This article was updated on 12/20/2020 to reflect the latest recommended Ubuntu edition in accordance to NextCloud Recommendations.
NextCloud is a self-hosted productivity platform that offers the industry-leading, on-premise content collaboration platform.
It is an alternative of Dropbox or Google Drive, but it can be installed in your server, and your data remains under your control.
You can use NextCloud to share and collaborate on documents, send and receive email, manage your calendar, and have video chats without data leaks.
While we are working on One-Click Nextcloud install into our RunCloud panel, this technical article will help you.
It is only for technical folks as there is no easy way to do it at the moment.
In this post, we will discuss how to install NextCloud using RunCloud with complete setup process.
1. Get Your Cloud Server And Connect To RunCloud
Cloud server is the best choice when you want to run your NextCloud instance.
Five dollar ($5) cloud server from DigitalOcean / Linode / Vultr / UpCloud / other provider is enough to start using NextCloud.
Once your NextCloud begins to receive more traffic and data, and it needs to utilize additional server resources, you can increase the resources (RAM/CPU/Disk Space) of your cloud server easily at anytime.
Quick guide on how to setup and connect your server to RunCloud
NextCloud server requirements:
- Operating System : Ubuntu 20.04 LTS (recommended)
- Database : MySQL 5.7+ or MariaDB 10.2+ (recommended)
- Webserver : Apache 2.4 with
mod_php
orphp-fpm
(recommended) - PHP Runtime : 7.3 or 7.4 (recommended)
RunCloud supports all recommended server requirements of NextCloud.
2. Create PHP Web Application In RunCloud
After setting up and connecting your server to RunCloud, create a PHP web application to install NextCloud.
Using RunCloud, you can create multiple website (web applications) on one server.
You can install NextCloud on the same server where you host your other websites using RunCloud.
Go to the “Web Application” menu under your server in RunCloud and select “Custom Web Application” button.
Let’s create your PHP web application for NextCloud.
For “Web Application Name“, you can use “nextcloudapp” or a name that lets you know identify this web application easily.
For “Domain name“, you can use your own domain or subdomain.
It is possible to install NextCloud using RunCloud’s test domain for testing only. If you want to play with this tutorial without having to setup your own domain or subdomain, then use RunCloud test domain.
Quick guide on how to add your domain/subdomain.
Don’t worry, you can always change from our free domain to your own domain at a later time, but you will need to perform an extra step to configure DNS record and wait for DNS propagation.
For “Web Application Owner“, you can create new “nextclouduser” system user.
It is best practice to use different system users for different web applications on the same server, for an extra security benefit.
For “PHP Version“, you can select PHP7.3 to install NextCloud latest release.
NextCloud support PHP7.3 and PHP7.4 officially. For this tutorial we will use PHP7.3 and feel free if you want to use PHP7.4 for your NextCloud.
For “Web Application Stack“, you can choose “Nginx + Apache2 Hybrid” to allow usage of the .httaccess file in NextCloud.
Please click the “Advanced Settings” checkbox to configure some extra settings to make your NextCloud installation run smoothly.
For “Clickjacking Protection“, please uncheck this option.
For “Mime Sniffing Protection“, please uncheck this option.
For date.timezone, you can select your current timezone where you run your business.
For disable_functions, it is optional, you can remove ignore_user_abort, set_time_limit, and all php_posix functions from the list.
To make it easier for you, you can replace all the disable_functions with the text below.
getmyuid,passthru,leak,listen,diskfreespace,tmpfile,link,shell_exec,dl,exec,system,highlight_file,source,show_source,fpassthru,virtual,proc_open,proc_close,proc_nice,proc_terminate,escapeshellcmd,ini_alter,popen,pcntl_exec,socket_accept,socket_bind,socket_clear_error,socket_close,socket_connect,curl_multi_exec,symlink,ini_alter,socket_listen,socket_create_listen,socket_read,socket_create_pair,stream_socket_server
For max_execution_time, please increase the value to 60 (or higher) to avoid any timeout / error issue on the installation process.
You can always change the max_execution_time value anytime on web application Settings page.
For memory_limit, please enter 512 value because NextCloud requires a minimum 512MB memory to run properly.
Then click the “Add Web Application” button to create your PHP web application for NextCloud.
3. Secure NextCloud With HTTPS
Once your domain or subdomain is fully propagated, you can secure your website with HTTPS.
RunCloud provides free Let’s Encrypt SSL/TLS for all websites in your RunCloud server.
