Setup Nextcloud 19.0.4 on Fedora 32
-
Been a while, but I had a need to set up a new instance. I went with Nextcloud 19.0.4 because I will be migrating another Nextcloud 19.0.4 instance that is running on CentOS 7 to this new instance on Fedora 32.
Let's get right to it. Like my more recent guides, I will make use of environment variables. This means you cannot close out your terminal session until this is complete, or you will have to wipe the instance and start from scratch.
Admin user username for the Web interface
# Obviously, change this to the admin username you want. export ADMIN_USER='guiadmin'
Admin user password for the web interface
# If you do not want a random password, put somthing here that you want. export ADMIN_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24)"
I highly recommend not changing anything else unless you know what you are doing.
Root password for MariaDB
export DB_ROOT_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24)"
Database name to use for application
export DB_NAME='nextcloud'
Database user to use for application
export DB_USER='nc_user'
Generate a random password for the nextcloud database user
export DB_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24)"
The location to install nextcloud (it will be a subfolder of this)
export WWW_PATH='/var/www/html'
The subfolder nextcloud will be named
export APP_FOLDER='nextcloud'
The full path the data folder will be located
If you know what you are doing and will have the data on another disk, I still recommend mounting said disk to this location.
export DATA_PATH=$WWW_PATH/$APP_FOLDER'/data'
I broke out all of the package installs by what they are for.
I feel this helps with the learning/understanding for someone following this guide.
These could just be one long command line.
Optional Management Packages
# These are tools I use on pretty much every Fedora instance # Configuration of them, if required, is not covered here. sudo dnf install -y nano sysstat glances htop dnf-automatic
Required Packages
sudo dnf install -y httpd mariadb mariadb-server php wget policycoreutils-python-utils tar bzip2 mod_ssl
Required PHP Packages
sudo dnf install -y php-common php-gd php-json php-xml php-mbstring php-process php-pecl-zip
Required PHP Package for MariaDB backend
sudo dnf install -y php-mysqlnd
Optional Redis Cache
sudo dnf install -y redis php-pecl-redis5
Optional PHP Packages, mostly to clear warnings in dashboard.
See official guide for sub-systems that actually use these
sudo dnf install -y php-pecl-imagick php-bcmath php-gmp php-intl
Create the root directory to extract nextcloud into
sudo mkdir -p $WWW_PATH/$APP_FOLDER
Get NextCloud
wget https://download.nextcloud.com/server/releases/nextcloud-19.0.4.tar.bz2
Extract NextCloud
sudo tar xvf nextcloud-19.0.4.tar.bz2 --strip-components 1 -C $WWW_PATH/$APP_FOLDER
Remove the downloaded file
rm *.bz2
Create the data directory
sudo mkdir -p $DATA_PATH
Set ownership of the app and data folders to the http user
sudo chown apache:apache -R $WWW_PATH/$APP_FOLDER sudo chown apache:apache $DATA_PATH
Create the nextcloud apache config file
sudo tee -a /etc/httpd/conf.d/nextcloud.conf > /dev/null << EOF Alias /nextcloud "/var/www/html/nextcloud/" <Directory "/var/www/html/nextcloud"> Options +FollowSymLinks AllowOverride All <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/html/nextcloud SetEnv HTTP_HOME /var/www/html/nextcloud </Directory> <Directory "/var/www/nextcloud/data/"> # just in case if .htaccess gets disabled Require all denied </Directory> <IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" </IfModule> EOF
Open the firewall for https only
sudo firewall-cmd --add-service=https --permanent sudo firewall-cmd --reload
Start mariadb and set to start on boot
sudo systemctl enable --now mariadb
Start redis (used for memcache)
sudo systemctl enable --now redis
Create Database and user with session variables
sudo mysql -e "CREATE DATABASE $DB_NAME;" sudo mysql -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';" sudo mysql -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost';" sudo mysql -e "FLUSH PRIVILEGES;"
Secure MariaDB (this does what mysql_secure_installation performs without interaction)
sudo mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" sudo mysql -e "DELETE FROM mysql.user WHERE User='';" sudo mysql -e "FLUSH PRIVILEGES;" sudo mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '$DB_ROOT_PASS';"
Allow the webserver to send email and connect to the network
sudo setsebool -P httpd_can_sendmail 1 sudo setsebool -P httpd_can_network_connect 1
Set SELinux HTTPD_RW on app and data folders so the GUI based updater can run
sudo semanage fcontext -a -t httpd_sys_rw_content_t "${WWW_PATH}/${APP_FOLDER}(/.*)?" sudo semanage fcontext -a -t httpd_sys_rw_content_t "${DATA_PATH}(/.*)?" sudo restorecon -FR $WWW_PATH/$APP_FOLDER sudo restorecon -FR $DATA_PATH
If your data folder is a subfolder of the root (default for this guide), you will see this error. That is normal.
