Nextcloud with Let's encrpyt in Virtualbox

    • OMV 3.x
    • 3rd-party

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Nextcloud with Let's encrpyt in Virtualbox

      This Guide is about install and configure Nextcloud and Let's encrypt in a virtual Ubuntu. I've put it together from several Guides I found.

      Based on Ubuntu Server 16.04 and Nextcloud 12.

      For the VM I used 2 Cores, 4GB RAM, 50GB VDisk and a bridged Network.


      1. Ubuntu-Server-Installation

      Standard with OpenSSH-Server

      when ready
      sudo apt-get update
      sudo apt-get upgrade

      Reboot


      2. Nextcloud-Installation and -configuration via ssh

      sudo snap install nextcloud

      sudo apt-get install apache2 mariadb-serverlibapache2-mod-php7.0
      sudo apt-get install php7.0-gd php7.0-jsonphp7.0-mysql php7.0-curl php7.0-mbstring
      sudo apt-get install php7.0-intl php7.0-mcryptphp-imagick php7.0-xml php7.0-zip

      wget download.nextcloud.com/server/…/nextcloud-12.0.0.tar.bz2
      sudo tar -xjf nextcloud-12.0.0.tar.bz2

      sudo cp -r nextcloud /var/www


      Add this to sudo nano/etc/apache2/sites-available/nextcloud.conf

      Alias/nextcloud "/var/www/nextcloud/"

      <Directory/var/www/nextcloud/>
      Options+FollowSymlinks
      AllowOverrideAll
      SatisfyAny

      <IfModulemod_dav.c>
      Davoff
      </IfModule>

      SetEnvHOME /var/www/nextcloud
      SetEnvHTTP_HOME /var/www/nextcloud

      </Directory>


      Create Symlink

      sudo ln -s/etc/apache2/sites-available/nextcloud.conf/etc/apache2/sites-enabled/nextcloud.conf


      Additional Apache-Configuration

      sudo a2enmod rewrite
      sudo a2enmod headers
      sudo a2enmod env
      sudo a2enmod dir
      sudo a2enmod mime

      sudo service apache2 restart


      Activate SSL-Modul

      sudo a2enmod ssl
      sudo a2ensite default-ssl
      sudo service apache2 restart


      sudo chown -R www-data:www-data/var/www/nextcloud/



      3. Create MariaDB-Datenbase

      Change User@ and Password as needed

      sudo mysql-u root


      MariaDB>CREATE DATABASE nextcloud;
      MariaDB>GRANT ALL ON nextcloud.* to 'user'@'localhost'IDENTIFIED BY 'set_database_password';
      MariaDB>FLUSH PRIVILEGES;
      MariaDB>exit

      Reboot VM



      4. Complete Nextcloud-Installation

      By Browser localhost/nextcloud
      Create new User with Password
      Enter DB-User with Password and DB-Name
      Complete Installation


      5. Implement Let’s Encrypt-Certificate

      sudo apt-get update
      sudo apt-get install software-properties-common
      sudo add-apt-repository ppa:certbot/certbot
      sudo apt-get update
      sudo apt-get install python-certbot-apache

      Create your Certificate
      sudo certbot --apache


      Test the Automation

      sudo certbot renew --dry-run


      Create new Cronjob

      sudo crontab -e

      This would run at 07.15h. Change it to your needs.

      15 7 * * * /usr/bin/certbot renew –quiet



      6. Nextcloud-Tuning

      Move Data-Directory

      sudo service apache2 stop
      sudo mkdir /usr/nextcloud
      sudo mv /var/www/nextcloud/data /usr/nextcloud
      sudo chown www-data:www-data /usr/nextcloud

      Change Datapath to /usr/nextcloud in

      sudo nano /var/www/nextcloud/config/config.php


      sudo service apache2 start


      7. Enable HTTP Strict Transport Security

      Copy this at the end of /etc/apache2/apache2.conf

      <IfModule mod_headers.c>
      Header always set Strict-Transport-Security"max-age=15768000; includeSubDomains; preload"
      </IfModule>

      sudo service apache2 restart


      8. Memory Caching

      sudo apt-get install redis-server php-redis

      sudo service apache2 restart


      9. PHP Opcache

      Change these Parameters in sudo nano/etc/php/7.0/apache2/php.ini

      opcache.enable=1
      opcache.enable_cli=1
      opcache.memory_consumption=128
      opcache.interned_strings_buffer=8
      opcache.max_accelerated_files=10000
      opcache.save_comments=1
      opcache.revalidate_freq=1


      sudo service apache2 restart

      Done
      CPU Intel i5 2500K
      16GB RAM
      256GB SSD
      5 x 1TB HDD ZFS RAIDZ2
      2 X 2TB HDD ZFS Mirror
      OMV 3.0.88 (Erasmus)
      OMV-Extras 3.4.29