Quick guide on how to secure your website with HTTPS (Let’s Encrypt SSL/TLS)
IMPORTANT! When adding Let’s Encrypt SSL/TLS to your NextCloud web application, please make sure to enable the “HSTS” option because NextCloud highly recommends it for you.
4. Prepare NextCloud Installer
There are two ways to prepare NextCloud installer:
- Download NextCloud installer files and upload it to your web application using SFTP.
- Download and extract NextCloud installer files using SSH.
We will show you the second way, using SSH.
4.1. Login To Your Server
You need to login to your server using SSH from either Terminal (Mac/Linux) or PowerShell/Putty (Windows).
If you want to login using password, not using SSH key, you will need to change the password of “nextclouduser” system user that you have created from System User menu.
If you use Terminal, you can run this command to login to your server.
ssh nextclouduser@<youripaddress>
You will login to your server using “nextclouduser” system user, not root. Please change “youripaddress” with the IP Address of your server.
WARNING: Please do not login using “root” in order to avoid any file/folder permission issue.
4.2 Download and Extract NextCloud Installer
Change the working directory to your “nextcloudapp” web application root path.
cd webapps/nextcloudapp
Download the NextCloud script. The download might be a bit slow. Just wait for it to finish.
wget https://download.nextcloud.com/server/releases/latest.zip -O nextcloud.zip
Unzip/extract the downloaded file.
unzip nextcloud.zip
Move installer files from nextcloud directory to the main web app directory
mv nextcloud/* .
Move .htaccess file from nextcloud directory to the main web app directory
mv nextcloud/.htaccess .
Move .user.ini file from nextcloud directory to the main web app directory
mv nextcloud/.user.ini .
4.3. Cleanup NextCloud Installer
We need to clean up some files in the directory to make the installation process run smoothly.
Remove default index.html file from RunCloud.
rm index.html
Remove nextcloud directory
rm -rf nextcloud
Remove nextcloud.zip file
rm -rf nextcloud.zip
5. Run NextCloud Installer
After preparing your NextCloud installer, you can visit your domain or subdomain where you install NextCloud.
5.1. Create Admin Account
You can create your NextCloud admin account here.
Make sure to use a very strong password to secure your admin account.
Please do not click “Finish Setup” button after entering your NextCloud admin account.
You need to click “Storage & database” to setup your database.
5.2. Storage & Database Setup
NextCloud provides two options for the database, either SQLite or MySQL/MariaDB.
For production site, you have to use MySQL/MariaDB for your database.
Go to “Database” menu under your server in RunCloud to create your MySQL database for NextCloud.
Click “Create Database” button and create new “nextclouddb” database.
Click “Create Database User” button and create new “nextclouddbuser” database user.
Then click “Grant User” button in your “nextclouddb” database to connect it to “nextclouddbuser” user.
Now, you can input database user, database user password, and database name to NextCloud installation.
5.3. Install Recommended Apps
You can choose to enable “Install recommended apps” option when installing NextCloud.
NextCloud will start installing all recommended apps for you.
When you see NextCloud dashboard welcome screen, it means you have installed NextCloud successfully!
6. NextCloud Extra Setup
NextCloud has security and setup warnings where it does some automatic checks. It’s important for the security and performance of your NextCloud instance that everything is configured correctly.
Go to Settings menu from top right menu, then visit Administration – Overview page.
Ideally, you should see the green “All check passed” for security and setup warning section.
But, after installing NextCloud, usually you will see some warnings with three different colors,
- red (error)
- yellow (warning)
- black (notice)
We will guide you to see “All checks passed” to get perfect NextCloud installation using RunCloud.
6.1. Error – File Integrity Check
NextCloud has file integrity check feature to see if there is any issue with your NextCloud core files, or there is other file in your NextCloud installation that it is not related NextCloud.
This is very nice feature because it will help you to make sure that your NextCloud installation is clean and secure.
If there is any issue, you will see this error message.
Some files have not passed the integrity check. Further information on how to resolve this issue can be found in the documentation. (List of invalid files… / Rescan…)
You can click “List of invalid files..” to check the issue here.
If you follow our instructions exactly when preparing NextCloud installer, you should not see this error message, because it is fully tested and the best practice from RunCloud Team.
If not, you will see some errors in file integrity check, for example:
- Invalid hash : .htaccess
- Missing file : .user.ini
- Extra file : nextcloud.zip
To solve this issue, you just need to go back to “Cleanup NextCloud Installer” above, and run some commands to fix it.
Click “Rescan…” after you fix the issue.