ValueError: File context for /var/www/html/nextcloud/data(/.*)? already defined
Update PHP memory limit
sudo sed -i -e 's/memory_limit.*/memory_limit = 512M/' /etc/php.ini
Install the instance
sudo -u apache php $WWW_PATH/$APP_FOLDER/occ maintenance:install --database "mysql" --database-name $DB_NAME --database-user $DB_USER --database-pass $DB_PASS --admin-user $ADMIN_USER --admin-pass $ADMIN_PASS --data-dir $DATA_PATH
Mark the ip address as a trusted host
sudo -u apache php $WWW_PATH/$APP_FOLDER/occ config:system:set trusted_domains 1 --value=$(ip a sh | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p')
Remove the last line of the nextcloud config file
sudo sed -i -e '$d' $WWW_PATH/$APP_FOLDER/config/config.php
Append the Pretty URL setting and force SSL
sudo tee -a $WWW_PATH/$APP_FOLDER/config/config.php > /dev/null << EOF 'htaccess.RewriteBase' => '/', 'overwriteprotocol' => 'https', EOF
Append the redis cache settings
sudo tee -a $WWW_PATH/$APP_FOLDER/config/config.php > /dev/null << EOF 'memcache.locking' => '\\OC\\Memcache\\Redis', 'memcache.local' => '\\OC\\Memcache\\Redis', 'redis' => array ( 'host' => 'localhost', 'port' => 6379, ), ); EOF
Update Apache's document root.
sudo sed -i 's#\(^DocumentRoot\).*$#\1 "'$WWW_PATH/$APP_FOLDER\"# /etc/httpd/conf/httpd.conf
Update the .htaccess file
sudo -u apache php $WWW_PATH/$APP_FOLDER/occ maintenance:update:htaccess
Start Apache and enable for reboot.
sudo systemctl enable --now httpd
Update the PHP Opcache config
# maybe not needed anymore, only this setting is different than default sudo sed -i -e 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=1/' /etc/php.d/10-opcache.ini; sudo systemctl restart php-fpm
Create a file with the setup information used.
cat >> setup.info << EOF MySql Database Name : $DB_NAME Database User : $DB_USER Database User Password : $DB_PASS Database Root Password : $DB_ROOT_PASS GUI Admin User : $ADMIN_USER GUI Admin User Password : $ADMIN_PASS EOF
Your installation is now complete.
A record of random passwords was saved to ~/setup.info"
Or run this to see your GUI log in credentials.echo "GUI Login: $ADMIN_USER / $ADMIN_PASS"
In the settings overview, you should see this after log in.
-
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
session variables
What is that? I think you mean environment variables?
-
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
session variables
What is that? I think you mean environment variables?
Yes. But I will almost 100% call them session variables. Similar to how I will almost 100% type
doe snot
when I want to saydoes not
. I type that sooo much. -
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
session variables
What is that? I think you mean environment variables?
Yes. But I will almost 100% call them session variables. Similar to how I will almost 100% type
doe snot
when I want to saydoes not
. I type that sooo much.Yeah, I understand what you mean.
BTW, what does the now switch do here?
sudo systemctl enable --now mariadb
Isn't this enough?
sudo systemctl enable mariadb
-
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
session variables
What is that? I think you mean environment variables?
Yes. But I will almost 100% call them session variables. Similar to how I will almost 100% type
doe snot
when I want to saydoes not
. I type that sooo much.Yeah, I understand what you mean.
BTW, what does the now switch do here?
sudo systemctl enable --now mariadb
Isn't this enough?
sudo systemctl enable mariadb
Been a while since I checked, but
enable
alone did not start the service. The--now
switch starts it while enabling it to start on boot.
Basically the same assystemctl start mariadb systemctl enable mariadb
-
Think you need some more sudo in the "Update the PHP Opcache config" section.
