Install NextCloud on Ubuntu Server 16.04: Difference between revisions

From ICO wiki
Jump to navigationJump to search
Ebarrier (talk | contribs)
Ebarrier (talk | contribs)
Line 62: Line 62:
<code>systemctl status mariadb</code>
<code>systemctl status mariadb</code>
IMAGE
IMAGE


- Next we run the secure installation wizard of MariaDB:  
- Next we run the secure installation wizard of MariaDB:  
Line 69: Line 68:
The second question asks wether you want to change the root password or not. You decide.
The second question asks wether you want to change the root password or not. You decide.
For all next questions, press Enter ("Yes" by default).
For all next questions, press Enter ("Yes" by default).
- We already create a dedicated user and database which will be used by nextcloud during its installation.
By creating a dedicated user, we avoid to enter the root password later (for security reasons).
First enter MariaDB with administrative as root:
<code>mysql -u root -p</code>
When prompted, enter the root password (we told you to remember it!).
The create the database (define your own database name; "nextcloud" as for example):
<code>CREATE DATABASE nextcloud;</code>
Then create a user with its password (define both your own; "arold" and "salakala" in our example respectively) and grant all rights to it to the newly created database ("nextcloud" in our example).
<code>GRANT ALL ON nextcloud.* to 'arold'@'localhost' IDENTIFIED BY 'salakala';</code>


- We install all the other tools we need (Apache2 web server, PHP 7 and its modules):
- We install all the other tools we need (Apache2 web server, PHP 7 and its modules):
Line 91: Line 107:
<code>cp -r nextcloud /var/www</code>
<code>cp -r nextcloud /var/www</code>


- To make the application more secure, Nextcloud provides a script which sets strict directory permissions.
- We create the file ''/etc/apache2/sites-available/nextcloud.conf'' with the following content:
<pre>
Alias /nextcloud "/var/www/nextcloud/"
 
<Directory /var/www/nextcloud/>
  Options +FollowSymlinks
  AllowOverride All
 
  <IfModule mod_dav.c>
    Dav off
  </IfModule>
 
  SetEnv HOME /var/www/nextcloud
  SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
</pre>
 
This configuration makes the Nextcloud web application available at the address http://''yourdomain''/nextcloud
 
Then enable this configuration file: <code>a2ensite nextcloud</code>
 
- Make sure the following Apache modules are enabled:
<pre>
a2enmod rewrite
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime
</pre>
 
- We can also already enable the SSL module and its default site configuration:
<pre>
a2enmod ssl
a2ensite default-ssl
</pre>
 
- As you can see on the screenshot below, Nextcloud is visible in a browser but Apache needs to access its directory.
<code>chown -R www-data:www-data /var/www/nextcloud/</code>
IMAGE
 
- Finally restart the Apache server to apply all these changes: <code>service apache2 restart</code>
 
- At the address http://yourdomainorip/nextcloud you should see the screen below.
For "Create an admin account
 
- If you get a message similar to :
<pre>
An unhandled exception has been thrown: exception ‘PDOException’ with message
'SQLSTATE[HY000]: General error: 1665 Cannot execute statement: impossible to
write to binary log since BINLOG_FORMAT = STATEMENT and at least one table
uses a storage engine limited to row-based logging. InnoDB is limited to
row-logging when transaction isolation level is READ COMMITTED or READ
UNCOMMITTED.'
</pre>
 
You must uncomment and change the line BINLOG_FORMAT = ROW in the database config file (/etc/mysql/my.cnf) and set its value to BINLOG_FORMAT = MIXED.
Then restart the MariaDB: <code>systemctl restart mariadb</code>
 
- Finally, to make the application more secure, Nextcloud provides a script which sets strict directory permissions.
'''This step must be done once Nextcloud has been installed otherwise some permissions will not be as recommended (https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#strong-perms-label).'''
 
Create a file </code>nano /tmp/nextcloud.sh</code>
Create a file </code>nano /tmp/nextcloud.sh</code>