6.2. Error – Background Job Execution (Cron Job)
If your website still gets minimal traffic, you will probably see this error message on the automatic check process.
Last background job execution ran X hours ago. Something seems wrong. Check the background job settings
It is because a default NextCloud installation will use the “Ajax” method for background job execution. We recommend setting a cron job for NextCloud.
Go to Settings – Administration – Basic Settings – Background Jobs, choose Cron option.
Then go to RunCloud dashboard panel, select your server, go to “Cron Job” menu, and click “Create” button to setup cron job.
For “Job Label”, add nextcloudcron.
For “User”, add nextclouduser, your system user for this NextCloud web app.
For “Vendor Binary”, select /RunCloud/Packages/php73rc/bin/php because you use PHP7.3 for this NextCloud web app.
For “Command”, copy paste this command below.
-f /home/nextclouduser/webapps/nextcloudapp/cron.php
NOTE: Please update this command if you use different system user (not nextclouduser) and web application name (not nextcloudapp).
NextCloud recommends running this cron job every five minutes, please enter */5 in “Minute” setting, then click “Add Cron Job” button.
Please wait 5 minutes then check NextCloud security and setup warning section again. The error message should disappear. If not, there is something in your cron job creation, please review and edit your cron job.
6.3. Warning – Some PHP functions is not available
NextCloud requires some PHP functions to run properly. If there are any unavailable PHP function, you will probably see this warning message.
The PHP function “set_time_limit” is not available. This could result in scripts being halted mid-execution, breaking your installation. Enabling this function is strongly recommended.
If you follow our instructions exactly when creating a PHP web application above, you should not see this warning message at all, as we provided the PHP functions necessary for the process.
To fix this issue, go to RunCloud dashboard panel, select your server, click Web Application menu, click your “nextcloudapp” web application, then click “Settings” menu of this web app.
Scroll to find disable_functions option and copy paste with the text below.
getmyuid,passthru,leak,listen,diskfreespace,tmpfile,link,shell_exec,dl,exec,system,highlight_file,source,show_source,fpassthru,virtual,proc_open,proc_close,proc_nice,proc_terminate,escapeshellcmd,ini_alter,popen,pcntl_exec,socket_accept,socket_bind,socket_clear_error,socket_close,socket_connect,curl_multi_exec,symlink,ini_alter,socket_listen,socket_create_listen,socket_read,socket_create_pair,stream_socket_server
Click “Update Web Application Settings” button.
Then you can check NextCloud security and setup warning section again. The warning message should disappear.
6.4. Warning – PHP Memory Limit
NextCloud recommend to have minimum 512MB for PHP memory limit. If it is below 512MB, you will see this warning message.
The PHP memory limit is below the recommended value of 512MB.
If you follow our instructions exactly when creating PHP web application above, you should not see this warning message, because we have increased PHP memory limit on this process.
To fix this issue, go to RunCloud dashboard panel, select your server, click Web Application menu, click your “nextcloudapp” web application, then click “Settings” menu of this web app.
Scroll to find “memory_limit” option and make sure to enter at least 512 for this option.
Click “Update Web Application Settings” button. Then you can check NextCloud security and setup warning section again. The warning message should disappear.
6.5. Warning – “X-Content-Type-Options” HTTP Header
It is possible if you see this warning message on NextCloud automatic check.
The “X-Content-Type-Options” HTTP header is not set to “nosniff”. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.
If you follow our instructions exactly when creating PHP web application above, you should not see this warning message, because we have set the HTTP header to nosniff in this process.
To fix this issue, go to RunCloud dashboard panel, select your server, click Web Application menu, click your “nextcloudapp” web application, then click “Settings” menu of this web app.
Scroll to find “Mime Snipping Protection” option and make sure to uncheck this option.
Click “Update Web Application Settings” button. Then you can check NextCloud security and setup warning section again. The warning message should disappear.
6.6. Warning – “X-Frame-Options” HTTP Header
It is possible if you see this warning message on NextCloud automatic check.
The “X-Frame-Options” HTTP header is not set to “SAMEORIGIN”. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.
If you follow our instructions exactly when creating PHP web application above, you should not see this warning message, because we have set the HTTP header to SAMEORIGIN in this process.
To fix this issue, go to RunCloud dashboard panel, select your server, click Web Application menu, click your “nextcloudapp” web application, then click “Settings” menu of this web app.
Scroll to find “Clickjacking Protection” option and make sure to uncheck this option.
