Setting up NextCloud on Ubuntu 22

These are my notes on setting up NextCloud on Ubuntu 22. There are optional steps for setting up a self-signed SSL certificate or a certificate from letsencrypt.org. If you do not use SSL immediately, disable the https redirect in the Apache configuration file. These instruction assume that MyNextCloud.com and www.MyNextCloud.com properly resolve to a valid/routable IP address for your server.

Install Apache web server, PHP and MariaDB:

sudo apt install apache2
sudo systemctl enable apache2
sudo systemctl start apache2
sudo apt-get install php php-cli php-common php-imap php-redis php-snmp \
  php-xml php-zip php-mbstring php-curl php-gd php-mysql -y
sudo apt install mariadb-server -y
sudo systemctl start mariadb
sudo systemctl enable mariadb

At this point it’s a good idea to set the MariaDB root password. I’ll assume the password is “MyDBrootPass”:

sudo mysql --user=root --password=MyDBrootPass

From the SQL prompt, run the following SQL commands to create the new database and a new database user (don’t use the DB root account for NextCloud!):

CREATE DATABASE NextCloudDB;
GRANT ALL PRIVILEGES ON NextCloudDB.* TO 'NextCloudUser'@'localhost' IDENTIFIED BY 'NextCloudPassword';
FLUSH PRIVILEGES;
exit;

Copy the NextCloud files to the server:

sudo mkdir -p /var/www/www.MyNextCloud.com/html
sudo mkdir -p /var/www/www.MyNextCloud.com/log
sudo mkdir -p /var/www/www.MyNextCloud.com/ssl
cd /var/www/www.MyNextCloud.com/html
sudo wget https://download.nextcloud.com/server/releases/latest.tar.bz2
sudo bunzip2 -d latest.tar.bz2
sudo tar -xf latest.tar
sudo rm -f latest.tar
mv nextcloud/* .
mv nextcloud/.* .
rmdir nextcloud/

Now, we’ll go ahead and configure Apache to run this website. It’s probably easiest to use nano to create a configuration file like I’m going to suggest below, but there are other ways of doing this (different editors, different ways of configuring websites in Apache, etc.). But let’s create and edit a new website configuration using nano:

sudo nano /etc/apache2/sites-available/www.MyNextCloud.com.conf

This will open the nano editor with no content. I’m electing to forward port 80/HTTP to port 443 HTTPS and leaving some currently-unused configuration items for HTTP in case I need to troubleshoot later. I’m also making some assumptions about the original directory structure and location of files, which will vary from website to website, and should be modified as needed. Add the following text to www.MyNextCloud.com.conf:

<VirtualHost *:80>
  ServerName www.MyNextCloud.com
  ServerAlias MyNextCloud.com
  Redirect permanent / https://www.MyNextCloud.com/
  ServerAdmin MyUser@MyDomain.com  
  DocumentRoot /var/www/www.MyNextCloud.com/html
  <Directory /var/www/www.MyNextCloud.com/html/>
    Require all granted
    Options FollowSymlinks MultiViews
    AllowOverride All
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
  </Directory>
  ErrorLog /var/www/www.MyNextCloud.com/log/error_log
  CustomLog /var/www/www.MyNextCloud.com/log/access_log common
</VirtualHost>
<VirtualHost *:443>
  ServerName www.MyNextCloud.com
  ServerAlias MyNextCloud.com
  DocumentRoot /var/www/www.MyNextCloud.com/html
  ServerAdmin MyUser@MyDomain.com
  <Directory /var/www/www.MyNextCloud.com/html/>
    Require all granted
    Options FollowSymlinks MultiViews
    AllowOverride All
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
  </Directory>
  ErrorLog /var/www/www.MyNextCloud.com/log/error_log
  CustomLog /var/www/www.MyNextCloud.com/log/access_log common
  <IfModule mod_ssl.c>
    SSLEngine on
    SSLCertificateFile /var/www/www.MyNextCloud.com/ssl/www.MyNextCloud.com.cert.pem
    SSLCertificateKeyFile /var/www/www.MyNextCloud.com/ssl/www.MyNextCloud.com.key.pem
</IfModule>
</VirtualHost>

Optional: create a self-signed SSL certificate:

cd ~
openssl req -x509 -newkey rsa:2048 -keyout www.MyNextCloud.com.key.pem -out www.MyNextCloud.com.cert.pem -days 365 -nodes -subj '/CN=www.MyNextCloud.com'
sudo mv www.MyNextCloud.com.* /var/www/www.MyNextCloud.com/ssl/
sudo chown -R www-data:www-data /var/www/www.MyNextCloud.com

Optional: use a letsencrypt.org SSL certificate:

sudo snap install core
sudo snap refresh core
sudo apt-get remove certbot
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --apache

You may need to associate the routable IP with the domain in the /etc/hosts file

sudo nano /etc/hosts

/etc/hosts additional line (change 99.99.99.99 to the routable IP address):

99.99.99.99 www.MyNextCloud.com

You may need to add the server name to apache2.conf:

sudo nano /etc/apache2/apache2.conf

/etc/apache2/apache2.conf add line to top:

ServerName www.MyNextCloud.com

Now we can enable the site and restart Apache (run these one at a time and stop to fix any reported issues before continuing to the next command):

sudo a2ensite www.MyNextCloud.com.conf
sudo a2enmod rewrite
sudo a2enmod ssl
apachectl -t
sudo systemctl restart apache2

At this point, you should be able to test the site by going to MyNextCloud.com in a web browser. Apache should immediately attempt to forward to https://www.MyNextCloud.com (assuming you copied over valid SSL certificates) and you should be prompted by NextCloud to complete the rest of the setup. NextCloud will need the database name, username, and password that you setup in previous steps.