Install Nextcloud 26 (Hub 4) on Ubuntu 22.04

Nextcloud 26 (Hub 4) focuses on AI integration with Talk, search and more. You may not find any big UI changes or features in this release. But in terms of AI integration it is still a release worth installing or upgrading. In this article I will guide you how to install Nextcloud 26 on Ubuntu 22.04 LTS with a free SSL certificate from Let’s encrypt.

From the blog post:

Nextcloud Hub 4 is the first collaboration platform to integrate intelligent features comprehensively across its applications, while addressing the privacy and control challenges that come with AI technologies.

Frank Karlitschek, CEO and Founder of Nextcloud – Source https://nextcloud.com/blog

I would not take much of your time, so let’s get started. I assume you have a fresh Ubuntu 22.04 LTS OS.

1- System update and firewall

Update your system and enable firewall.

apt update && apt upgrade

apt autoremove && apt autoclean
ufw default allow outgoing
ufw default deny incoming
ufw allow 22
ufw allow 80
ufw allow 443
ufw enable
ufw status

2- LAMP stack setup

We will install all the latest packages from the default repositories.

apt install apache2 mariadb-server libapache2-mod-php8.1 php8.1 php8.1-gmp php8.1-bcmath php8.1-gd php-json php8.1-mysql php8.1-curl php8.1-mbstring php8.1-intl php8.1-imagick php8.1-xml php8.1-zip php8.1-fpm php8.1-redis php8.1-apcu php8.1-opcache php8.1-ldap bzip2 zip unzip imagemagick vim ffmpeg redis-server

After installation enable PHP 8.1 FPM and it’s Apache configuration.

a2enconf php8.1-fpm
a2dismod php8.1
a2dismod mpm_prefork
a2enmod mpm_event

Enable few Apache modules.

a2enmod ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel http2 proxy_fcgi env expires
systemctl restart apache2

Enable Apache, PHP FPM and MariaDB services at boot.

systemctl enable apache2
systemctl enable php8.1-fpm
systemctl enable mariadb

3- Database setup

We will use the mysql_secure_installation script to perform the initial setup.

mariadb-intial-configuration-ubuntu-22-04-server

Let’s login to the database server and create nextcloud database with a user and password.

mysql -u root -p

create database nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;

grant all on nextcloud.* to 'ncuser'@'localhost' identified by 'PASSWORD';

flush privileges;
exit

*Change PASSWORD in above command.

4- PHP configuration

As we will be using PHP FPM, so we will have to modify the PHP FPM ini configuration file.

vim /etc/php/8.1/fpm/php.ini

*Line numbers are for information purpose only. You can find that specific line at that number or near by.

Check PHP timezone manual for your timezone.

output_buffering = off (line 226)
max_execution_time = 180 (line 409)
memory_limit = 512M (line 430)
post_max_size = 200M (line 698)
upload_max_filesize = 200M (line 850)
date.timezone = Europe/Berlin (line 968)

opcache.enable=1 (line 1767)
opcache.enable_cli=1 (line 1770)
opcache.memory_consumption=512 (line 1773)
opcache.interned_strings_buffer=96 (line 1776)
opcache.max_accelerated_files=10000 (line 1780)
opcache.revalidate_freq=1 (line 1798)
opcache.save_comments=1 (line 1805)

You can set post_max_size and upload_max_filesize according to your needs. I have set it to 200MB.

systemctl restart php8.1-fpm

5- Apache virtual host

Create a nextcloud.conf file in sites-available directory.

cd /etc/apache2/sites-available/
vim nextcloud.conf

Paste the following in it, change where necessary (Bold).

<VirtualHost *:80>
	ServerName DOMAIN.COM
	ServerAlias DOMAIN.COM
	DocumentRoot /var/www/html

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	ErrorLog /var/log/apache2/nextcloud-error.log
</VirtualHost>

Enable the newly created configuration and restart Apache.

a2dissite 000-default.conf
a2ensite nextcloud.conf

apachectl -t
systemctl restart apache2

6- Download Nextcloud 26

Switch to www directory.

cd /var/www
wget https://download.nextcloud.com/server/releases/nextcloud-26.0.0.zip

Unzip and move it to the web server root directory.

unzip nextcloud-26.0.0.zip
rm -r /var/www/html/*
shopt -s dotglob
mv nextcloud/* html/

Change the directory ownership and group.

chown -R www-data:www-data /var/www/html

You can now test the access to your web server. Just don’t start the installation process yet. Let’s take care of the SSL certificate and Apache virtual host first.

7- SSL certificate

Install Certbot via snap and get a certificate for the web root.

snap install certbot --classic
certbot certonly --webroot -w /var/www/html -d DOAMIN.COM

Check the certbot complete guide for renewal and other options.

8- Update Apache configuration

Edit the virtual host configuration file /etc/apache2/sites-available/nextcloud.conf after getting SSL certificate.

*You can just completely overwrite the file with the following.

Know what this will do:

  • Redirect to https
  • HSTS strong ciphers
  • Cache static files
  • Enable http2
<VirtualHost *:80>
	ServerName DOMAIN.COM
	DocumentRoot /var/www/html
	RewriteEngine On
	RewriteCond %{HTTPS} off
	RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	ErrorLog /var/log/apache2/nextcloud-error.log
</VirtualHost>

<VirtualHost *:443>
	ServerName DOMAIN.COM
	DocumentRoot /var/www/html

	SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
	SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
	SSLHonorCipherOrder On
	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
	Header always set X-Frame-Options DENY
	Header always set X-Content-Type-Options nosniff

	Protocols h2 http/1.1

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	<FilesMatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|ttf|woff)$">
		Header set Cache-Control "max-age=31536000, public"
	</FilesMatch>

	ErrorLog /var/log/apache2/nextcloud-error.log

	SSLEngine on
	SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN.COM/privkey.pem
	SSLCertificateFile /etc/letsencrypt/live/DOMAIN.COM/fullchain.pem
</VirtualHost>

Save, test and restart Apache.

apachectl -t
systemctl restart apache2

Now you can refresh the browser tab and you will be redirected to https. At this point you can start the installation process, which is quite straight forward. Enter admin credentials, db access credentials etc.


To further enhance your Nextcloud setup, check out the improvement guide.

Leave a Reply

Your email address will not be published. Required fields are marked *