CentOS CentOS Server Content Linux Nextcloud Red Hat Red Hat Server redhat Self Hosted

How to Install NextCloud on RHEL 8/CentOS 8 with Nginx (LEMP Stack)

install nextcloud on RHEL 8

This tutorial might be displaying you ways to set up NextCloud on RHEL 8/CentOS 8 server with Nginx.

What’s NextCloud?

NextCloud is a free open-source self-hosted cloud storage answer. It’s functionally comparable to Dropbox. Proprietary cloud storage options (Dropbox, Google Drive, and so forth) are handy, however at a worth: they can be utilized to acquire private knowledge as a result of your information are saved on some else’s pc. Should you frightened about privateness, you’ll be able to change to NextCloud, which you’ll be able to set up on your personal residence server or on a digital personal server (VPS). You’ll be able to add your information to your server by way of NextCloud after which sync these information to your desktop pc, laptop computer or sensible telephone. This manner you might have full management of your knowledge.

NextCloud Options

  • Free and open-source
  • Finish-to-end encryption, which means information could be encrypted on shopper gadget earlier than uploaded to the server, so even when somebody steals your server, they cannot see your information.
  • Could be built-in with an internet workplace suite (Collobora, OnlyOffice) so you possibly can create and edit your doc, ppt, xls information immediately from NextCloud.
  • The app retailer accommodates a whole lot of apps to prolong performance (like calendar app, notes-taking app, video conferencing app, and so on).
  • The sync shopper can be found on Linux, MacOS, Home windows, iOS and android.

Conditions

NextCloud is written in PHP programing language. To comply with this tutorial, you first want to set up LEMP stack on RHEL 8/CentOS 8. In the event you haven’t already accomplished so, please take a look at the next tutorial.

You’ll be able to set up NextCloud on your house server or a VPS (digital personal server).  You additionally want a website identify. I registered my area identify from NameCheap as a result of the worth is low they usually give whois privateness safety free for all times.

This tutorial makes use of root account to handle administration duties. To modify to root, run the next command and enter root password.

su –

Now let’s set up NextCloud on the server.

Step 1: Obtain NextCloud 14 on RHEL 8/CentOS 8 Server

Log into your RHEL 8/CentOS 8 server. Then obtain the NextCloud zip archive onto your server. The newest secure model is 14.zero.four at time of this writing. Chances are you’ll want to change the model quantity. Go to https://nextcloud.com/install and click on the obtain server button to see the newest model.

You’ll be able to run the next command to obtain it on your server. The obtain hyperlink is all the time out there within the format under. If a brand new model comes out, merely substitute 14.zero.four with the brand new model quantity.

wget https://download.nextcloud.com/server/releases/nextcloud-14.0.4.zip

As soon as downloaded, extract the archive with unzip.

yum set up unzip

unzip nextcloud-14.zero.four.zip -d /usr/share/nginx/html/

The -d choice specifies the goal listing. NextCloud net information might be extracted to /usr/share/nginx/nextcloud/.  Then we’d like to change the proprietor of this listing to nginx in order that Nginx net server can write to this listing.

chown nginx:nginx /usr/share/nginx/html/nextcloud/ -R

Step 2: Create a Database and Consumer in MariaDB

Log into MariaDB database server with the next command. You’ll need to enter the MariaDB root password to login.

mysql -u root -p

Then create a database for Nextcloud. This tutorial identify the database nextcloud. You need to use no matter identify you want.

create database nextcloud;

Create the database consumer. Once more, you need to use your most popular identify for this consumer. Exchange your-password with your most popular password.

create consumer nextclouduser@localhost recognized by ‘your-password’;

Grant this consumer all privileges on the nextcloud database.

grant all privileges on nextcloud.* to nextclouduser@localhost recognized by ‘your-password’;

Flush privileges and exit.

flush privileges;

exit;