Line 145: Line 221:
chmod/chown .htaccess
chmod/chown .htaccess
</pre>
</pre>
- We create the file ''/etc/apache2/sites-available/nextcloud.conf'' with the following content:
<pre>
Alias /nextcloud "/var/www/nextcloud/"
<Directory /var/www/nextcloud/>
  Options +FollowSymlinks
  AllowOverride All
  <IfModule mod_dav.c>
    Dav off
  </IfModule>
  SetEnv HOME /var/www/nextcloud
  SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
</pre>
This configuration makes the Nextcloud web application available at the address http://''yourdomain''/nextcloud
Then enable this configuration file: <code>a2ensite nextcloud</code>
- Make sure the following Apache modules are enabled:
<pre>
a2enmod rewrite
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime
</pre>
- We can also already enable the SSL module and its default site configuration:
<pre>
a2enmod ssl
a2ensite default-ssl
</pre>
- As you can see on the screenshot below, Nextcloud is visible in a browser but Apache needs to access its directory.
<code>chown -R www-data:www-data /var/www/nextcloud/</code>
- Finally restart the Apache server to apply all these changes: <code>service apache2 restart</code>
- If you get a message similar to :
<pre>
An unhandled exception has been thrown: exception ‘PDOException’ with message
'SQLSTATE[HY000]: General error: 1665 Cannot execute statement: impossible to
write to binary log since BINLOG_FORMAT = STATEMENT and at least one table
uses a storage engine limited to row-based logging. InnoDB is limited to
row-logging when transaction isolation level is READ COMMITTED or READ
UNCOMMITTED.'
</pre>
You must uncomment and change the line BINLOG_FORMAT = ROW in the database config file (/etc/mysql/my.cnf) and set its value to BINLOG_FORMAT = MIXED.
Then restart the MariaDB: <code>systemctl restart mariadb</code>


Stop at "Additional Apache Configurations" (a2enmod mime).
Stop at "Additional Apache Configurations" (a2enmod mime).

Revision as of 21:31, 27 February 2017

Author: Etienne Barrier

Last modified: 07.02.2017

Install guestadditions for ubuntu server: http://askubuntu.com/questions/22743/how-do-i-install-guest-additions-in-a-virtualbox-vm?noredirect=1&lq=1 Purge MariaDB: http://askubuntu.com/questions/703123/mariadb-10-1-server-wont-start-after-update

Preliminary notes

This tutorial shows how to install NextCloud on Ubuntu 16.04 LTS Server, using MariaDB (as for database) and Apache 2 (as for webserver).

This tutorial does NOT show:

  • how to install/configure databases other than MariaDB (although MySQL can be considered the sane)
  • how to install/configure webservers other than Apache2 (for example Nginx)
  • how to use NextCloud

It is assumed that you are already familiar with the basics of Linux command line terminal commands. But this tutorial is made so that you can copy paste the commands to your terminal.

Tools' versions used in this tutorial:

  • Nextcloud (version: 11.0.1)
  • Ubuntu 16.04.1 LTS (Xenial)
  • MariaDB (version: 10.1.21)
  • Apache 2 (version: 2.4.xxxx)
  • Php (version 7.0)

Depending on the versions you use, the commands and/or the path shown in this tutorial might be different.

All commands in this tutorial are made as root. You must be root or be able to use "sudo" command to install and configure Nextcloud.

The version of Nextcloud used (version 11) is referred as “Nextcloud” across the tutorial.

This tutorial is based on the following tutorials:

For any comments, please write to ebarrier {at] itcollege [dot) ee.

What is the final state this tutorial reaches?

This tutorial's objective is to have Nextcloud installed on a Ubuntu server using the aforementioned tools. The installation of tools will be done from the command line. The installation of Nextcloud will be done from the web interface. Netcloud will be accessible from the main page of the webserver and https protocol will be enabled.

From the tutorial above:

- To install MariaDB: First we import the key to the package repository and we add it to the package source list (added in /etc/apt/source.list).

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
sudo add-apt-repository 'deb [arch=amd64] http://ftp.eenet.ee/pub/mariadb/repo/10.1/ubuntu xenial main'

Then we update the package list and we install mariadb.

sudo apt update
sudo apt install mariadb-server

When the wizard asks whether to set up a root password, it is important to set it and to remember it!

When the installation finished we check that MariaDB is running. systemctl status mariadb IMAGE

- Next we run the secure installation wizard of MariaDB: mysql_secure_installation The first question of the wizard is to enter the root password that you have chosen for mariadb. Enter it. The second question asks wether you want to change the root password or not. You decide. For all next questions, press Enter ("Yes" by default).

- We already create a dedicated user and database which will be used by nextcloud during its installation. By creating a dedicated user, we avoid to enter the root password later (for security reasons).

First enter MariaDB with administrative as root:

mysql -u root -p

When prompted, enter the root password (we told you to remember it!).

The create the database (define your own database name; "nextcloud" as for example):

CREATE DATABASE nextcloud;

Then create a user with its password (define both your own; "arold" and "salakala" in our example respectively) and grant all rights to it to the newly created database ("nextcloud" in our example).

