Install NextCloud on Ubuntu 18.04 with Nginx (LEMP Stack)

This tutorial will be showing you how to install NextCloud on Ubuntu 18.04 LTS with Nginx web server.

Note: Ubuntu 20.04 users should follow this guide instead: Install NextCloud on Ubuntu 20.04 with Nginx (LEMP Stack)

What’s NextCloud?

NextCloud is a free open-source self-hosted cloud storage solution. It’s functionally similar to Dropbox. Proprietary cloud storage solutions (Dropbox, Google Drive, etc) are convenient, but at a price: they can be used to collect personal data because your files are stored on their computers. If you worried about privacy, you can switch to NextCloud, which you can install on your private home server or on a virtual private server (VPS). You can upload your files to your server via NextCloud and then sync those files to your desktop computer, laptop or smart phone. This way you have full control of your data.

NextCloud Features

  • Free and open-source
  • End-to-end encryption, meaning files can be encrypted on client device before uploaded to the server, so even if someone steals your server, they can not see your files.
  • Can be integrated with an online office suite (Collobora, OnlyOffice) so you can create and edit your doc, ppt, xls files directly from NextCloud.
  • The app store contains hundreds of apps to extend functionality (like calendar app, notes-taking app, video conferencing app, etc).
  • The sync client are available on Linux, macOS, Windows, iOS, and android.

Prerequisites

NextCloud is written in PHP programing language. To follow this tutorial, you first need to install LEMP stack on Ubuntu 18.04. If you haven’t already done so, please check out the following tutorial.

  • How to Install LEMP Stack (Nginx, MariaDB, PHP7.2-FPM) on Ubuntu 18.04

You can install NextCloud on your home server or a VPS (virtual private server).  You also need a domain name. I registered my domain name from NameCheap because the price is low and they give whois privacy protection free for life.

Now let’s install NextCloud.

Step 1: Download NextCloud on Ubuntu 18.04

Login into your Ubuntu 18.04 server. Then download the NextCloud zip archive onto your server. The latest stable version is 13.0.2 at time of this writing. You may need to change the version number. Go to https://nextcloud.com/install and click the download button to see the latest version.

You can run the following command to download it on your server.

wget https://download.nextcloud.com/server/releases/nextcloud-13.0.2.zip

You can always use the above URL format to download NextCloud. If a new version comes out, simply replace 13.0.2 with the new version number.

Once downloaded, extract the archive with unzip.

sudo apt install unzip

sudo unzip nextcloud-13.0.2.zip -d /usr/share/nginx/

The -d option specifies the target directory. NextCloud web files will be extracted to /usr/share/nginx/nextcloud/.  Then we need to change the owner of this directory to www-data so that the web server (Nginx) can write to this directory.

sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R

Step 2: Create a Database and User in MariaDB

Log into MariaDB database server with the following command. Since MariaDB is now using unix_socket plugin to authentication user login, there’s no need to enter MariaDB root password. We just need to prefix the mysql command with sudo.

sudo mysql

Alternatively, you can also use this command to login.

sudo mariadb

Then create a database for Nextcloud. This tutorial name the database nextcloud. You can use whatever name you like.

create database nextcloud;

Create the database user. Again, you can use your preferred name for this user. Replace your-password with your preferred password.

create user [email protected] identified by 'your-password';

Grant this user all privileges on the nextcloud database.

grant all privileges on nextcloud.* to [email protected] identified by 'your-password';

Flush privileges and exit.

flush privileges;

exit;

Step 3: Create a Nginx Config File for Nextcloud

Create a nextcloud.conf file in /etc/nginx/conf.d/ directory.

sudo nano /etc/nginx/conf.d/nextcloud.conf

Put the following text into the file. Replace nextcloud.example.com with your own preferred sub-domain. Don’t forget to create DNS A record for this sub-domain in your DNS zone editor. If you don’t have a real domain name, I recommend going to NameCheap to buy one. The price is low and they give whois privacy protection free for life.

server {
    listen 80;
    listen [::]:80;
    server_name nextcloud.your-domain.com;

    # Add headers to serve security related headers
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    add_header Referrer-Policy no-referrer;

    #I found this header is needed on Ubuntu, but not on Arch Linux. 
    add_header X-Frame-Options "SAMEORIGIN";

