Nextcloud on the PI
This page is outdated. You'll find newer tutorials elsewhere
This page is based on these websites:
http://unixetc.co.uk/2016/11/20/simple-nextcloud-installation-on-raspberry-pi/
https://hallard.me/enable-ssl-for-apache-server-in-5-minutes/
Give the PI a fixed IP address
So first off we need to give the Pi a fix IP address we do this by editting the network interfaces file
sudo nano /etc/network/interfaces
Once open we need to make the file look like this (your IP address might be different)
auto eth0
iface eth0 inet static
address 192.168.178.80
gateway 192.168.178.1
netmask 255.255.255.0
network 192.168.178.0
broadcast 192.168.178.255
The file then needs to be saved by pressing ctrl o and ctrl x to exit
once exited the networking need to be restarted
sudo /etc/init.d/networking restart
Install Apache Web Server
Log into your Pi, either directly or through ssh from another system. I am using ssh, but vnc could do the job as well if you prefer a graphical shell.. Update the software sources as follows.
sudo apt-get updatesudo apt-get upgrade
Install the Apache web server:
sudo apt-get install apache2
When asked if you want to continue, type “y” for “yes”. Apache will be installed along with a number of other packages.
In a browser, surf to the IP address of your Raspberry Pi. If you see a page entitled “Apache 2 Debian Default Page”, then Apache is running correctly on the Raspberry Pi. For example, my Pi is using IP address 192.168.178.80 . So I start a browser on my PC and surf to http://192.168.178.80 . Alternatively, if you are using the Pi’s graphical desktop, you could start a browser directly on the Pi, eg. Chromium.
Install PHP5 and Associated Packages
Nextcloud requires PHP 5 MySQL and few other packages. Install them as follows.
We are going to install Apache with SSL, PHP5, PHP APC which will load pages faster
sudo apt-get install php5 php5-json php5-gd php5-sqlite sqlite mysql-server curl libcurl3 libcurl4-openssl-dev php5-curl php5-gd php5-cgi php-pear php5-dev build-essential libpcre3-dev php5 libapache2-mod-php5 php-apc gparted
The software will be installed, along with other dependent packages.
EDIT
To install PHP 7 from Mati75's repository (for Debian Jessie):
1. Add the following lines to your sources file (/etc/apt/sources.list):
deb http://repozytorium.mati75.eu/raspbian jessie-backports main contrib non-free #deb-src http://repozytorium.mati75.eu/raspbian jessie-backports main contrib non-free
2. Add repository public key
gpg --keyserver pgpkeys.mit.edu --recv-key CCD91D6111A06851 gpg --armor --export CCD91D6111A06851 | apt-key add -
3. Run APT update
apt-get update
4. Install PHP 7
apt-get install php7.0 php7.0-opcache
In addition you'll likely need other extensions for db access and more, they are prefixed as php7.0-xx. For installing a web server like Nginx you can follow tutorials such as Bolting on PHP with PHP-FPM. Obviously php5 packages will be php7.0 packages instead, but otherwise Debian and Ubuntu tutorials work fine with Raspbian.
Install MySQL
Next we’re going to install the actual MySQL server by typing:
sudo apt-get install mysql-server --fix-missing
I tend to use the –fix-missing flag when installing mysql-server as in the past I’ve found some packages were missing. You should be prompted for a root password:
Choose a secure password, and keep it safe. You will need this later to create additional users for WordPress. You will be prompted to confirm your password:
Once you’ve confirmed your password, MySQL server should finish installing and the service should start.
Now we need to install a couple of extra packages, php5-mysql and mysql-client. The php5-mysql package allows connections to be made to MySQL Server through PHP, and mysql-client allows us to connect to our local MySQL server through the CLI:
sudo apt-get install mysql-client php5-mysql
Restart Apache
Restart the web server now with:
sudo service apache2 restart
The command restarts Apache, but does not print out any messages.
Enabling SSL
You can use NextCloud over plain HTTP, but we strongly encourage you to use SSL/TLS to encrypt all of your server traffic, and to protect user’s logins and data in transit.
Apache installed comes already set-up with a simple self-signed certificate. All you have to do is to enable the ssl module and the default site. Open a terminal and run:
sudo a2enmod ssl sudo service apache2 restart
sudo a2ensite default-ssl sudo service apache2 reload
Install Nextcloud
Okay, the system is ready for Nextcloud to be installed.
Surf to the Nextcloud download page. At the top left is a section entitled “Get Nextcloud Server”. Click in the “Download” button just below that. A popup window opens. Click on the big blue “Download Nextcloud” button. Download the .zip file. Then copy it to the Raspberry Pi.
Alternatively (quicker), get the file on one step with this command on your Pi:
wget https://download.nextcloud.com/server/releases/nextcloud-13.0.0.zip
At the time of writing (14th february 2018), the latest version of Nextcloud is 13.0.0. The version, and the link to download it, may change by the time you read this article.
