NextCloud – step by step

/ code-commands, SprUng, KEEPERS, CODE-NOW-NOW-NOW / 11 minutes of reading
When trying to connect from desktop client:

The polling URL does not start with HTTPS despite the login URL started with HTTPS. Login will not be possible because this might be a security issue. Please contact your administrator.

Jan 23 2025 – set up errrors

  • Accessing site insecurely via HTTP. You are strongly advised to set up your server to require HTTPS instead. Without it some important web functionality like "copy to clipboard" or "service workers" will not work! For more details see the documentation ↗.
  • 8453 errors in the logs since January 16, 2025, 9:51:28 AM
  • MariaDB version "10.5.22-MariaDB" detected. MariaDB >=10.6 and <=11.4 is suggested for best performance, stability and functionality with this version of Nextcloud.
  • The database is used for transactional file locking. To enhance performance, please configure memcache, if available. For more details see the documentation ↗.
  • No memory cache has been configured. To enhance performance, please configure a memcache, if available. For more details see the documentation ↗.
  • Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add "default_phone_region" with the respective ISO 3166-1 code of the region to your config file. For more details see the documentation ↗.
  • You have not set or verified your email server configuration, yet. Please head over to the "Basic settings" in order to set them. Afterwards, use the "Send email" button below the form to verify your settings. For more details see the documentation ↗.
  • This instance is missing some recommended PHP modules. For improved performance and better compatibility it is highly recommended to install them: – bcmath for WebAuthn passwordless login – gmp for WebAuthn passwordless login, and SFTP storage – intl increases language translation performance and fixes sorting of non-ASCII characters For more details see the documentation ↗.
  • The PHP module "imagick" is not enabled although the theming app is. For favicon generation to work correctly, you need to install and enable this module. For more details see the documentation ↗.

Please double check the installation guides ↗, and check for any errors or warnings in the log.

Check the security of your Nextcloud over our security scan ↗.



Nextcloud Manual.pdf – Nextcloud


sudo systemctl enable httpd
sudo systemctl enable mariadb

update command (see also – alma linux update)

sudo -u apache php /var/www/html/nextcloud/updater/updater.phar
#then verify
sudo -u apache php /var/www/html/nextcloud/occ maintenance:mode --off
sudo -u apache php /var/www/html/nextcloud/occ files:scan --all

Partitioning and Filesystem Setup

Wipe Disk

sudo dd if=/dev/zero of=/dev/sdX bs=1M status=progress

 

  1. Open parted:

    parted /dev/sdx (replace x with correct drive)

  2. Set partition table to GPT:

    mklabel gpt

     

# Create and format partitions (assuming disk is /dev/sdX, adjust accordingly)
parted /dev/sdX mklabel gpt
parted /dev/sdX mkpart primary fat32 1MiB 513MiB
parted /dev/sdX set 1 boot on
mkfs.fat -F32 /dev/sdX1

parted /dev/sdX mkpart primary ext4 513MiB 2GiB
mkfs.ext4 /dev/sdX2

parted /dev/sdX mkpart primary ext4 2GiB 214GiB
mkfs.ext4 /dev/sdX3

parted /dev/sdX mkpart primary linux-swap 214GiB 230GiB
mkswap /dev/sdX4
swapon /dev/sdX4

# Mount partitions
mkdir -p /mnt/boot/efi
mount /dev/sdX1 /mnt/boot/efi

mkdir -p /mnt/boot
mount /dev/sdX2 /mnt/boot

mount /dev/sdX3 /mnt

Install AlmaLinux

  • Boot into the AlmaLinux installer and ensure the partitions and mount points match exactly.

Disable Selinux

Until it is installed and working Disable SELinux

To disable SELinux permanently:

  1. Edit the SELinux configuration file:

    sudo nano /etc/selinux/config

  2. Change the following line:

    SELINUX=enforcing

    to:

    SELINUX=disabled

  3. Reboot the system for the changes to take effect:

    sudo reboot

After reboot, confirm SELinux is disabled:

sestatus

It should output:

SELinux status:                 disabled

###

Post-Installation Updates

check ssh:   sudo dnf install openssh-server -y
  
enable ssh:    sudo systemctl enable --now sshd
 
ssh status:    sudo systemctl status sshd
 
ssh firewall settings:   sudo firewall-cmd --permanent --add-service=ssh
   sudo firewall-cmd --reload

serverip: ip addr show

   Look for the line starting with `inet` under the active network interface (e.g., `eth0` or `ens33`).