    # Path to the root of your installation
    root /usr/share/nginx/nextcloud/;

    access_log /var/log/nginx/nextcloud.access;
    error_log /var/log/nginx/nextcloud.error;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;

    location = /.well-known/carddav {
        return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
       return 301 $scheme://$host/remote.php/dav;
    }

    location ~ /.well-known/acme-challenge {
      allow all;
    }

    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;

    # Disable gzip to avoid the removal of the ETag header
    gzip off;

    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;

    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    location / {
       rewrite ^ /index.php;
    }

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
       deny all;
    }
    location ~ ^/(?:.|autotest|occ|issue|indie|db_|console) {
       deny all;
     }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34]).php(?:$|/) {
       include fastcgi_params;
       fastcgi_split_path_info ^(.+.php)(/.*)$;
       try_files $fastcgi_script_name =404;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param PATH_INFO $fastcgi_path_info;
       #Avoid sending the security headers twice
       fastcgi_param modHeadersAvailable true;
       fastcgi_param front_controller_active true;
       fastcgi_pass unix:/run/php/php7.2-fpm.sock;
       fastcgi_intercept_errors on;
       fastcgi_request_buffering off;
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
       try_files $uri/ =404;
       index index.php;
    }

    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* .(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=7200";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        add_header Referrer-Policy no-referrer;
        # Optional: Don't log access to assets
        access_log off;
   }

   location ~* .(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log off;
   }
}

Save and close the file. Test Nginx configuration, then reload Nginx for the changes to take effect.

sudo nginx -t

sudo systemctl reload nginx

Step 4: Install and Enable PHP Modules

Run the following commands to install PHP modules required or recommended by NextCloud.

sudo apt install php-imagick php7.2-common php7.2-mysql php7.2-fpm php7.2-gd php7.2-json php7.2-curl  php7.2-zip php7.2-xml php7.2-mbstring php7.2-bz2 php7.2-intl php7.2-bcmath

Step 5: Enable HTTPS

Now you can access the Nextcloud web install wizard in your browser by entering the domain name for your Nextcloud installation.

nextcloud.your-domain.com

ubuntu 18.04 nextcloud nginx

If the web page can’t load, you probably need to open port 80 in firewall.

sudo iptables -I INPUT -p tcp --dport 80 -j ACCEPT

And port 443 as well.

sudo iptables -I INPUT -p tcp --dport 443 -j ACCEPT

Before entering any sensitive information, we should enable secure HTTPS connection on Nextcloud. We can obtain a free TLS certificate from Let’s Encrypt. Install Let’s Encrypt client (certbot) from Ubuntu 18.04 repository.

sudo apt install certbot python3-certbot-nginx

Python-certbot-nginx is the Nginx plugin. Next, run the following command to obtain a free TLS certificate using the Nginx plugin.

sudo certbot --nginx --agree-tos --redirect --staple-ocsp --email your-email-address -d nextcloud.your-domain.com

Explanation:

  • –nginx: Use the Nginx authenticator and installer
  • –agree-tos: Agree to Let’s Encrypt terms of service
  • –redirect: Add 301 redirect.
  • –staple-ocsp: Enables OCSP Stapling.
  • -d flag is followed by a list of domain names, separated by comma. You can add up to 100 domain names.
  • –email: Email used for registration and recovery contact.

You will be asked if you want to receive emails from EFF(Electronic Frontier Foundation). After choosing Y or N, your TLS certificate will be automatically obtained and configured for you, which is indicated by the message below.

ubuntu 18.04 nextcloud 13

I found that Certbot can’t automatically add HSTS header in the Nginx config file for Nextcloud. If you would like to enable HSTS (HTTP Strict Transport Security), then edit the file.

sudo nano /etc/nginx/conf.d/nextcloud.conf

We can then add the following line in the ssl server block to enable HSTS header.

add_header Strict-Transport-Security "max-age=31536000" always;

Also, you can enable HTTP2 protocol by adding the option http2.

listen 443 ssl http2; # managed by Certbot

Like below.

nextcloud ubuntu 18.04 LEMP

Save and close the file. Then text Nginx configurations.

sudo nginx -t

If the test is successful, reload Nginx for the change to take effect.

sudo systemctl reload nginx

The above configuation will get A+ score on SSL test.

install nextcloud 13 ubuntu 18.04

Finish the Installation in your Web Browser

Now you can access the Nextcloud web install wizard using HTTPS connection. To complete the installation, you need to create an admin account, enter the path of Nextcloud data folder, enter database details created earlier. You can use the default localhost as host address, or you can enter localhost:3306, as MariaDB listens on port 3306.