Step three: Create a Nginx Config File for Nextcloud

Create a nextcloud.conf file in /and so forth/nginx/conf.d/ listing. I exploit the Nano command line textual content editor on this article.

nano /and so forth/nginx/conf.d/nextcloud.conf

Put the next textual content into the file. Exchange the red-colored textual content with your precise knowledge. In your DNS supervisor, create a sub-domain in your NextCloud server like nextcloud.your-domain.com and don’t overlook to set A report for the sub-domain.

server
pay attention 80;
server_name nextcloud.your-domain.com;

# Add headers to serve safety associated headers
add_header X-Content material-Sort-Choices nosniff;
add_header X-XSS-Safety “1; mode=block”;
add_header X-Robots-Tag none;
add_header X-Obtain-Choices noopen;
add_header X-Permitted-Cross-Area-Insurance policies none;

#This header is already set in PHP, so it’s commented out right here.
#add_header X-Body-Choices “SAMEORIGIN”;

# Path to the basis of your set up
root /usr/share/nginx/html/nextcloud/;

location = /robots.txt
permit all;
log_not_found off;
access_log off;

# The next 2 guidelines are solely wanted for the user_webfinger app.
# Uncomment it in case you’re planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta final;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
# final;

location = /.well-known/carddav
return 301 $scheme://$host/distant.php/dav;

location = /.well-known/caldav
return 301 $scheme://$host/distant.php/dav;

location ~ /.well-known/acme-challenge
permit all;

# set max add measurement
client_max_body_size 512M;
fastcgi_buffers 64 4K;

# Disable gzip to keep away from the removing of the ETag header
gzip off;

# Uncomment in case your server is construct with the ngx_pagespeed module
# This module is at present not supported.
#pagespeed off;

error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;

location /
rewrite ^ /index.php$uri;

location ~ ^/(?:construct|checks|config|lib|3rdparty|templates|knowledge)/
deny all;

location ~ ^/(?:.|autotest|occ|problem|indie|db_|console)
deny all;

location ~ ^/(?:index|distant|public|cron|core/ajax/replace|standing|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34]).php(?:$|/)
embrace fastcgi_params;
fastcgi_split_path_info ^(.+.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
#Keep away from sending the safety headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;

location ~ ^/(?:updater|ocs-provider)(?:$|/)
try_files $uri/ =404;
index index.php;

# Including the cache management header for js and css information
# Make certain it’s BELOW the PHP block
location ~* .(?:css|js)$
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Management “public, max-age=7200”;
# Add headers to serve safety associated headers (It’s meant to
# have these duplicated to those above)
add_header X-Content material-Sort-Choices nosniff;
add_header X-XSS-Safety “1; mode=block”;
add_header X-Robots-Tag none;
add_header X-Obtain-Choices noopen;
add_header X-Permitted-Cross-Area-Insurance policies none;
# Non-compulsory: Do not log entry to belongings
access_log off;

location ~* .(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$
try_files $uri /index.php$uri$is_args$args;
# Non-compulsory: Do not log entry to different belongings
access_log off;

In nano textual content editor, press Ctrl+O to save the file. Then press Enter to affirm. Press Ctrl+X to exit. Then check Nginx configuration.

nginx -t

If the check is profitable, reload Nginx for the modifications to take impact.

systemctl reload nginx

Step four: Install and Allow PHP Modules

Run the next instructions to set up PHP modules required or advisable by NextCloud.

yum set up php-imagick php-common php-gd php-json php-curl php-zip php-xml php-mbstring php-bz2 php-intl

We additionally want to inform SELinux to permit PHP-FPM to use execmem.

setsebool -P httpd_execmem 1

Then reload PHP-FPM

systemctl reload php-fpm

Step 5: Establishing SELinux Entry Coverage

First, permit Nginx and PHP-FPM to learn and write to the /usr/share/nginx/html/nextcloud/ listing.

