:0    0   25G  0 disk
└─vda1 254:1    0   25G  0 part /
vdb    254:16   0  434K  1 disk

/dev/sda – will be the NextCloud’s storage.

Create a new directory:

root@nextcloud-testing:~# mkdir -p /data/nextcloud

Create a new partition on the /dev/sda:

root@nextcloud-testing:~# fdisk /dev/sda
...
Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0xc5322339.
Command (m for help): n
Partition type
p   primary (0 primary, 0 extended, 4 free)
e   extended (container for logical partitions)
Select (default p):
Using default response p.
Partition number (1-4, default 1):
First sector (2048-2097151, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-2097151, default 2097151):
Created a new partition 1 of type 'Linux' and of size 1023 MiB.
Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.

Format /dev/sda1 to ext4:

root@nextcloud-testing:~# mkfs.ext4 /dev/sda1

Mount it to the /data/nextcloud/:

root@nextcloud-testing:~# mount /dev/sda1  /data/nextcloud/

Get partition’s UUID:

root@nextcloud-testing:~# blkid /dev/sda1
/dev/sda1: UUID="37e8697e-e51e-4a91-83d5-79efe61fe91b" TYPE="ext4" PARTUUID="c5322339-01"

Add it to the /etc/fstab with the nofail option:

UUID="37e8697e-e51e-4a91-83d5-79efe61fe91b"     /data/nextcloud/        ext4    nofail 0 0

Unmount it now:

root@nextcloud-testing:~# umount /data/nextcloud

And mount via fstab to be sure it’s correct:

root@nextcloud-testing:~# mount -a
root@nextcloud-testing:~# lsblk /dev/sda
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda      8:0    0    1G  0 disk
└─sda1   8:1    0 1023M  0 part /data/nextcloud

That’s all for now.

You can also reboot your server to be sure all work here.

NGINX and PHP

Install NGINX:

root@nextcloud-testing:~# apt update && apt -y upgrade && apt -y install nginx

Install PHP and PHP-FPM:

root@nextcloud-testing:~# apt install php php-xml php-curl php-gd php-zip php-mysql php-mbstring php-fpm wget unzip -y

Create a virtual host’s config.

Here I’ll use the nextcloud-testing.setevoy.org.ua domain.

For now, as this is testing setup – let’s do without SSL/TLS and config will look like this:

server {

    listen 80;
    listen [::]:80;

    server_name nextcloud-testing.setevoy.org.ua;

    root /var/www/html/nextcloud-testing.setevoy.org.ua;

    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

    location / {
        rewrite ^ /index.php$uri;
    }

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
        deny all;
    }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        #fastcgi_param HTTPS on;
        #Avoid sending the security headers twice
        fastcgi_param modHeadersAvailable true;
        fastcgi_param front_controller_active true;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
        try_files $uri/ =404;
        index index.php;
    }

    location ~ \.(?:css|js|woff|svg|gif)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=15778463";
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
    }

    location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        access_log off;
    }

}

NextCloud documentation can be found here>>>.

Check and reload NGINX:

root@nextcloud-testing:~# nginx -t && service nginx reload
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

For test – create a file with the phpinfo():

root@nextcloud-testing:~# mkdir /var/www/html/nextcloud-testing.setevoy.org.ua/
root@nextcloud-testing:~# echo "<?php phpinfo(); ?>" > /var/www/html/nextcloud-testing.setevoy.org.ua/phptest.php

Check if PHP works now:

Change directories owner:

root@nextcloud-testing:~# chown -R www-data:www-data /var/www/html/
root@nextcloud-testing:~# chown -R www-data:www-data /data/nextcloud

MariaDB

Install the MariaDB server:

root@nextcloud-testing:~# apt install -y mariadb-server

Again – as this is testing installation – you can skip the next step, but on a real one – execute the mysql_secure_installation:

root@nextcloud-testing:~# mysql_secure_installation

For now, just connect to MySQL and create NextCloud’s database for its settings and users:

root@nextcloud-testing:~# mysql
...
MariaDB [(none)]>

Create the database:

MariaDB [(none)]> create database nextcloud;
Query OK, 1 row affected (0.00 sec)

User and permissions to this database:

MariaDB [(none)]> grant all privileges on nextcloud.* to 'nextcloud'@'localhost' identified by 'password';
Query OK, 0 rows affected (0.00 sec)

Exit and check if user can access the database:

root@nextcloud-testing:~# mysql -u nextcloud -ppassword -e 'show databases'
+--------------------+
| Database           |
+--------------------+
| information_schema |
| nextcloud          |
+--------------------+

NextCloud installation

Download an installer:

root@nextcloud-testing:~# cd  /var/www/html/nextcloud-testing.setevoy.org.ua/
root@nextcloud-testing:/var/www/html/nextcloud-testing.setevoy.org.ua# wget https://download.nextcloud.com/server/installer/setup-nextcloud.php
--2019-03-17 12:36:14--  https://download.nextcloud.com/server/installer/setup-nextcloud.php
...
2019-03-17 12:36:14 (4.90 MB/s) - ‘setup-nextcloud.php’ saved [148203/148203]

Open thesetup-nextcloud.php file in a browser:

And begin the installation process – here is just set the dot to install to the /var/www/html/nextcloud-testing.setevoy.org.ua/ directory:

Check files:

root@nextcloud-testing:/var/www/html/nextcloud-testing.setevoy.org.ua# ls -l
total 444
drwxr-xr-x 32 www-data www-data   4096 Mar 17 12:41 3rdparty
drwxr-xr-x 38 www-data www-data   4096 Mar 17 12:41 apps
-rw-r--r--  1 www-data www-data  12063 Mar 17 12:41 AUTHORS
...
drwxr-xr-x  2 www-data www-data   4096 Mar 17 12:41 updater
-rw-r--r--  1 www-data www-data    362 Mar 17 12:41 version.php

Add a new user, set data directory (/data/nextcloud), and MySQL connection details:

Ready:

NextCloud client on Arch Linux

Install client:

sudo pacman -S nextcloud-client

Or an alternative version from AUR (didn’t noticed any difference)

yay -S nextcloud-client-git

Run it – nextcloud:

Connect and log in:

Set the connection and synchronization settings (can leave default):

Press Connect:

And here is your Nextcloud directory in your home catalog:

Data via WebUI:

NextCloud mobile client

For Android install with the Google Play:

And the same steps to connect and log in:

I’ll not use the calendar and other NextCloud’s capabilities, just data sync.

Data will be stored in a /data/nextcloud/%USERNAME%/files:

root@nextcloud-testing:~# find /data/ -name Nextcloud.png
/data/nextcloud/admin/files/Nextcloud.png

Done.