In this tutorial we’ll be installing the latest version of NextCloud (15 at the time of writing) on an Ubuntu 18.04 server, with Nginx and PHP7.3. We’ll also secure our NextCloud installation with free SSL/TLS certificates provided by Let’s Encrypt.

NextCloud is a free and open-source self-hosted cloud storage solution, that’s a fork of ownCloud. Not only is NextCloud a free and great alternative to many of the paid cloud storage services. It not only features file storage, but also calendar and contacts, secure video and audio calls, website creation and hosting and collaborative document viewing and editing.

Having said that, let’s get to installing it.

Prerequisites

Before installing NextCloud, do consider that we assume the following:

Having those requirements fulfilled, we can proceed to going through the steps of installing the latest version of NextCloud. At the time of writing, the latest version is NextCloud 15.

Step 1 – Download NextCloud 15 on Ubuntu 18.04

To download NextCloud 15 on your Ubuntu 18.04 server, change into the /tmp folder, to keep things clean, and use wget to download the archive:

NOTE: At the time of writing, the latest version is NextCloud 15. To download the latest version go to https://nextcloud.com/install/#instructions-server and retrieve the download link for NextCloud.

With the archive downloaded, now unzip it. We’ll also attempt to install unzip, in case you don’t have it installed already. The -d switch specifies the target directory, so the archive will be extracted in /var/www/html/nextcloud:

Now we’ll have to change the owner of /var/www/html/nextcloud so that Nginx can write to it:

Step 2 – Install PHP Require Modules

NextCloud requires additional PHP modules. To install them, run the following command:

Step 3 – Create User & Database for NextCloud

NextCloud will need a database and a user to access it. To create them, first log into MariaDB. Since MariaDB now uses the unix_socket authentication plugin for login, you don’t need to enter the root password:

NOTE: If you’re using MySQL then just use sudo mysql

Now you should be logged in.

Next, create a database for NextCloud. You can name it whatever you want, but in this tutorial we’ll name it nextcloud_db. To create the database, run the following command:

Create the database user and give it a password. Name it whatever you’d like and give it what password you prefer, but in this tutorial we’ll call it nextcloud_user and assign it the password _C@stl3br@n:

Grant all privileges to nextcloud_user to nextcloud_db:

Finally flush privileges and exit:

Step 4 – Configure Nginx for NextCloud

Next, we’ll create the configuration file to serve NextCloud.

First, use your favorite text editor to open a file in /etc/nginx/sites-available/. I prefer to name it nextcloud , but you can name it whatever you want:

Now add the following contents, replacing nextcloud.dracula.host with your own domain/subdomain. Additionally, please don’t forget to set an A record for your chosen domain to point at your server.

NOTE: If you had chosen a different location for NextCloud, then you should also adjust the path to the root of your installation in this file. Basically replace /var/www/html/nextcloud/ with where you installed NextCloud.

Save and close the file when you’re done.

After configuring the server block above, enable it by creating a symbolic link of it into /etc/nginx/sites-enabled/ using the following command:

Test the Nginx configuration to be sure everything is in order and reload Nginx for the changes to take effect:

Step 5 – Enable SSL for NextCloud

At this point you’ve installed NextCloud on your Ubuntu 18.04 server, but the connection is not secure.

If you visit the domain for your NextCloud installation and you’ll be greeted by the install wizard, but you’ll notice the your browser saying your connection isn’t secure:

nextcloud_not_secured

For this reason, let’s go through one last step before finalizing the installation.

We can obtain free SSL/TLS certificates using Let’s Encrypt. We can easily do this by using the client provided by Let’s Encrypt, called certbot. You can install certbot on Ubuntu 18.04 by running the following command:

That command installed certbot along with the Nginx plugin python3-certbot-nginx.

To obtain a free SSL/TLS certificate from Let’s Encrypt for our domain, run the following command, replacing the EMAIL and DOMAIN with your own:

Option explanation:

--nginx – Use the Nginx authenticator and installer

--agree-tos – Agree to the Terms of Service

--redirect – Enable 301 redirection from http:// to https://

--hstsHTTP Strict Transport Security tells the browser to never request content from your site using HTTP

--staple-ocsp – Enable Online Certificate Status Protocol (OCSP) stapling, which is a safe and quick way of determining if an SSL certificate is valid or not.

--email – Your email where you’ll receive emails regarding the status of your certificate, and if you want you can also receive updates from the Electronic Frontier Foundation

-d – The domain for which you’re requesting the certificate. You can add up to 100 domains after it.

After running the command you’ll be asked if you’d like to received emails from the Electronic Frontier Foundation.

Whether you say Y or N your certificate will be obtained and configured for you.

Since are Nginx configuration file is a little too customized from the standard one, certbot didn’t know how to configure redirection (--redirect) and add the HTTP Strict Transport Security headers (--hsts), but we can easily do that ourselves.

Enable HTTPS and HSTS

To do this, we’ll have to edit our Nginx configuration file for NextCloud, that we created earlier, /etc/nginx/sites-available/nextcloud.

Open it up using your favorite text editor:

Next, make the following edits:

  1. First of all, we’ll have to configure redirecting from http to https. To do this, we’ll simply add the following block at the top of the file. Be sure to replace my domain with yours:

    What we’re telling Nginx to do, is whenever someone visites http://nextcloud.dracula.host, to redirect it permanently to https://nextcloud.dracula.host.

  2. Now, in the existing server block, if you scroll all the way to the bottom of the server block, you’ll see a few lines added by certbot, that look something like this:

    To keep things tidy, cut them from there, and move them to the top of the server block, right after server {.

  3. Additionally, under # Add headers to serve security related headers, you can add the --hsts header that certbot failed to add:

  4. Lastly, change listen 443 ssl; to listen 443 ssl http2 to enable HTTP/2.

In case the last few instructions are confusing, here’s how you’ll want the file to look, replacing dracula.host with your own domain, and replacing /var/www/html/nextcloud/ in case you changed the path to your NextCloud installation.

When you’re done save and close the file.

Now test Nginx to be sure everything is OK and there are no conflicts and then reload Nginx for the changes to take effect:

Now visit your NextCloud domain and you should see that it’s a secured:

ssl_setup_nextcloud

Additionally, you can check how well we configured SSL, by testing your domain at SSLabs.

You should get an A+:

nextcloud_sslabs_ssl_test_a+

Step 6 – Complete NextCloud Installation

Now we’ve got everything set up to finish installing NextCloud.

Visit your NextCloud domain in your browser and you should be presented with a for to fill:

nextcloud_wizard

Here’s what to do next:

Create an admin account

Here you enter your desired user and password. Be sure to use a strong password, for security reasons.

Data folder

This is where data will be stored. It is considered good practice to set the data directory outside of the NextCloud root directory.

As such, we can create a different directory such as /var/www/html/nextcloud-data:

We then have to make sure that we change the owner so Nginx can write to the folder:

Now you can fill in /var/www/html/nextcloud-data in the Data folder field in the installation form.

Configure the database

Here’s where you’ll fill in your database user, password, and database name, that you created earlier.

If you created the database on the server on which you installed NextCloud, then leave localhost, otherwise, if you’re keeping the database on a different server, replace localhost with the remote database.

Finally, you can click on Finish setup and you’re done!

Conclusion

Well done. Hopefully, you’ve succeeded in installing NextCloud on your Ubuntu 18.04 server with Nginx, PHP7.3 and Let’s Encrypt SSL/TLS free certificates, and you now have your own elegant Dropbox solution.

If you’ve encountered any issues, feel free to let us know in the comment section or by contacting us via email or social media.