 

2. Verify Apache Configuration

Ensure Apache is set up to serve Nextcloud.

Open the Virtual Host Config:

sudo nano /etc/httpd/conf.d/nextcloud.conf

Add the following (adjust paths if needed):

<VirtualHost *:80>
    DocumentRoot "/var/www/html/nextcloud"
    ServerName 192.168.1.26

    <Directory "/var/www/html/nextcloud">
        Require all granted
        AllowOverride All
        Options FollowSymLinks MultiViews
    </Directory>

    ErrorLog /var/log/httpd/nextcloud-error.log
    CustomLog /var/log/httpd/nextcloud-access.log combined
</VirtualHost>

Restart Apache:

sudo systemctl restart httpd

3. Verify MariaDB Configuration

Ensure MariaDB is configured to use the default /var/lib/mysql directory and has the correct users.

Check Configuration File:

sudo nano /etc/my.cnf.d/server.cnf

Ensure datadir is correct:

[mysqld]
datadir=/var/lib/mysql

Restart MariaDB:

sudo systemctl restart mariadb

Verify MariaDB is Running:

sudo systemctl status mariadb

Enable MariaDB to start on boot:

sudo systemctl enable mariadb

Secure MariaDB: Run the MariaDB security script to set a root password and remove unnecessary defaults:

sudo mysql_secure_installation

###

Permission Issues

MariaDB's default setup creates its critical files, including /var/lib/mysql/mysql.sock, with strict permissions for security reasons. These permissions are set during the installation process. Even if you didn't explicitly install it as root, the package manager (e.g., dnf) runs with elevated privileges to perform the installation. By design, MariaDB's directories and files are owned by the mysql user and group, and permissions are restrictive to protect the database from unauthorized access.

Here’s how it works:

Why Permissions Are Tight

  1. Default Ownership: After installation, the /var/lib/mysql directory is owned by mysql:mysql with restrictive permissions (drwx------).
  2. Default Context: If SELinux is enabled, it applies an additional security layer with the appropriate SELinux contexts (e.g., mysqld_db_t).
  3. Security Intent: This is to prevent other users or processes from accidentally or maliciously accessing the database files or socket.

Why This Happens to You

If something tampers with ownership, permissions, or SELinux contexts (such as running commands as root or using a tool that changes permissions globally), it breaks the expected setup for MariaDB.

1. Fix Ownership and Permissions

Ensure the correct ownership and permissions for all relevant directories.

For /var/www/html/ and Nextcloud:

sudo chown -R apache:apache /var/www/html/
sudo chmod -R 755 /var/www/html/

For MariaDB:

sudo chown -R mysql:mysql /var/lib/mysql
sudo chmod 700 /var/lib/mysql

Verify Ownership:

ls -ld /var/www/html /var/www/html/nextcloud /var/lib/mysql

1. Create the nextcloud Directory

sudo mkdir /var/www/html/nextcloud

2. Set Ownership and Permissions

To ensure the Apache web server can access and write to the nextcloud directory:

sudo chown -R apache:apache /var/www/html/nextcloud
sudo chmod -R 755 /var/www/html/nextcloud

Explanation of Commands

  • chown: Sets ownership of the directory to apache (user) and apache (group).
  • chmod: Sets permissions to allow the owner to read, write, and execute, while others can only read and execute.

4. Extract Nextcloud

Extract the Nextcloud files into the /var/www/html/ directory:

cd /tmp
tar -xjf latest.tar.bz2 -C /var/www/html/

THEN RESET PERMISSION TO APACHE FOR /nextcloud

# Change ownership to Apache user
sudo chown -R apache:apache /var/www/html/nextcloud

# Set directory permissions
sudo find /var/www/html/nextcloud -type d -exec chmod 750 {} \;

# Set file permissions
sudo find /var/www/html/nextcloud -type f -exec chmod 640 {} \;

#check
ls -ld /var/www/html/nextcloud
ls -l /var/www/html/nextcloud

#should see: drwxr-x--- apache apache

5. Set Up Nextcloud

Navigate to the Nextcloud URL (e.g., http://192.168.1.26) to proceed with the web-based setup. If errors occur during setup, troubleshoot as follows:

  • Permissions Error: Re-check directory ownership and permissions.
  • Database Error: Ensure the database user, password, and permissions are correctly set up in MariaDB.
  • PHP Errors: Ensure all required PHP modules are installed.