The data folder is where users’ files are stored. For security, it’s best to place the data directory outside of Nextcloud web root. So instead of storing users’ files under /usr/share/nginx/nextcloud/data/, we can change it to /usr/share/nginx/nextcloud-data. which can be created with the following command:

sudo mkdir /usr/share/nginx/nextcloud-data

Then make sure Nginx user (www-data) has write permission to the data directory.

sudo chown www-data:www-data /usr/share/nginx/nextcloud-data -R

nextcloud ubuntu 18.04 install guide

Once it’s done, you will see the Web interface of Nextcloud. Congrats! You can start using it as your private cloud storage.

setup nextcloud ubuntu nginx

How to Set up NextCloud Email Notification

If your NextCloud instance will be used by more than one person, it’s important that your NextCloud server can send transactional emails, such as password-resetting email. First, you should set an email address for your own account. Go to Settings -> Personal Info and set an email address for your account.

nextcloud email address

Then go to Settings -> Basic settings. You will find the email server settings. There are two send modes: sendmail and smtp. You can choose the sendmail mode if your NextCloud host has an SMTP server running.

nextcloud email server send mode sendmail

If you would like to use an SMTP server running on another host, then choose smtp mode and enter the SMTP server address and login credentials like below. Choose STARTTLS for encryption.

nextcloud email server send mode smtp

For how to set up an email server, please check out the following tutorial:

  • How to easily set up a full-featured mail server on Ubuntu 18.04 with iRedMail

How to Move the Data Directory

In case you need to move the NextCloud data directory, there are 4 steps to accomplish this. First, you need to use the cp command to copy the data directory to the new directory. For example, the mount point of my external hard drive is /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731. I create the new data directory on the external hard drive.

sudo mkdir /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/

Then I copy the original data directory to the new data directory. -R flag means the copy operation is recursive.

sudo cp /usr/share/nginx/nextcloud-data/* /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/ -R

You also need to copy the .ocdata file.

sudo cp /usr/share/nginx/nextcloud-data/.ocdata /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/

Next, you need to set www-data (Nginx user) as the owner.

sudo chown www-data:www-data /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/ -R

Lastly, you need to edit the config.php file.

sudo nano /usr/share/nginx/nextcloud/config/config.php

Find the following line and change the value of datadirectory.

'datadirectory' => '/usr/share/nginx/nextcloud-data',

Save and close the file. Reload NextCloud web page and you are done.

Increase PHP Memory Limit

The default PHP memory limit is 128MB. NextCloud recommends 512MB for better performance. To change PHP memory limit, edit the php.ini file.

sudo nano /etc/php/7.2/fpm/php.ini

Find the following line. (line 406)

memory_limit = 128M

Change the value.

memory_limit = 512M

Save and close the file. Alternatively, you can run the following command to change the value without manually opening the file.

sudo sed -i 's/memory_limit = 128M/memory_limit = 512M/g' /etc/php/7.2/fpm/php.ini

Then reload PHP-FPM service for the changes to take effect.

sudo systemctl reload php7.2-fpm

Set Up PHP to Properly Query System Environment Variables

Edit the www.conf file.

sudo nano /etc/php/7.2/fpm/pool.d/www.conf

Find the following line (line 381).

;clear_env = no

Remove the semicolon to uncomment this line.

clear_env = no

Save and close the file. Alternatively, you can run the following command to uncomment this line without manually opening the file.

sudo sed -i 's/;clear_env = no/clear_env = no/g' /etc/php/7.2/fpm/pool.d/www.conf

Then reload PHP-FPM service for the changes to take effect.

sudo systemctl reload php7.2-fpm

Increase Upload File Size Limit

The default maximum upload file size limit set by Nginx is 1MB. To allow uploading large files to your NextCloud server, edit the Nginx configuration file for NextCloud.

sudo nano /etc/nginx/conf.d/nextcloud.conf

We have already set the maximum file size in this file, as indicated by

client_max_body_size 512M;

You can change it if you prefer, like 1G.

client_max_body_size 1024M;

Save and close the file. Then reload Nginx for the changes to take effect.

sudo systemctl reload nginx

PHP also sets a limit of upload file size. The default maximum file size for uploading is 2MB. To increase the upload size limit, edit the PHP configuration file.

sudo nano /etc/php/7.2/fpm/php.ini

Find the following line (line 827).

upload_max_filesize = 2M

Change the value like below:

upload_max_filesize = 1024M

Save and close the file. Alternatively, you can run the following command to change the value without manually opening the file.

sudo sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 1024M/g' /etc/php/7.2/fpm/php.ini

Then restart PHP-FPM.

sudo systemctl restart php7.2-fpm

Configure Redis Cache for NextCloud

If you go to your NextCloud settings -> overview page, you might see the following warning:

No memory cache has been configured. To enhance your performance please configure a memcache if available.