semanage fcontext -a -t httpd_sys_rw_content_t ‘/usr/share/nginx/html/nextcloud/’

restorecon -v ‘/usr/share/nginx/html/nextcloud/’ -R

setsebool -P httpd_unified 1

By default, SELinux forbids Nginx to make community requests to different servers, however later Nginx wants to request TLS certificates standing from Let’s Encrypt CA server, so we’d like to inform SELinux to permit Nginx with the next command.

setsebool -P httpd_can_network_connect 1

Step 6: Allow HTTPS

Now you’ll be able to entry the Nextcloud net set up wizard in your browser by getting into the area identify on your Nextcloud set up.

nextcloud.your-domain.com

nextcloud centos 8

If the online web page can’t load, you in all probability want to open port 80 in firewall.

firewall-cmd –permanent –zone=public –add-service=http

And port 443 as properly.

firewall-cmd –permanent –zone=public –add-service=https

The –permanent choice will make this firewall rule persistent throughout system reboots. Subsequent, reload the firewall daemon for the change to take impact.

systemctl reload firewalld

Now the NextCloud set up wizard ought to be loaded efficiently. Earlier than getting into any delicate info, we should always allow safe HTTPS connection on Nextcloud. We will get hold of a free TLS certificates from Let’s Encrypt.

Obtain Let’s Encrypt shopper certbot-auto from EFF web site.

wget https://dl.eff.org/certbot-auto

Give execute permission.

chmod a+x certbot-auto

Transfer it to consumer’s PATH, like /usr/native/bin/ and rename it to certbot.

sudo mv certbot-auto /usr/native/bin/certbot

We additionally want to set up the virtualenv Python package deal in order that Certbot can create a digital setting.

pip3 set up virtualenv

Now we will use certbot command to get hold of a free TLS certificates utilizing the Nginx plugin.

certbot –nginx –agree-tos –redirect –hsts –staple-ocsp –email your-email-address -d nextcloud.your-domain.com

The place:

  • –nginx: Use the Nginx authenticator and installer
  • –agree-tos: Agree to Let’s Encrypt phrases of service
  • –redirect: Add 301 redirect in order that HTTP requests will probably be redirected to HTTPS.
  • –hsts: Add the Strict-Transport-Safety header to each HTTP response.
  • –staple-ocsp: Allows OCSP Stapling to enhance efficiency and consumer privateness.
  • -d flag is adopted by an inventory of domains, separated by comma. You possibly can add up to 100 domains.
  • –e mail: E mail used for registration and restoration contact.

If this can be a first run on RHEL 8/CentOS 8 system, you could be requested to set up some dependency packages. Press y to proceed.

nextcloud centos 8 certbot

You’ll be requested if you need to obtain emails from EFF(Digital Frontier Basis). After selecting Y or N, your TLS certificates will probably be mechanically obtained and configured for you, which is indicated by the message under.

rhel 8 certbot dns cloudflare

End the Set up in your Net Browser

Now you’ll be able to entry the Nextcloud net set up wizard utilizing HTTPS connection. To finish the set up, you want to create an admin account, enter the trail of Nextcloud knowledge folder, enter database particulars created earlier. You need to use the default localhost as host handle, or you possibly can enter localhost:3306, as MariaDB listens on port 3306.

nextcloud centos 8 nginx

As soon as it’s accomplished, you will notice the Net interface of Nextcloud. Congrats! You can begin utilizing it as your personal cloud storage.

nextcloud rhel 8

I hope this tutorial helped you put in NextCloud on RHEL 8/CentOS 8 server. As all the time, should you discovered this submit helpful, then subscribe to our free publication to get extra ideas and tips. Take care 🙂

Fee this tutorial

[Total: 0 Average: 0]

(perform(d, s, id)
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = “//connect.facebook.net/zh_CN/sdk.js#xfbml=1&version=v2.8&appId=961591023917170”;
fjs.parentNode.insertBefore(js, fjs);
(doc, ‘script’, ‘facebook-jssdk’));