Nextcloud - Installation and set-up guides

Table of Contents

Steps

Get a VM from a cloud provider

  1. Get a VM from a cloud provider
    1. Oracle Cloud
    2. Linode
  2. Make sure that the memory size (RAM) is decent. Don’t expect Nextcloud to run on a 1 GB instance.

System requirements

https://github.com/nextcloud/all-in-one/discussions/1335

General recommendations for the best performance

Since AIO is pretty much as optimized as it gets, it is mostly an infrastructural question how fast your Nextcloud performs. In general: much helps much.

General recommendations

  1. Use SSD storage for everything and no HDD storage and especially no SD-cards or network storage like NFS or SMB (however all are fine as backup storage)
  2. Run Docker and AIO not in a VM but directly on the server (e.g. Docker Desktop needs 4GB+ additional RAM in comparison to a normal Linux server running Docker).
  3. Deactivate all optional containers and Nextcloud apps that you do not really need
  4. For faster previews, it is recommended to set up the preview generator app in order to pre-generate previews
  5. Do not use Cloudflare (Proxy or Tunnel) as it potentially slows down things by a lot and introduces a lot of problems: https://github.com/nextcloud/all-in-one#notes-on-cloudflare-proxytunnel

Additional recommendations, based on Nextcloud’s user count and enabled containers

  1. Have 1 vCore per active user (plus the base system requirement of AIO depending on the enabled containers which is mentioned in the AIO interface)
  2. Have 1GB RAM per active user (plus the base system requirement of AIO depending on the enabled containers which is mentioned in the AIO interface)

Add an A record to update the domain name - wherever you bought your domain name.

  1. Add an A record to update the domain name - wherever you bought your domain name. See Domain Name System

Set-up the instance for Nextcloud

ssh into the machine

  1. ssh into the machine
    1. To use an existing private key inline you need to select the identity file path with the parameter -i as follows: 
      ssh -i '/path/to/keyfile' ubuntu@ip-address-of-the-machine
    2. If you used your computer’s keys while creating the instance 
      ssh ubuntu@ip-address-of-the-machine

  • Setting up a custom user

    Based on the cloud provider, we may be able to login only with the usernames provided by those providers. (ssh ubuntu@ocinextclouduser will not work with Oracle Cloud). So, this step may not be helpful/required.

    1. Add a new user. Only root can do this. So, run the command as “sudo”. 
      adduser ocinextclouduser
    2. Add this user to the sudo users 
      usermod -aG sudo ocinextclouduser
      Again, run this as “sudo”.
    3. Exit and ssh into the machine as the new user.

  • Upgrade the machine

    1. Upgrade the machine. 
      sudo apt update && sudo apt upgrade

  • Set up hostname

    1. Change hostname 
      sudo vim /etc/hostname
      Add this to the file and delete whatever is in it. 
      nextcloud.explorer436.com
    2. Set timezone correctly 
      # To see current settings
timedatectl

# To see all available timezones
timedatectl list-timezones

# To set a specific timezone
sudo timedatectl set-timezone America/New_York
    3. Roboot the machine 
      sudo reboot

  • Open up the ports

    1. Open up the ports. Look at the documentation to see which ports nextcloud uses: https://github.com/nextcloud/all-in-one 
      sudo ufw enable
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 8080/tcp
sudo ufw allow 8443/tcp
sudo ufw allow 3478
      You can check the status with 
      sudo ufw status

ssh into the machine using subdomain name

  1. ssh into the machine again (using the subdomain name)

    ssh -i '/path/to/keyfile' ubuntu@nextcloud.explorer436.com

ssh ubuntu@nextcloud.explorer436.com

    If you see an error similar to this:

    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
[...].
Please contact your system administrator.
Add correct host key in /home/sward/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/sward/.ssh/known_hosts:86
RSA host key for [...] has changed and you have requested strict checking.
Host key verification failed.

    either delete the ./ssh/knownhosts and ./ssh/knownhosts.old files or

    1. get the rsa key of your server, where server_ip is your server’s IP address, such as 192.168.2.1: 
      $ ssh-keyscan -t rsa server_ip
Sample response:

# server_ip SSH-2.0-OpenSSH_4.3
server_ip ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwH5EXZG...
    2. and on the client, copy the entire response line server_ip ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwH5EXZG…, and add this key to the bottom of your ~/.ssh/known_hosts file:

  2. Disable logging into the machine as root.

    Do this only after confirming that we can login to the machine using the subdomain name.

