Nextcloud 25 or Nextcloud Hub 3 features a complete new revamped UI, it looks clean and modern. If you have Nextcloud already installed and want to upgrade, check out this article. If you want to install fresh, then read on how to install Nextcloud 25 on Ubuntu 22.04 LTS.
System configuration
Update your system and enable firewall.
apt update && apt upgradeufw default allow outgoing
ufw default deny incoming
ufw allow 22
ufw allow 80
ufw allow 443
ufw enablePort 22 is for ssh, if you have changed it to a different port. Enable that.
Looking to install Nextcloud 26 (Hub 4) on Ubuntu 22.04 instead? Click here
LAMP stack installation
Install all the latest available packages from the repository.
apt install apache2 mariadb-server libapache2-mod-php8.1 php8.1 php8.1-gmp php8.1-bcmath php8.1-gd php-json php8.1-mysql php8.1-curl php8.1-mbstring php8.1-intl php8.1-imagick php8.1-xml php8.1-zip php8.1-fpm php8.1-redis php8.1-apcu php8.1-opcache php8.1-ldap bzip2 zip unzip imagemagick vim ffmpeg redis-serverEnable PHP 8.1 FPM and it’s Apache configuration. This is to use http2.
a2enconf php8.1-fpm
a2dismod php8.1
a2dismod mpm_prefork
a2enmod mpm_eventEnable required Apache modules.
a2enmod ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel http2 proxy_fcgi env expiressystemctl restart apache2Enable services at boot time.
systemctl enable apache2
systemctl enable php8.1-fpm
systemctl enable mariadbPHP configuration
We are using PHP FPM, so we will modify the PHP FPM ini configuration file.
vim /etc/php/8.1/fpm/php.inioutput_buffering = off (line 226)
max_execution_time = 180 (line 409)
memory_limit = 512M (line 430)
post_max_size = 200M (line 698)
upload_max_filesize = 200M (line 850)
date.timezone = Europe/Berlin (line 968)
opcache.enable=1 (line 1767)
opcache.enable_cli=1 (line 1770)
opcache.memory_consumption=128 (line 1773)
opcache.interned_strings_buffer=8 (line 1776)
opcache.max_accelerated_files=10000 (line 1780)
opcache.revalidate_freq=1 (line 1798)
opcache.save_comments=1 (line 1805)*Line numbers are for information only
You can set post_max_size and upload_max_filesize according to your needs. I have set it to 200MB.
Check PHP timezone manual for your timezone.
Save and restart PHP FPM.
systemctl restart php8.1-fpmDatabase configuration
Use the mysql_secure_installation script to perform the initial setup.
/usr/bin/mysql_secure_installation
Now login to the database server and create nextcloud database.
mysql -u root -p
create database nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
grant all on nextcloud.* to 'ncuser'@'localhost' identified by 'PASSWORD';
flush privileges;
exitDownload Nextcloud 25
Switch to www directory.
cd /var/www
wget https://download.nextcloud.com/server/releases/nextcloud-25.0.0.zipUnzip and move it to the web server root directory.
unzip nextcloud-25.0.0.zip
rm -r /var/www/html/*
shopt -s dotglob
mv nextcloud/* html/Change the owner and group of html directory.
chown -R www-data:www-data /var/www/htmlApache virtual host
Create a nextcloud.conf file in sites-available directory.
vim /etc/apache2/sites-available/nextcloud.confPaste the following in it, change where necessary (Bold).
<VirtualHost *:80>
ServerName DOMAIN.COM
ServerAlias DOMAIN.COM
DocumentRoot /var/www/html
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/DOMAIN.COM-error.log
</VirtualHost>Enable this configuration and restart Apache.
a2dissite 000-default.conf
a2ensite nextcloud.conf
apachectl configtest
systemctl restart apache2Now input your server URL/domain in the browser to start the installation process.
SSL certificate
Install Certbot and get a certificate for web root.
snap install certbot --classic
certbot certonly --webroot -w /var/www/html -d DOAMIN.COMCheck the certbot complete guide for other options and renewal.
Final Apache configuration
And finally edit the virtual host configuration /etc/apache2/sites-available/nextcloud.conf after getting SSL certificate.
What it do:
- Redirect from http(80) to https(443)
- HSTS strong ciphers
- Cache static files
- Enable http2
<VirtualHost *:80>
ServerName DOMAIN.COM
ServerAlias www.DOMAIN.COM
DocumentRoot /var/www/html
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/DOMAIN.COM-error.log
</VirtualHost>
<VirtualHost *:443>
ServerName DOMAIN.COM
ServerAlias www.DOMAIN.COM
DocumentRoot /var/www/html
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
Protocols h2 http/1.1
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
<FilesMatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|ttf|woff)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
ErrorLog /var/log/apache2/DOMAIN.COM-error.log
SSLEngine on
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN.COM/privkey.pem
SSLCertificateFile /etc/letsencrypt/live/DOMAIN.COM/fullchain.pem
</VirtualHost>Save, test and restart Apache.
apachectl configtest
systemctl restart apache2 That’s pretty much it. Enjoy sharing.
Check out the quick hacks article to improve the setup.
Nice article.