Click “Update Web Application Settings” button. Then you can check NextCloud secuirty and setup warning section again. The warning message should disappear.
6.7. Warning – “Strict-Transport-Security” HTTP Header
If you choose “Enable HTTP access” option when adding Let’s Encrypt SSL/TLS to your webapp, you will probably see this warning message.
The “Strict-Transport-Security” HTTP header is not set to at least “15552000” seconds. For enhanced security, it is recommended to enable HSTS as described in the security tips.
To fix this issue, go to RunCloud dashboard panel, select your server, click Web Application menu, click your “nextcloudapp” web application, then click “SSL/TLS” menu of this web app.
Make sure to enable HSTS option and click “Update” button.
Then you can check NextCloud security and setup warning section again in the next few minutes. The warning message should disappear.
6.8. CalDAV and CardDAV Service Discovery
Some clients – especially on iOS/macOS – have problems finding the proper sync URL, even when explicitly configured to use it.
We can use CalDAV or CardDAV clients or other clients that require service discovery together with Nextcloud.
If you still do not have a correct working setup of CalDAV or CardDAV, you will see this warning message on NextCloud automated checks.
Your web server is not properly set up to resolve “/.well-known/caldav”. Further information can be found in the documentation.
Your web server is not properly set up to resolve “/.well-known/carddav”. Further information can be found in the documentation.
To fix this issue, go to RunCloud dashboard panel, select your server, click Web Application menu, click your “nextcloudapp” web application, then click “NGINX Config” menu of this web app.
Click “Create Config” button and follow the steps below.
For “Type” option, make sure to select “location.main” value.
For “Config Name” option, you can use “nextcloudconfig” value.
For “Config Content” textarea, copy & paste text below:
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
You can click “Run and Debug” to see if there are any issue with this custom config.
Click “Add Config” button to finish it.
Check NextCloud security and setup warning section again. The warning message should disappear.
6.9. Redis Memory Cache
You can significantly improve your Nextcloud server performance with memory caching, where frequently-requested objects are stored in memory for faster retrieval.
From NextCloud documentation, there are two types of caches to use: a PHP opcode cache, which is commonly called opcache, and data caching for your Web server. If you do not install and enable a local memcache, you will see a warning on your Nextcloud admin page.
No memory cache has been configured. To enhance performance, please configure a memcache, if available. Further information can be found in the documentation.
A memcache is not required and you may safely ignore the warning if you prefer.
When you use NextCloud with RunCloud, you can use Redis / Memcached for memory cache. For best practice, we will use Redis.
First, go to RunCloud dashboard panel, select your server, then click “Service” menu of this server.
Redis has been installed by RunCloud for your server, you only need to start it.
Second, go to RunCloud dashboard panel, select your server, click Web Application menu, click your “nextcloudapp” web application, then click “File Manager” menu of this web app.
Edit config/config.php file inside your NextCloud installation to add the code for Redis memory cache to your config.php file.
'memcache.local' => '\OC\Memcache\Redis',
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => [
'host' => '127.0.0.1',
'port' => 6379,
],
You need to insert this code inside the config array value, not at the bottom of config.php file. If you are not familiar with arrays in PHP, please check example below.
Save this file and check NextCloud security and setup warning section again. The warning message should disappear.
6.10. Redis-based Transactional File Locking
File locking is enabled by default, using the database locking backend. This places a significant load on your database.
Using memcache.locking
relieves the database load and improves performance. You can use Redis-based transactional file locking.
Actually, when you follow instruction to enable Redis memory cache, we also silently include Redis-based transactional file locking by adding this line to config.php file above.
'memcache.locking' => '\OC\Memcache\Redis',
6.11. Tune PHP-FPM
NextCloud recommends to use following values to tune up your PHP-FPM Process.
pm = dynamic
pm.max_children = 120
pm.start_servers = 12
pm.min_spare_servers = 6
pm.max_spare_servers = 18
If you want to use the recommended values, go to RunCloud dashboard panel, select your server, click Web Application menu, click your “nextcloudapp” web application, then click “Settings” menu of this web app.
Scroll down to find “FPM Settings” section and you can update to values to follow recommended value above.
6.12. Using The “occ” Command-Line Interface
NextCloud has occ
command-line interface that you can use to perform many common server operations, such as installing and upgrading Nextcloud, manage users, encryption, passwords, LDAP setting, and more.
You can read more about using occ
in NextCloud documentation.
For now, let’s make it very simple to use it in RunCloud.
