In this article, we will install Nextcloud 23 on Ubuntu 20.04 with PHP 8. Nextcloud 23 does not recommend to use PHP 7.3 anymore, so it’s time to just install PHP 8.
If you have Nextcloud 22 installed already, you can simply upgrade to Nextcloud Hub II or 23 from the Admin settings page.
Note: Nextcloud at this time does not support PHP 8.1, so we have to stick to PHP 8.0.
Nextcloud 24 is OUT
Install PHP 8
Add the following PPA to install PHP 8 maintained by a Debian maintainer.
add-apt-repository ppa:ondrej/php -yUpdate and upgrade:
apt update && apt upgrade -yInstall the required packages:
apt install libapache2-mod-php8.0 php8.0 php8.0-gmp php8.0-bcmath php8.0-gd php8.0-mysql php8.0-curl php8.0-mbstring php8.0-intl php8.0-imagick php8.0-xml php8.0-zip php8.0-fpm php8.0-redis php8.0-fileinfo php8.0-apcu php8.0-opcacheInstall other packages
apt install vim apache2 mariadb-server bzip2 zip unzip imagemagick ffmpeg redisEnable Apache PHP 8.0 and other modules:
a2enmod php8.0 ssl rewrite headers proxy proxy_http deflate cache proxy_wstunnel http2 proxy_fcgi envapachectl -t
systemctl enable apache2
systemctl enable mariadb
systemctl restart apache2Update PHP configuration
vim /etc/php/8.0/apache2/php.inioutput_buffering = off (line 266)
max_execution_time = 120 (line 409)
memory_limit = 512M (line 430)
post_max_size = 100M (line 703)
upload_max_filesize = 100M (line 855)
date.timezone = Europe/London (line 973)I have mentioned the line numbers for easiness. For timezone check out PHP timezone manual.
Database setup
/usr/bin/mysql_secure_installationLogin to the database server:
mysql -u root -pRun the following commands:
create database nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
grant all on nextcloud.* to 'ncuser'@'localhost' identified by 'PASSWORD';
flush privileges;
exitChange PASSWORD to a real strong password.
Download Nextcloud 23
Let’s download Nextcloud 23 and set it up.
cd /var/www
wget https://download.nextcloud.com/server/releases/nextcloud-23.0.0.zip
unzip nextcloud-23.0.0.zip
rm -r /var/www/html/*
shopt -s dotglob
mv nextcloud/* html/
chown -R www-data:www-data /var/www/htmlIt’s best to have proper permissions on your installation files and directories. Download and use permissions script from Nextcloud:
wget https://github.com/nextcloud/vm/blob/master/static/setup_secure_permissions_nextcloud.sh
chmod +x setup_secure_permissions_nextcloud.sh
./setup_secure_permissions_nextcloud.shRemove the script once done.
rm setup_secure_permissions_nextcloud.shApache configuration for Nextcloud
Create a vhost configuration file in sites-available directory.
cd /etc/apache2/sites-available
vim nextcloud.confPaste the following in it:
Change the words marked in bold.
<VirtualHost *:80>
ServerName DOMAIN.COM
ServerAlias www.DOMAIN.COM
DocumentRoot /var/www/html
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/DOMAIN-error.log
CustomLog /var/log/apache2/DOMAIN-requests.log combined
</VirtualHost>Note: we will update this file later after getting a certificate from Let’s encrypt.
a2ensite nextcloud
systemctl restart apache2Install certbot and get a certificate
To start with certbot and SSL setup, you can follow this article to install and get a certificate from Let’s Encrypt. Once you get the certificate successfully, it’s time to update nextcloud.conf file. Final configuration will look like, make changes where applicable.
<VirtualHost *:80>
ServerName DOMAIN.COM
ServerAlias www.DOMAIN.COM
DocumentRoot /var/www/html
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/DOMAIN-error.log
CustomLog /var/log/apache2/DOMAIN-requests.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName DOMAIN.COM
ServerAlias www.DOMAIN.COM
DocumentRoot /var/www/html
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
</Directory>
ErrorLog /var/log/apache2/DOMAIN-error.log
CustomLog /var/log/apache2/DOMAIN-requests.log combined
SSLEngine on
SSLCertificateKeyFile /etc/letsencrypt/live/DOMAIN.COM/privkey.pem
SSLCertificateFile /etc/letsencrypt/live/DOMAIN.COM/fullchain.pem
</VirtualHost>Restart Apache:
systemctl restart apache2Now go to the web browser and initiate the installation process.
There are still ways to improve this setup for example add Redis cache, move data directory. You can checkout the Nextcloud hacks article for more details.
Hi, great article and a big help for installing nextcloud ! After this install, Nextcloud works like a charm, but my webbased mail client and postfixadmin are no longer available when I type in their addresses. A certificate error appears instead. Any thoughts ?
Hi, if you have other virtual host configurations for the others sites make sure that the right certificates are used in it.