Install Nextcloud 27 (Hub 5) on Ubuntu

Nextcloud 27, just like Nextcloud 26, is heavily reliant on AI, and the feature set is primarily driven by AI itself. In this article, I will guide you through the step-by-step process of how to install Nextcloud 27 (Hub 5) on an Ubuntu server (22.04 LTS).

Nextcloud_Logo

Want to upgrade to Nextcloud 27 (Hub 5)? Click here

Nextcloud_Logo

The server size and specifications depend on your specific needs. However, here are the basic specifications to help you get started.

  • Ubuntu 22.04 LTS
  • 1GB RAM
  • 20GB HDD space
  • 1 CPU core
  • Public IP – ipv4

Don’t forget to point your server IP to the domain of your choice.

1- Prepare the system

Update your system and remove unnecessary packages.

apt update && apt upgrade

apt autoremove && apt autoclean

Enable the firewall and allow only specific ports.

ufw default allow outgoing
ufw default deny incoming
ufw allow 22
ufw allow 80
ufw allow 443
ufw enable
ufw status

Port 22 is for SSH access to the server; change it if you have modified this on the server.

Now, we will proceed to install the LAMP stack.

apt install apache2 mariadb-server libapache2-mod-php php php-gmp php-bcmath php-gd php-json php-mysql php-curl php-mbstring php-intl php-imagick php-xml php-zip php-fpm php-redis php-apcu php-opcache php-ldap bzip2 zip unzip imagemagick vim ffmpeg redis-server

After the installation has completed, enable PHP 8.1 FPM and its Apache configuration.

a2enconf php8.1-fpm
a2dismod php8.1
a2dismod mpm_prefork
a2enmod mpm_event

We will also enable some Apache modules.

a2enmod ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel http2 proxy_fcgi env expires
systemctl restart apache2

Ensure that Apache, PHP FPM, and MariaDB services are set to start automatically at boot.

systemctl enable apache2
systemctl enable php8.1-fpm
systemctl enable mariadb

2- Database

Most systems come pre-installed with mysql_secure_installation. Let’s run it to perform the initial setup.

mariadb-mysql_secure_installation

Now, log in to the database server and create the nextcloud database. Please remember to replace PASSWORD in the command below.

mysql

create database nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;

grant all on nextcloud.* to 'ncuser'@'localhost' identified by 'PASSWORD';

flush privileges;
exit

3- PHP configuration updates

Since we are utilizing PHP FPM, it becomes necessary to modify the PHP FPM configuration file.

vim /etc/php/8.1/fpm/php.ini

Check PHP timezone manual for your timezone.

You have the flexibility to adjust the post_max_size and upload_max_filesize based on your specific requirements. In this case, I have set it to 200MB.

* Please note that the line numbers provided are for informational purposes only.

output_buffering = off (line 226)
max_execution_time = 180 (line 409)
memory_limit = 512M (line 430)
post_max_size = 200M (line 698)
upload_max_filesize = 200M (line 850)
date.timezone = Europe/Berlin (line 968)

opcache.enable=1 (line 1767)
opcache.enable_cli=1 (line 1770)
opcache.memory_consumption=512 (line 1773)
opcache.interned_strings_buffer=96 (line 1776)
opcache.max_accelerated_files=10000 (line 1780)
opcache.revalidate_freq=1 (line 1798)
opcache.save_comments=1 (line 1805)

Restart PHP FPM after applying the changes.

systemctl restart php8.1-fpm

4- Download Nextcloud

Navigate to the www directory to continue.

cd /var/www
wget https://download.nextcloud.com/server/releases/nextcloud-27.0.1.zip

Extract and relocate it to the root directory of your web server.

unzip nextcloud-27.0.1.zip
rm -r /var/www/html/*
shopt -s dotglob
mv nextcloud/* html/

Modify the ownership and group of the web server root directory.

chown -R www-data:www-data /var/www/html

5- Apache virtual host and SSL

Generate a nextcloud.conf configuration file in the Apache sites-available directory.

cd /etc/apache2/sites-available/
vim nextcloud.conf

Copy and paste the following content into the configuration file.

<VirtualHost *:80>
	ServerName DOMAIN.COM
	ServerAlias DOMAIN.COM
	DocumentRoot /var/www/html

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	ErrorLog /var/log/apache2/nextcloud_error.log
</VirtualHost>

Activate the newly created configuration and restart the Apache server.

a2dissite 000-default.conf
a2ensite nextcloud.conf

apachectl -t
systemctl restart apache2

At this point, I assume you have already pointed your server IP to the domain. We will obtain a free certificate from Let’s Encrypt using certbot. If you already have your own certificates, you may skip the SSL setup.

snap install certbot --classic
certbot certonly --webroot -w /var/www/html -d DOAMIN.COM

Next, we will proceed to update the Apache configuration file for Nextcloud located at /etc/apache2/sites-available/nextcloud.conf.

<VirtualHost *:443>
	ServerName DOMAIN.COM
	DocumentRoot /var/www/html

	SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
	SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
	SSLHonorCipherOrder On
	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
	Header always set X-Frame-Options DENY
	Header always set X-Content-Type-Options nosniff

	Protocols h2 http/1.1

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	<FilesMatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|ttf|woff)$">
		Header set Cache-Control "max-age=31536000, public"
	</FilesMatch>

	ErrorLog /var/log/apache2/nextcloud_error.log

	SSLEngine on
	SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN.COM/privkey.pem
	SSLCertificateFile /etc/letsencrypt/live/DOMAIN.COM/fullchain.pem
</VirtualHost>

Save, test and restart Apache.

apachectl -t
systemctl restart apache2

Redirect to HTTPS automatically by adding the following to the port 80 block. Don’t forget to restart Apache for the changes to take effect.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Now, open a new browser tab and enter the URL. This will take you to the installation screen, where you can provide the necessary admin credentials, database access credentials, and other required information.


After completing the installation, you may want to explore additional improvements such as utilizing a system cron job, relocating the data directory outside of the web directory, enabling cache, and more. For detailed instructions, refer to the Hacks and Improvements article.