    sudo vim /etc/ssh/sshd_config
PermitRootLogin no
sudo systemctl restart sshd

Docker setup for Nextcloud

  1. Install docker (https://github.com/nextcloud/all-in-one) 
    curl -fsSL https://get.docker.com | sudo sh
  2. Install nextcloud using aio (https://github.com/nextcloud/all-in-one). Run the docker command.
  3. Open a browser and type this and hit enter: https://nextcloud.explorer436.com:8443
    1. It should bring up “Nextcloud AIO setup” page.
    2. Copy the Password. Do not lose it.
  4. Click on login and paste the password.
  5. How to re-obtain/retreive the Nextcloud AIO passphrase? If Nextcloud asks for the login phrase before showing the “setup” page, or if you have somehow lost the passphrase that is used for the AIO interface, you can reobtain it by running: 
    sudo docker exec nextcloud-aio-mastercontainer grep password /mnt/docker-aio-config/data/configuration.json

Final Nextcloud setup

  1. Enter the domain name where it asks: nextcloud.explorer436.com and hit “submit”.
    1. If the ports are not opened properly, we will see errors like this. 
      The domain is not reachable on Port 443 from within this container. Have you opened port 443/tcp in your router/firewall? If yes is the problem most likely that the router or firewall forbids local access to your domain. You can work around that by setting up a local DNS-server.
      If we need to skip domain validation, see this: https://github.com/nextcloud/all-in-one#how-to-skip-the-domain-validation
  2. Change your preferences. Save them. And start the containers.
    1. This step can take a while. Longer than 10 minutes.
  3. Checking the status 
    ubuntu@nextcloud:~$ docker ps
CONTAINER ID   IMAGE                              COMMAND                  CREATED          STATUS                             PORTS                                                                                                                               NAMES
645fbe3b91ee   nextcloud/aio-notify-push:latest   "/start.sh"              44 seconds ago   Up 42 seconds (healthy)                                                                                                                                                nextcloud-aio-notify-push
fe9ea4e50a71   nextcloud/aio-nextcloud:latest     "/start.sh /usr/bin/…"   50 seconds ago   Up 49 seconds (health: starting)   9000/tcp                                                                                                                            nextcloud-aio-nextcloud
56799d1a7bca   nextcloud/aio-imaginary:latest     "/start.sh"              3 minutes ago    Up 3 minutes (healthy)                                                                                                                                                 nextcloud-aio-imaginary
c1a5a5d56320   nextcloud/aio-redis:latest         "/start.sh"              4 minutes ago    Up 4 minutes (healthy)             6379/tcp                                                                                                                            nextcloud-aio-redis
28cdee809dac   nextcloud/aio-postgresql:latest    "/start.sh"              4 minutes ago    Up 4 minutes (healthy)             5432/tcp                                                                                                                            nextcloud-aio-database
7d72b52434af   nextcloud/all-in-one:latest        "/start.sh"              7 minutes ago    Up 7 minutes (healthy)             0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp, 0.0.0.0:8443->8443/tcp, :::8443->8443/tcp, 9000/tcp   nextcloud-aio-mastercontainer
  4. Take note of the initial login credentials.
    1. Initial Nextcloud username: admin
    2. Initial Nextcloud password: pwd
  5. Login to nextcloud: https://nextcloud.explorer436.com/apps/dashboard/
  6. To look at the containers: https://nextcloud.explorer436.com:8443/containers

Troubleshooting

If something goes wrong, there is no need to get rid of the instance. We should just be able to clean up docker and start-over again.

Downsides to using hestia control panel.

It seems to be installing a few things that it wants. Apache server is one of them. Nextcloud also tries to install Apache and it is causing a conflict of port numbers.

Set up guides

  1. https://www.youtube.com/watch?v=iBODItwRFvU

  2. https://www.youtube.com/watch?v=Nh2-LjIymmQ

  3. https://help.nextcloud.com/t/how-do-you-self-host-nextcloud/160553

  4. https://www.reddit.com/r/NextCloud/comments/ufghyz/the_best_way_to_setup_a_self_hosted_nextcloud/

  5. This guy makes killer guides for Nextcloud, he seems to be translating them to English now too. https://www.c-rieger.de/nextcloud-installationsanleitung/ - the translated one doesn’t look at all current, though, but you can keep the above page up in one window, and a Google machine translated one next to it (if you’re cutting and pasting commands, do so from the German-language page just in case): https://www-c--rieger-de.translate.goog/nextcloud-installationsanleitung/?_x_tr_sl=auto&_x_tr_tl=en

  6. https://github.com/nextcloud/all-in-one

  7. https://docs.nextcloud.com/server/latest/admin_manual/contents.html

  8. https://www.atlantic.net/dedicated-server-hosting/how-to-install-nextcloud-on-arch-linux/

Configuring https for the domain name

  1. Install certbot and use it to configure https for the domain name.

    certbot

Links to this note