First, login to your server as “nextclouduser” system user that you use to install this NextCloud app, not root.
ssh nextclouduser@<youripaddress>
NOTE: Please do not login as “root” to run occ
command.
Second, change the working directory to your “nextcloudapp” web application root path.
cd webapps/nextcloudapp
Third, you are ready to run occ
command. For first start, run this command.
php occ
You will see the list of available commands when running this simple command.
For example, it is possible if you see this kind of warning message on NextCloud automated checks.
The database is missing some indexes. Due to the fact that adding indexes on big tables could take some time they were not added automatically. By running “occ db:add-missing-indices” those missing indexes could be added manually while the instance keeps running. Once the indexes are added queries to those tables are usually much faster.
It could be due to some technical issue on installation process.
Now, it is very clear for you how to fix this issue, by running this occ
command
php occ db:add-missing-indices
It is very simple.
Note: when running php
from command line, it is called PHP-CLI, that has been installed in your RunCloud server in server level, not web app level.
If you want to change the version of PHP-CLI in your server, you can go to PHP-CLI menu in your RunCloud, and choose the version that you want to use in your server.
6.13. Pretty URLs (Remove index.php-part in all URLs)
Pretty URLs remove the index.php
-part in all Nextcloud URLs, making URLs shorter and thus prettier.
You can insert this variable to config.php file, similar process with adding Redis variable above.
'htaccess.RewriteBase' => '/',
Then please run this occ command line to update your .htaccess file.
php occ maintenance:update:htaccess
Now, logout from NextCloud dashboard and login again. You will not see index.php
-part in all Nextcloud URLs anymore.
6.14. Enable PHP Opcache
The PHP Opcache improves the performance of PHP applications by caching precompiled bytecode.
NextCloud recommends at least the following settings:
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
Actually, RunCloud has enabled PHP Opcache by default. But, it is not exactly same with recommended settings from NextCloud.
This is the reason why you see this warning message on NextCloud automated checks.
The PHP OPcache is not properly configured. For better performance it is recommended to use the following settings in the php.ini
PHP Opcache is optional / not required and you may safely ignore the warning if you prefer.
If you want to follow exactly the recommended settings from NextCloud, you can follow this steps.
First, login to your server, but now you have to login as root user.
ssh root@<youripaddress>
Second, you have to edit opcache.ini file. For example run this command line to edit this file using nano app.
nano /etc/php73rc/conf.d/opcache.ini
Adjust the value of Opcache parameter using the recommended value above.
Press CTRL+X to save and exit nano app. Then run this command line to reload your PHP-FPM.
systemctl reload php73rc-fpm
Then you can check NextCloud security and setup warning section again. The warning message should disappear.
6.17. Enable Imagick (ImageMagick PHP Extension)
NextCloud use Imagick for preview generation process.
When Imagick is not available, you will probably see this warning message on NextCloud automated checks.
This instance is missing some recommended PHP modules. For improved performance and better compatibility it is highly recommended to install them.
– imagick
Imagick is optional / not required and you may safely ignore the warning if you prefer.
Quick guide on how to install Imagick (ImageMagick PHP Extension) in RunCloud
6.18. PHP Memory Limit Warning in PHP-CLI
When running occ
command, you will probably see memory limit warning.
This warning only appears on command line, not in NextCloud automated checks.
Why does it happen?
It is because PHP-CLI use different php.ini value, your NextCloud app already use 512MB memory limit that has been configured from web application Settings page in RunCloud, in web application level.
You can ignore this warning because this warning is only on PHP-CLI when running occ
command.
But if you want perfect NextCloud setup with RunCloud and do not want to see this warning message, you can fix it by following steps.
First, login to your server, but now you have to login as root user.
ssh root@<youripaddress>
Second, you have to edit the main php.ini file for specific PHP version that you are using. For example run this command line to edit this file using nano app.
nano /etc/php73rc/php.ini
Scroll until you find memory_limit parameter and edit the value to be 512M.
Press CTRL+X to save and exit nano app. Then run this command line to reload your PHP-FPM.
systemctl reload php73rc-fpm
You can try to run occ
command again. The warning message should disappear now in your PHP-CLI.
7. Summary
If you want to run your own version of Dropbox or Google Drive on your server for your own team or business, NextCloud is the solution for you to share and collaborate on documents, send and receive email, manage your calendar and have video chats without data leaks.
Are you using NextCloud with RunCloud? Do not hesitate to share your experience with us.
Categories: Content Management System, Tips & Tricks, Tutorials
This is an awesome guide. Thank you!!