Nextcloud 30 Hub 9 was released yesterday, and this time the changes are significant in terms of features, apps, improvements, and the UI. There’s a fresh UI update, which I personally like. It’s more compact, and the round shapes are gone for good. Almost every core app has received a redesign. The Talk UI has also been revamped and looks fantastic. You can read more about the changes and features below. If you want to try it out, follow this guide to install Nextcloud 30 Hub 9 on an Ubuntu 24.04 LTS server with Apache and MariaDB.
If you have an older version of Nextcloud set up, you can go to the Admin settings and upgrade it from there if an update is available.
The feature set is extensive, and this article is not intended to cover all of it or discuss it in depth. I recommend heading over to the release blog post to check out the details for yourself.
Core features in Nextcloud 30 Hub 9:
- A big design redo
- Auto-magic with Windmill
- Nextcloud Whiteboard
- Federated Talk calls
- Improved AI and Nextcloud Assistant
- Request files
What you need for this installation:
- Server with Ubuntu 24.04 OS
- Minimum 1GB RAM and 20GB HDD space
- 1cpu core
- A domain name pointed to the server IP
What we will cover in this article:
- Enable firewall with few ports
- Install LAMP stack (PHP-FPM, Apache, MariaDB)
- Redis for cache
- Get a free SSL certificate from Let’s Encrypt
1- Prepare the server
You may not need to run the upgrade command since Ubuntu 24.04 LTS is new, but to be thorough, let’s run it anyway.
apt update && apt upgradeBy default, the SSH port is 22. If yours is different, adjust the command accordingly below. We will also open ports 80 and 443 in the firewall.
ufw default allow outgoing
ufw default deny incoming
ufw allow 22
ufw allow 80
ufw allow 443
ufw enable
ufw status2- Install LAMP stack
Let’s install LAMP stack. Ubuntu 24.04 comes with PHP 8.3, which is what we need here.
apt install apache2 mariadb-server libapache2-mod-php php php-gmp php-bcmath php-gd php-json php-mysql php-cli php-curl php-mbstring php-intl php-imagick php-xml php-zip php-fpm php-redis php-apcu php-opcache php-ldap php-bz2 bzip2 zip unzip imagemagick vim ffmpeg redis-serverTo enable PHP FPM, execute the following commands.
a2enconf php8.3-fpm
a2dismod php8.3
a2dismod mpm_prefork
a2enmod mpm_eventEnable a few Apache modules with:
a2enmod ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel http2 proxy_fcgi env expiressystemctl enable apache2
systemctl enable php8.3-fpm
systemctl enable mariadbsystemctl restart apache23- Configure PHP
Since we are using PHP FPM, we’ll update the FPM configuration file.
vim /etc/php/8.3/fpm/php.iniI have mentioned line numbers for your reference in the snippet below.
Check PHP timezone manual for your timezone.
output_buffering = off (line 236)
max_execution_time = 180 (line 419)
memory_limit = 512M (line 445)
post_max_size = 1G (line 713)
upload_max_filesize = 1G (line 865)
date.timezone = Europe/Berlin (line 989)
opcache.enable=1 (line 1782)
opcache.enable_cli=1 (line 1785)
opcache.memory_consumption=512 (line 1788)
opcache.interned_strings_buffer=96 (line 1791)
opcache.max_accelerated_files=10000 (line 1795)
opcache.revalidate_freq=1 (line 1813)
opcache.save_comments=1 (line 1820)systemctl restart php8.3-fpm4- Tune PHP FPM
This is optional and depends on your needs. If the default settings work for you, feel free to skip this step.
cd /etc/php/8.3/fpm/pool.d
vim www.confEnable or change the values accordingly.
pm = dynamic (line 116)
pm.max_children = 12 (line 127)
pm.start_servers = 6 (line 132)
pm.min_spare_servers = 4 (line 137)
pm.max_spare_servers = 8 (line 142)
pm.max_requests = 0 (line 159)systemctl restart php8.3-fpm5- Create database
Run mysql_secure_installation to set up the initialization options for MariaDB startup.
You can now log in to the database server and create the Nextcloud database. Make sure to change “PASSWORD” to your own.
mysql
create database nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
grant all on nextcloud.* to 'ncuser'@'localhost' identified by 'PASSWORD';
flush privileges;
exit6- Download Nextcloud
cd /var/www
wget https://download.nextcloud.com/server/releases/nextcloud-30.0.0.zipUnzip Nextcloud archive and move it to the web root directory (html).
unzip nextcloud-30.0.0.zip
rm /var/www/html/index.html
shopt -s dotglob
mv nextcloud/* html/Create a data directory outside of the html directory.
mkdir /var/www/datachown -R www-data:www-data /var/www/html
chown -R www-data:www-data /var/www/dataDo the cleanup tasks with:
rm -r nextcloud
rm nextcloud-30.0.0.zip7- Apache virtual host
cd /etc/apache2/sites-available/
vim nextcloud.confAdd the following, and replace DOMAIN.COM with your own.
<VirtualHost *:80>
ServerName DOMAIN.COM
DocumentRoot /var/www/html
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/nextcloud_error.log
</VirtualHost>Enable this configuration and restart Apache.
a2dissite 000-default.conf
a2ensite nextcloud.conf
apachectl -t
systemctl restart apache28- Install certbot
apt install certbotYou can now obtain an SSL certificate using the certbot command. Replace DOMAIN.COM with your own.
certbot certonly --webroot -w /var/www/html -d DOAMIN.COMTo enable automatic renewal, set up a cron job.
crontab -eIt will run every morning at 4:30 AM, to check the certificate validity and perform renewal.
30 4 * * * certbot renew9- Update virtual host
At this point, we have the SSL certificates and can update our virtual host configuration with the port 443 block.
vim /etc/apache2/sites-available/nextcloud.conf Don’t forget to replace DOMAIN.COM and update the path to the certificate files.
<VirtualHost *:443>
ServerName DOMAIN.COM
DocumentRoot /var/www/html
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-Content-Type-Options "nosniff"
Header always set X-XSS-Protection "0"
Header always set X-Permitted-Cross-Domain-Policies "none"
Header always set Referrer-Policy "no-referrer-when-downgrade"
Header always set Permissions-Policy "camera=(self), geolocation=(self), microphone=(self)"
Protocols h2 http/1.1
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
<FilesMatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|ttf|woff)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
ErrorLog /var/log/apache2/nextcloud_error.log
SSLEngine on
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN.COM/privkey.pem
SSLCertificateFile /etc/letsencrypt/live/DOMAIN.COM/fullchain.pem
</VirtualHost>Also you can add redirection from HTTP to HTTPS in the port 80 block.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}Restart Apache afterward.
apachectl -t
systemctl restart apache210- Install Nextcloud
Once all the above steps are completed, you can now browse to the domain name in your browser to get started. Most of the installation steps are the same.
- Enter your username
- Enter password for the user
- Enter data path (/var/www/data)
- Enter database credentials
Click Install after entering the above information.
On the next screen (Recommended apps), you can select which apps to install or skip it entirely.
Congratulations, you have successfully installed Nextcloud.
11- Improvements
You can proceed to enhance your installation by setting up a cron job, adding caching to the configuration file, and more.