And I think you need to be root to create conf files under apache as well:
"Create the nextcloud apache config file" section -
Note to all, I have not yet ran though my instructions in one go. This is basically a copy paste of them as I built up the server.
I'll wipe it tomorrow and do it again to make sure the instructions are solid.
-
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
And I think you need to be root to create conf files under apache as well:
"Create the nextcloud apache config file" sectionNo, because it is created in the local folder and then moved and permissions fixed.
Because you cannot
sudo cat >> /restricted/folder/fuck.conf << EOF
-
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
Note to all, I have not yet ran though my instructions in one go. This is basically a copy paste of them as I built up the server.
I'll wipe it tomorrow and do it again to make sure the instructions are solid.
Well, you did great work anyway. It takes a lot of time to make instructions.
-
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
Because you cannot sudo cat >> /restricted/folder/fuck.conf << EOF
I wouldn't know. I just go root and go to work. I'm too lazy to type sudo a hundred times. Probably frowned upon but I don't care.
-
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
Because you cannot sudo cat >> /restricted/folder/fuck.conf << EOF
I wouldn't know. I just go root and go to work. I'm too lazy to type sudo a hundred times. Probably frowned upon but I don't care.
I'm so used to typing sudo, I type it even when I
sudo su -
into root. -
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
Because you cannot sudo cat >> /restricted/folder/fuck.conf << EOF
I wouldn't know. I just go root and go to work. I'm too lazy to type sudo a hundred times. Probably frowned upon but I don't care.
I'm so used to typing sudo, I type it even when I
sudo su -
into root.I've used debian a lot and sudo isn't even installed by default. Well, in a minimal install that is.
-
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
I've used debian a lot and sudo isn't even installed by default. Well, in a minimal install that is.
Yeah, I learned that when I setup my current Unifi and UNMS controllers.
I run those on Debian, and no matter the OS, I always do minimal installs for server instances.
-
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
@Pete-S said in Setup Nextcloud 19.0.4 on Fedora 32:
And I think you need to be root to create conf files under apache as well:
"Create the nextcloud apache config file" sectionNo, because it is created in the local folder and then moved and permissions fixed.
Because you cannot
sudo cat >> /restricted/folder/fuck.conf << EOF
Using
sudo
withtee
works well.sudo tee -a config.php <<EOF 'memcache.locking' => '\\OC\\Memcache\\Redis', 'memcache.local' => '\\OC\\Memcache\\Redis', 'redis' => array ( 'host' => 'localhost', 'port' => 6379, ), ); EOF
-
@black3dynamite said in Setup Nextcloud 19.0.4 on Fedora 32:
Using
sudo
withtee
works well.I'll try that when I redo the install.
I know I tried
tee
a couple years ago and things did not work right. I might have just screwed up the syntax, causing my own problems. -
@black3dynamite said in Setup Nextcloud 19.0.4 on Fedora 32:
Using
sudo
withtee
works well.Yeah, that works for the apache vhost file, and will work with the nextcloud config file once I work out what to do instead of
head -n 1
for that. -
ok fixed. thanks.
sed '$d'
for the win there. -
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
ok fixed. thanks.
sed '$d'
for the win there.Nice! I was about to post that command.
-
@black3dynamite since you are better with
sed
than I am... Or at least better with Google and the man pages than I am..How can I fix this to use the environment variables instead of manual.
This is part of the next step to use the "pretty URL" as it is called.
It works fine like this.sudo sed -i -e 's/\(^DocumentRoot\s*\).*$/\1"\/var\/www\/html\/nextcloud"/' /etc/httpd/conf/httpd.conf
But I want it to use the above
$WWW_PATH
and$APP_FOLDER
variables. -
@JaredBusch said in Setup Nextcloud 19.0.4 on Fedora 32:
@black3dynamite since you are better with
sed
than I am... Or at least better with Google and the man pages than I am..How can I fix this to use the environment variables instead of manual.
This is part of the next step to use the "pretty URL" as it is called.
It works fine like this.sudo sed -i -e 's/\(^DocumentRoot\s*\).*$/\1"\/var\/www\/html\/nextcloud"/' /etc/httpd/conf/httpd.conf
But I want it to use the above
$WWW_PATH
and$APP_FOLDER
variables.What does the line do exactly?
Sets theDocumentRoot
parameter to/var/www/html/nextcloud
?What does$WWW_PATH
and$APP_FOLDER
contain?
Ah, the first post says:/var/www/html
andnextcloud