We will enable memory caching for nextCloud by using Redis. Run the following command to install Redis server from Ubuntu repository.

sudo apt install redis-server

You can check the version with:

redis-server -v

Sample output:

Redis server v=4.0.9 sha=00000000:0 malloc=jemalloc-3.6.0 bits=64 build=9435c3c2879311f3

Now we can check if redis server is running.

systemctl status redis

nextcloud memory cache redis

Hint: If the above command didn’t quit immediately, you can press the Q key to gain back control of the terminal.

From the above screenshot, we can see that it’s running and auto-start is enabled. If for any reason it’s not running, execute the following command:

sudo systemctl start redis-server

And if auto-start at boot time is not enabled, you can use the following command to enable it:

sudo systemctl enable redis-server

In order to configure Redis as a cache for nextCloud, we need to install the PHP extension for interfacing with Redis.

sudo apt install php-redis

Check if the extension is enabled.

php --ri redis

php redis module

We can see that Redis extension is enabled. If it’s not enabled, run the following commmand:

sudo phpenmod redis

Next, edit nextCloud configuration file.

sudo nano /usr/share/nginx/nextcloud/config/config.php

Add the following lines above the ); line.

'memcache.distributed' => 'OCMemcacheRedis',
'memcache.local' => 'OCMemcacheRedis',
'memcache.locking' => 'OCMemcacheRedis',
'redis' => array(
     'host' => 'localhost',
     'port' => 6379,
     ),

nextcloud memory cache redis local cache

Save and close the file. Then restart Nginx and PHP-FPM.

sudo systemctl restart nginx php7.2-fpm

Now go to nextCloud admin page again, the warning about memory caching should be gone.

How to Enable 4-Byte Characters in MariaDB to Display Emojis

If you see the following message in the NextCloud Settings -> Overview page, then you need to enable 4-byte characters in MariaDB.

MySQL is used as database but does not support 4-byte characters. To be able to handle 4-byte characters (like emojis) without issues in filenames or comments for example it is recommended to enable the 4-byte support in MySQL.

First, I recommend upgrading MariaDB server to the latest stable version by running the following commands.

sudo apt-get install software-properties-common

sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8

sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://mirror.lstn.net/mariadb/repo/10.4/ubuntu bionic main'

sudo apt update

sudo apt install mariadb-server

Then login into MariaDB console.

sudo mysql -u root

Change the character set and collation of the nextcloud database.

ALTER DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;

Exit MariaDB.

exit;

Change to the NextCloud installation directory.

cd /usr/share/nginx/nextcloud/

Enable mysql.utf8mb4 in the config.php file.

sudo -u www-data php occ config:system:set mysql.utf8mb4 --type boolean --value="true"

Then repair MariaDB collation.

sudo -u www-data php occ maintenance:repair

Now the warning should be gone on the NextCloud Settings -> Overview page and you are able to use Emojis in your file names, calendar events and comments.

How to Install NextCloud Client on Ubuntu 18.04 Desktop

The NextCloud team provides an official PPA. Run the following commands on Ubuntu 18.04 desktop to isntall the client.

sudo add-apt-repository ppa:nextcloud-devs/client

sudo apt install nextcloud-client

Note that you don’t need to run sudo apt update anymore in Ubuntu 18.04 when addding PPA. It will run automatically 🙂

ubuntu 18.04 nextcloud ppa

NextCloud Client on Ubuntu 18.04

ubuntu 18.04 nextcloud client

Wrapping Up

I hope this tutorial helped you install NextCloud on Ubuntu 18.04 server with Nginx. You might also want to use Nginx Amplify to monitor Nextcloud back end performance.

  • LEMP Stack Performance Monitoring with Nginx Amplify on Ubuntu 18.04/16.04

As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care 🙂

Sidebar