1. Verify MariaDB is Running

Confirm MariaDB is active and has created the mysql.sock file:

sudo systemctl status mariadb

2. Check the Socket File

Ensure the mysql.sock file exists and has the correct ownership and permissions:

ls -l /var/lib/mysql/mysql.sock
ls -ld /var/lib/mysql

The output should look like this:

  • mysql.sock is owned by mysql:mysql.
  • /var/lib/mysql should have permissions drwx------.

If ownership or permissions are incorrect:

sudo chown -R mysql:mysql /var/lib/mysql
sudo chmod 700 /var/lib/mysql
sudo systemctl restart mariadb

3. Verify SELinux (If Enabled)

Even if SELinux is disabled, sometimes contexts are cached. Verify and fix SELinux contexts for /var/lib/mysql:

sudo semanage fcontext -a -t mysqld_db_t "/var/lib/mysql(/.*)?"
sudo restorecon -R /var/lib/mysql

4. Check the MariaDB Configuration

Open MariaDB configuration to ensure the socket file is being correctly set up:

sudo nano /etc/my.cnf.d/server.cnf

Ensure the following is present:

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock

[client]
socket=/var/lib/mysql/mysql.sock

Restart MariaDB:

sudo systemctl restart mariadb

5. Verify MySQL Client Access

Test MySQL access using the socket:

mysql -u root -p

If you get a socket-related error, verify that the socket file is present:

ls -l /var/lib/mysql/mysql.sock

6. Additional Debugging

  • Check Logs: Look for errors in the MariaDB logs:

    sudo tail -f /var/log/mariadb/mariadb.log

  • Verify Service Start: Ensure no errors occurred during service startup:

    sudo journalctl -u mariadb

  • Temporary Socket Issue: If the socket isn’t being created despite no errors:

    • Try removing stale files and restarting:

      sudo rm -f /var/lib/mysql/mysql.sock
sudo systemctl restart mariadb

 

 

 

Cont. Post-Installation Updates

 

NEXT PostInstallUpdates

1. sudo dnf update -y

2. sudo dnf install -y vim nano wget curl git htop net-tools epel-release

3. sudo dnf install httpd mariadb-server php php-mysqlnd php-dom php-gd php-intl php-mbstring php-xml php-zip unzip -y

4. sudo systemctl enable --now httpd

5. sudo dnf install php php-mysqlnd php-dom php-gd php-intl php-mbstring php-xml php-zip php-cli php-json php-pdo -y

6. sudo dnf install tar bzip2 unzip -y

7. sudo dnf groupinstall -y "Development Tools"

8. ip addr show

9. sudo systemctl enable firewalld
   sudo systemctl start firewalld
   sudo firewall-cmd --add-service=http --permanent
   sudo firewall-cmd --add-service=https --permanent
   sudo firewall-cmd --permanent --add-service=ssh
   sudo firewall-cmd --reload

   check rules: sudo firewall-cmd --list-all
   ssh specific port: sudo firewall-cmd --permanent --add-port=2222/tcp

10. sudo adduser yourusername
    sudo passwd yourusername
    sudo usermod -aG wheel yourusername

11. sudo swapon /dev/sdX

12. swapon --show

13. sudo dnf install openssh-server -y

14. sudo systemctl status sshd

15. sudo firewall-cmd --permanent --add-service=ssh
    sudo firewall-cmd --reload

16. **Download and Configure Nextcloud**:

17. Download: wget https://download.nextcloud.com/server/releases/latest.tar.bz2

    - Extract: tar -xjf latest.tar.bz2 -C /var/www/html/
    - Set Permissions:sudo chown -R apache:apache /var/www/html/nextcloud
      sudo chmod -R 755 /var/www/html/nextcloud
    - Enable Apache modules:sudo systemctl enable --now httpd
      sudo systemctl restart httpd

    

    DISABLE SELIUX:sudo nano /etc/selinux/config

    SELINUX=disabled

 

Increase PHP Memory Limit: Edit /etc/php.ini (or the configuration file for your PHP installation) and set:

memory_limit = 512M
opcache.enable=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.revalidate_freq=1
opcache.validate_timestamps=1

Nextcloud Installation

# Download and extract Nextcloud
cd /tmp
wget https://download.nextcloud.com/server/releases/latest.tar.bz2
tar -xjf latest.tar.bz2 -C /var/www/html/

