Nextcloud 26 (Hub 4) focuses on AI integration with Talk, search and more. You may not find any big UI changes or features in this release. But in terms of AI integration it is still a release worth installing or upgrading. In this article I will guide you how to install Nextcloud 26 on Ubuntu 22.04 LTS with a free SSL certificate from Let’s encrypt.
Looking to install Nextcloud 27 (Hub 5) on Ubuntu? Click here
From the blog post:
Nextcloud Hub 4 is the first collaboration platform to integrate intelligent features comprehensively across its applications, while addressing the privacy and control challenges that come with AI technologies.
Frank Karlitschek, CEO and Founder of Nextcloud – Source https://nextcloud.com/blog
I would not take much of your time, so let’s get started. I assume you have a fresh Ubuntu 22.04 LTS OS.
1- System update and firewall
Update your system and enable firewall.
apt update && apt upgrade
apt autoremove && apt autocleanufw default allow outgoing
ufw default deny incoming
ufw allow 22
ufw allow 80
ufw allow 443
ufw enable
ufw status2- LAMP stack setup
We will install all the latest packages from the default repositories.
apt install apache2 mariadb-server libapache2-mod-php8.1 php8.1 php8.1-gmp php8.1-bcmath php8.1-gd php-json php8.1-mysql php8.1-curl php8.1-mbstring php8.1-intl php8.1-imagick php8.1-xml php8.1-zip php8.1-fpm php8.1-redis php8.1-apcu php8.1-opcache php8.1-ldap bzip2 zip unzip imagemagick vim ffmpeg redis-serverAfter installation enable PHP 8.1 FPM and it’s Apache configuration.
a2enconf php8.1-fpm
a2dismod php8.1
a2dismod mpm_prefork
a2enmod mpm_eventEnable few Apache modules.
a2enmod ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel http2 proxy_fcgi env expiressystemctl restart apache2Enable Apache, PHP FPM and MariaDB services at boot.
systemctl enable apache2
systemctl enable php8.1-fpm
systemctl enable mariadb3- Database setup
We will use the mysql_secure_installation script to perform the initial setup.
Let’s login to the database server and create nextcloud database with a user and password.
mysql -u root -p
create database nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
grant all on nextcloud.* to 'ncuser'@'localhost' identified by 'PASSWORD';
flush privileges;
exit*Change PASSWORD in above command.
4- PHP configuration
As we will be using PHP FPM, so we will have to modify the PHP FPM ini configuration file.
vim /etc/php/8.1/fpm/php.ini*Line numbers are for information purpose only. You can find that specific line at that number or near by.
Check PHP timezone manual for your timezone.
output_buffering = off (line 226)
max_execution_time = 180 (line 409)
memory_limit = 512M (line 430)
post_max_size = 200M (line 698)
upload_max_filesize = 200M (line 850)
date.timezone = Europe/Berlin (line 968)
opcache.enable=1 (line 1767)
opcache.enable_cli=1 (line 1770)
opcache.memory_consumption=512 (line 1773)
opcache.interned_strings_buffer=96 (line 1776)
opcache.max_accelerated_files=10000 (line 1780)
opcache.revalidate_freq=1 (line 1798)
opcache.save_comments=1 (line 1805)You can set post_max_size and upload_max_filesize according to your needs. I have set it to 200MB.
systemctl restart php8.1-fpm5- Apache virtual host
Create a nextcloud.conf file in sites-available directory.
cd /etc/apache2/sites-available/
vim nextcloud.confPaste the following in it, change where necessary (Bold).
<VirtualHost *:80>
ServerName DOMAIN.COM
ServerAlias DOMAIN.COM
DocumentRoot /var/www/html
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/nextcloud-error.log
</VirtualHost>Enable the newly created configuration and restart Apache.
a2dissite 000-default.conf
a2ensite nextcloud.conf
apachectl -t
systemctl restart apache26- Download Nextcloud 26
Switch to www directory.
cd /var/www
wget https://download.nextcloud.com/server/releases/nextcloud-26.0.0.zipUnzip and move it to the web server root directory.
unzip nextcloud-26.0.0.zip
rm -r /var/www/html/*
shopt -s dotglob
mv nextcloud/* html/Change the directory ownership and group.
chown -R www-data:www-data /var/www/htmlYou can now test the access to your web server. Just don’t start the installation process yet. Let’s take care of the SSL certificate and Apache virtual host first.
7- SSL certificate
Install Certbot via snap and get a certificate for the web root.
snap install certbot --classic
certbot certonly --webroot -w /var/www/html -d DOAMIN.COMCheck the certbot complete guide for renewal and other options.
8- Update Apache configuration
Edit the virtual host configuration file /etc/apache2/sites-available/nextcloud.conf after getting SSL certificate.
*You can just completely overwrite the file with the following.
Know what this will do:
- Redirect to https
- HSTS strong ciphers
- Cache static files
- Enable http2
<VirtualHost *:80>
ServerName DOMAIN.COM
DocumentRoot /var/www/html
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/nextcloud-error.log
</VirtualHost>
<VirtualHost *:443>
ServerName DOMAIN.COM
DocumentRoot /var/www/html
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
Protocols h2 http/1.1
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
<FilesMatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|ttf|woff)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
ErrorLog /var/log/apache2/nextcloud-error.log
SSLEngine on
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN.COM/privkey.pem
SSLCertificateFile /etc/letsencrypt/live/DOMAIN.COM/fullchain.pem
</VirtualHost>Save, test and restart Apache.
apachectl -t
systemctl restart apache2Now you can refresh the browser tab and you will be redirected to https. At this point you can start the installation process, which is quite straight forward. Enter admin credentials, db access credentials etc.
To further enhance your Nextcloud setup, check out the improvement guide.