GRANT ALL ON nextcloud.* to 'arold'@'localhost' IDENTIFIED BY 'salakala';

- We install all the other tools we need (Apache2 web server, PHP 7 and its modules):

apt-get install apache2 libapache2-mod-php7.0 php7.0-gd php7.0-json php7.0-mysql php7.0-curl php7.0-mbstring php7.0-intl php7.0-mcrypt php-imagick php7.0-xml php7.0-zip

- To download the archive use wget: wget https://download.nextcloud.com/server/releases/nextcloud-version.file-extension Check from [1] the exact link's target to use. Example wget https://download.nextcloud.com/server/releases/nextcloud-11.0.1.zip

- To download the checksum file the same way: wget https://download.nextcloud.com/server/releases/nextcloud-version.file-extension.sha256

- Check that the archive match the checksum file. sha256sum -c nextcloud-version.file-extension.sha256 < nextcloud-version.file-extension If it matches, the terminal will display "OK".

- Extract the archive depending on its extension: tar -xjf nextcloud-x.y.z.tar.bz2 or unzip nextcloud-x.y.z.zip This will extract one single directory called "nextcloud".

- This extracted directory will be used by the webserver. As for Apache, we can copy it to /var/www (document root of Apache). cp -r nextcloud /var/www

- We create the file /etc/apache2/sites-available/nextcloud.conf with the following content:

Alias /nextcloud "/var/www/nextcloud/"

<Directory /var/www/nextcloud/>
  Options +FollowSymlinks
  AllowOverride All

  <IfModule mod_dav.c>
    Dav off
  </IfModule>

  SetEnv HOME /var/www/nextcloud
  SetEnv HTTP_HOME /var/www/nextcloud
</Directory>

This configuration makes the Nextcloud web application available at the address http://yourdomain/nextcloud

Then enable this configuration file: a2ensite nextcloud

- Make sure the following Apache modules are enabled:

a2enmod rewrite
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime

- We can also already enable the SSL module and its default site configuration:

a2enmod ssl
a2ensite default-ssl

- As you can see on the screenshot below, Nextcloud is visible in a browser but Apache needs to access its directory. chown -R www-data:www-data /var/www/nextcloud/ IMAGE

- Finally restart the Apache server to apply all these changes: service apache2 restart

- At the address http://yourdomainorip/nextcloud you should see the screen below. For "Create an admin account

- If you get a message similar to :

An unhandled exception has been thrown: exception ‘PDOException’ with message
'SQLSTATE[HY000]: General error: 1665 Cannot execute statement: impossible to
write to binary log since BINLOG_FORMAT = STATEMENT and at least one table
uses a storage engine limited to row-based logging. InnoDB is limited to
row-logging when transaction isolation level is READ COMMITTED or READ
UNCOMMITTED.'

You must uncomment and change the line BINLOG_FORMAT = ROW in the database config file (/etc/mysql/my.cnf) and set its value to BINLOG_FORMAT = MIXED. Then restart the MariaDB: systemctl restart mariadb

- Finally, to make the application more secure, Nextcloud provides a script which sets strict directory permissions. This step must be done once Nextcloud has been installed otherwise some permissions will not be as recommended (https://docs.nextcloud.com/server/11/admin_manual/installation/installation_wizard.html#strong-perms-label).

Create a file nano /tmp/nextcloud.sh

Copy and paste the following code into the file.

#!/bin/bash
ocpath='/var/www/nextcloud'
htuser='www-data'
htgroup='www-data'
rootuser='root'

printf "Creating possible missing Directories\n"
mkdir -p $ocpath/data
mkdir -p $ocpath/assets
mkdir -p $ocpath/updater

printf "chmod Files and Directories\n"
find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640
find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750
chmod 755 ${ocpath}

printf "chown Directories\n"
chown -R ${rootuser}:${htgroup} ${ocpath}/
chown -R ${htuser}:${htgroup} ${ocpath}/apps/
chown -R ${htuser}:${htgroup} ${ocpath}/assets/
chown -R ${htuser}:${htgroup} ${ocpath}/config/
chown -R ${htuser}:${htgroup} ${ocpath}/data/
chown -R ${htuser}:${htgroup} ${ocpath}/themes/
chown -R ${htuser}:${htgroup} ${ocpath}/updater/

chmod +x ${ocpath}/occ

printf "chmod/chown .htaccess\n"
if [ -f ${ocpath}/.htaccess ]
 then
  chmod 0644 ${ocpath}/.htaccess
  chown ${rootuser}:${htgroup} ${ocpath}/.htaccess
fi
if [ -f ${ocpath}/data/.htaccess ]
 then
  chmod 0644 ${ocpath}/data/.htaccess
  chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess
fi

Then run it: bash /tmp/nextcloud.sh

You should see the following output

Creating possible missing Directories
chmod Files and Directories
chown Directories
chmod/chown .htaccess

Stop at "Additional Apache Configurations" (a2enmod mime).