# Set permissions
sudo chown -R apache:apache /var/www/html/nextcloud
sudo chmod -R 755 /var/www/html/nextcloud

# Restart Apache
sudo systemctl restart httpd

MariaDB Configuration

# Secure MariaDB installation
sudo mysql_secure_installation

# Create Nextcloud database and user
sudo mysql -u root -p
CREATE DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
CREATE USER 'nxtcloudspiffy'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nxtcloudspiffy'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Verify the Configuration After creating the user:

  • Ensure you can log in as the 

    nxtcloudspiffy

    user:

    mysql -u nxtcloudspiffy -p

  • Check access to the 

    nextcloud

    database:

    USE nextcloud;
SHOW TABLES;

Restart MariaDB and Apache Restart the services to ensure everything works smoothly:

sudo systemctl restart mariadb
sudo systemctl restart httpd

 

Correct Directories

  • MariaDB Data Directory: /var/lib/mysql/ (Default location where MariaDB stores its database files.)
  • Nextcloud Data Directory: Typically, /var/www/html/nextcloud/data (This is where Nextcloud stores user files and other application data.)

Steps to Confirm or Correct

  1. Ensure MariaDB's data directory is set to /var/lib/mysql/:

    • This is the default location and does not need to be explicitly configured unless it was moved.
    • Check datadir in /etc/my.cnf or /etc/my.cnf.d/ if you want to confirm.

  2. Ensure Nextcloud's data directory points to /var/www/html/nextcloud/data:

    • When setting up Nextcloud, make sure this path is correct during the installation (either in the web installer or the config.php file).

  3. Permissions:

    • For MariaDB:

      sudo chown -R mysql:mysql /var/lib/mysql
sudo chmod 700 /var/lib/mysql

    • For Nextcloud:

      sudo mkdir /var/www/html/nextcloud/data
sudo chown -R apache:apache /var/www/html/nextcloud/data
sudo chmod 750 /var/www/html/nextcloud/data

Confirm Your Configuration

If you intended to point Nextcloud's data to /var/lib/mysql/, that is incorrect and needs to be adjusted to /var/www/html/nextcloud/data. Let me know if you want help updating any of this.

 

Restart MariaDB and Apache Restart the services to ensure everything works smoothly:

sudo systemctl restart mariadb
sudo systemctl restart httpd

Update PHP

 

1. Check Installed PHP Versions

php -v

If you're on PHP 8.0, you need to upgrade to PHP 8.1 or higher.

2. Install PHP 8.1 or 8.2

For AlmaLinux or CentOS 9 Stream

This version of Nextcloud requires at least PHP 8.1
You are currently running 8.0.30. Please update your PHP version.

  1. Enable the Remi repository:

    sudo dnf install -y epel-release
sudo dnf install -y https://rpms.remirepo.net/enterprise/remi-release-9.rpm
sudo dnf module reset php -y
sudo dnf module enable php:remi-8.2 -y  # For PHP 8.2

  2. Install PHP 8.1:

    sudo dnf install -y php php-mysqlnd php-dom php-gd php-intl php-mbstring php-xml php-zip php-cli php-json php-pdo php-posix

3. Verify PHP Version

Check if PHP was updated correctly:

php -v

 

Restart MariaDB and Apache

Restart the services to ensure everything works smoothly:

sudo systemctl restart mariadb
sudo systemctl restart httpd

 

 

Run the Nextcloud Installer

Reattempt the Nextcloud web installer or use the CLI installer with the correct credentials.

 

 

Next Steps

  1. Run the Nextcloud Web Installer or CLI Installer You can now proceed to set up Nextcloud. Use either the web installer or the command-line installer:

    Web Installer

    • Access Nextcloud in your browser by navigating to http://your-server-ip/nextcloud.

    • Enter the admin credentials you want, along with the database details:

      • Database User: nxtcloudspiffy
      • Database Password: The password you set earlier
      • Database Name: nextcloud
      • Host: localhost

    CLI Installer Run the following command:

    sudo -u apache php occ maintenance:install \
  --database "mysql" \
  --database-name "nextcloud" \
  --database-user "nxtcloudspiffy" \
  --database-pass "H0m0#smp#fag" \
  --admin-user "spiffy" \
  --admin-pass "H0m0-smp-fag"

  2. Verify Table Creation Once the installer completes, the SHOW TABLES; command will return the list of tables Nextcloud has created in the database.

Testing Nextcloud

  1. Access Nextcloud in the browser (http://your-ip/nextcloud).

  2. Enter the database credentials:

    • Database User: nxtcloudspiffy
    • Database Password: password
    • Database Name: nextcloud
    • Host: localhost
Scroll to Top