Nextcloud 23 on Ubuntu 22.04 LTS

Ubuntu 22.04 LTS comes with PHP 8.1 and Nextcloud 23 does not support it yet. So let’s install Nextcloud 23 on Ubuntu 22.04 LTS server the easy way.

If you install the base packages in Ubuntu 22.04, it will be PHP 8.1 and after running Nextcloud you will get the following error.

This version of Nextcloud is not compatible with > PHP 8.0.

Your are currently running 8.1.2.

nextcloud-23-php-not-compatible

To run Nextcloud successfully we need to install PHP 8.0 for now and disable 8.1.

To do:

  • Install PHP 8.0 / Apache / MariaDB
  • Enable http2
  • Setup Nextcloud 23
  • SSL Certificate – certbot

Update the system

Upgrade your setup and enable firewall first(recommended).

apt update && apt upgrade
ufw default allow outgoing
ufw default deny incoming
ufw allow 22 80 443
ufw enable

PHP, Apache and MariaDB installation

add-apt-repository ppa:ondrej/php -y && apt update
apt install apache2 mariadb-server libapache2-mod-php8.0 php8.0 php8.0-gmp php8.0-bcmath php8.0-gd php-json php8.0-mysql php8.0-curl php8.0-mbstring php8.0-intl php8.0-imagick php8.0-xml php8.0-zip php8.0-fpm php8.0-redis php8.0-apcu php8.0-opcache php8.0-ldap bzip2 zip unzip imagemagick vim ffmpeg redis-server
nextcloud-php8-0-installation-ubuntu-22-04

In some cases it will install some PHP 7.4 packages too, uninstall them as they are not needed.

apt purge php7.4-common

If you have installed PHP 8.1. Disable it or otherwise skip this step.

a2dismod php8.1
a2disconf php8.1-fpm
systemctl stop php8.1-fpm

Enable PHP 8.0, FPM and it’s Apache configuration.

a2enconf php8.0-fpm
a2dismod php8.0
a2dismod mpm_prefork
a2enmod mpm_event

Apache modules

a2enmod ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel http2 proxy_fcgi env expires
systemctl restart apache2

Enable the services at boot time.

systemctl enable apache2
systemctl enable php8.0-fpm
systemctl enable mariadb

PHP configuration

Configure PHP to fulfill Nextcloud requirements.

vim /etc/php/8.0/fpm/php.ini

*Line numbers are for guidance only

output_buffering = off (line 226)
max_execution_time = 180 (line 409)
memory_limit = 512M (line 430)
post_max_size = 200M (line 703)
upload_max_filesize = 200M (line 855)
date.timezone = Europe/London (line 973)

opcache.enable=1 (line 1763)
opcache.enable_cli=1 (line 1766)
opcache.memory_consumption=128 (line 1769)
opcache.interned_strings_buffer=8 (line 1772)
opcache.max_accelerated_files=10000 (line 1776)
opcache.revalidate_freq=1 (line 1794)
opcache.save_comments=1 (line 1801)

For timezone check out PHP timezone manual.

systemctl restart php8.0-fpm

Database setup

Secure your database setup.

/usr/bin/mysql_secure_installation
mariadb-intial-configuration-ubuntu-22-04-server

Login to the database server and create a nextcloud database.

mysql -u root -p
create database nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
grant all on nextcloud.* to 'ncuser'@'localhost' identified by 'PASSWORD';

flush privileges;
exit

Download Nextcloud

cd /var/www
wget https://download.nextcloud.com/server/releases/nextcloud-23.0.4.zip

Unzip and move it to the web server root directory.

unzip nextcloud-23.0.4.zip
rm -r /var/www/html/*
shopt -s dotglob
mv nextcloud/* html/
chown -R www-data:www-data /var/www/html

Apache virtual host

cd /etc/apache2/sites-available
vim nextcloud.conf

Paste the following in it, change where necessary(in bold).

<VirtualHost *:80>
	ServerName DOMAIN.COM
	ServerAlias DOMAIN.COM
	DocumentRoot /var/www/html

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	ErrorLog /var/log/apache2/DOMAIN.COM-error.log
	#CustomLog /var/log/apache2/DOMAIN.COM-requests.log combined
</VirtualHost>

Enable this configuration and reload Apache.

a2dissite 000-default.conf
a2ensite nextcloud.conf

apachectl configtest
systemctl reload apache2

Installation

Point your browser to the URL/domain and start the installation process.

1- Enter the necessary details.

nextcloud-23-installation-base-screen

2- Install or cancel the recommended apps. You can install them later though.

nextcloud-23-installation-apps-selection

3- Dashboard after successful installation.

nextcloud-23-dashboard-after-installation

Check the basic overview and system info from settings.

nextcloud-23-overview
nextcloud-23-system-info

SSL certificate – certbot

Install Certbot and get a certificate for web root.

snap install certbot --classic
certbot certonly --webroot -w /var/www/html -d DOAMIN.COM

Check the certbot complete guide for other options and renewal.

Apache Configuration

Final virtual host configuration /etc/apache2/sites-available/nextcloud.conf after getting SSL certificate.

<VirtualHost *:80>
	ServerName DOMAIN.COM
	ServerAlias www.DOMAIN.COM
	DocumentRoot /var/www/html
	RewriteEngine On
	RewriteCond %{HTTPS} off
	RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	ErrorLog /var/log/apache2/DOMAIN.COM-error.log
	#CustomLog /var/log/apache2/DOMAIN.COM-requests.log combined
</VirtualHost>

<VirtualHost *:443>
	ServerName DOMAIN.COM
	ServerAlias www.DOMAIN.COM
	DocumentRoot /var/www/html

	SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
	SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
	SSLHonorCipherOrder On
	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
	Header always set X-Frame-Options DENY
	Header always set X-Content-Type-Options nosniff

	Protocols h2 http/1.1

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	<FilesMatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|ttf|woff)$">
		Header set Cache-Control "max-age=31536000, public"
	</FilesMatch>

	ErrorLog /var/log/apache2/DOMAIN.COM-error.log
	#CustomLog /var/log/apache2/DOMAIN.COM-requests.log combined

	SSLEngine on
	SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN.COM/privkey.pem
	SSLCertificateFile /etc/letsencrypt/live/DOMAIN.COM/fullchain.pem
</VirtualHost>

Restart Apache

apachectl configtest
systemctl restart apache2

You might want to enhance your setup. Check the article below to move data directory out of the web root, enable cache etc.

Leave a Reply

Your email address will not be published.