Now move the Nextcloud package into place and unpack it:
sudo mv nextcloud-13.0.8.zip /var/www/html
cd /var/www/html
sudo unzip -q nextcloud-13.0.0.zip
Create the Data Directory
You must create a “data” folder for Nextcloud and set permissions. We will put the data in /var/nextcloud/data, because it is a secure location. Proceed as follows.
sudo mkdir -p /var/www/html/nextcloud/data
sudo chown www-data:www-data /var/www/html/nextcloud/data
sudo chmod 750 /var/www/html/nextcloud/data
Check the new directory with ls. You should see output like this, although of course your date and time will be different:
ls -ld /var/www/html/nextcloud/data
drwxr-x--- 2 www-data www-data 4096 Nov 20 14:41 /var/www/html/nextcloud/data
Set Directory Owners
Next, set the correct ownerships on Nextcloud “config” and “apps” directories:
cd /var/www/html/nextcloud
sudo chown www-data:www-data config apps
Create a Login for Nextcloud
In a browser, surf to your new Nextcloud web page. Use the URL:
http://your Pis IP address/nextcloud
For example, the address of my Pi is 192.168.178.80. So I go the the URL:http://192.168.178.80/nextcloud
You should see a mostly dark blue login page. In the middle is a “Performance Warning” about SQLite. Ignore that or choose mariaDB which has a better performance.
If you choose the second, make root the database user and nextcloud the database name.
Near the top it says “Create an admin account”. Think of a user name and password and type them into the boxes provided. Then click on the “Finish Setup” button.
…Wait for a couple of minutes while Nextcloud competes the installation. During this time, Nextcloud creates more files and directories in our data directory, and it puts a database in there too.
Hey Presto! After a after a short delay, you should see the Nextcloud intro page with the slogan “a safe home for all your data”. Click the cross at the top right of the dialogue to dismiss it. You should now be looking at the main Nextcloud “Files” page. There you can see a couple of folders, a Nextcloud MP4 video file, and a PDF Manual.
Conclusion
That is the end of the procedure for installing Nextcloud. Your Nextcloud installation should now be fully working. I hope this guide was easy to follow and not too long or fiddly.
Below is a procedure for securing the Nextcloud data directory. I highly recommend it, especially if you are planning to make Nextcloud files accessible from the Internet. After that are instructions for increasing the Nextcloud upload limit.
Secure the Nextcloud Data Directory
It is highly recommended to make Nextcloud more secure by moving the “data” directory to a secure location. Let’s move it to /var/nextcloud/data. That will prevent any unauthorized users from accidentally gaining access through the web browser.
Move the data directory:
sudo mkdir -p /var/nextcloud
sudo mv -v /var/www/html/nextcloud/data /var/nextcloud/data
Configure the new data location into Nextcloud. Using nano or another editor of your choice, edit the configuration file. Make a backup copy first, just in case there is a mistake with the edit:
cd /var/www/html/nextcloud/config
sudo cp -p config.php config.php.org
sudo nano config.php
Change this line:
'datadirectory' => '/var/www/html/nextcloud/data',
to this:
'datadirectory' => '/var/nextcloud/data',
Be careful not to delete the comma at the end of the line. Save the file and exit the editor.
Now, in the browser, refresh the Nextcloud web page. You should see the same files and folders as before. That completes the securing of the Nextcloud data.
Increase the Nextcloud Upload File Limit
Upload a file to Nextcloud as follows. Click on the square button containing a plus sign (“+”) near the top of the page. A drop down menu appears. Choose the first menu item, “Upload”, and select a file. The file will be transferred and you should see it appear in the Nextcloud list of files. However, if the file was more than 2 MB in size, it will not upload. Instead a message will appear at the top of the screen – “Error uploading file “filename”: Total file size XX MB exceeds upload limit 2 MB”.
By default, the maximum size of file that can be uploaded is 2 MB, which is not enough for many people, Increase it as follows.
Edit the file /etc/php5/apache2/php.ini. You can use the “nano” editor, or another if you prefer:
sudo vi /etc/php5/apache2/php.ini
Change these two lines:
post_max_size = 8M
upload_max_filesize = 2M
to:
post_max_size = 100M
upload_max_filesize = 100M
or whatever you would like the limit to be and save the file. Note: if you are having difficulty finding these settings in the file, use your editor’s search facility. In nano, you can search, then typing what you are searching for, such as “post_max_size”, then pressing enter.
Restart Apache:
sudo service apache2 restart
And refresh your browser page. The upload limit should have increased to 100 megabytes, which you can verify by trying another upload, as above.
Enable SSL for apache server in 5 minutes
What need to be in place ?
You need to already have apache server running on http port 80 (or whatever) and when you try to go to your website you should have the well know page
It works!
This is the default web page for this server.
The web server software is running but no content has been added, yet.
Once this is ok, just go to your server with ssh
What do to ?
Ok let’s start where we will put the certificates (in /etc/apache2/ssl)
In a Terminal:
1
sudo mkdir /etc/apache2/ssl
now we generate the certicates, for 33 years (10095 days) under the folder we created above.
In a Terminal:
that will show the following, and ask you some questions.
1
sudo openssl req -x509 -nodes -days 10095 -newkey rsa:2048 -out /etc/apache2/ssl/server.crt -keyout /etc/apache2/ssl/server.key
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Generating a 2048 bit RSA private key
............................................+++
.....................+++
writing new private key to '/etc/apache2/ssl/server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Utrecht
Locality Name (eg, city) []:Soest
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Fakename
Organizational Unit Name (eg, section) []:Computers
Common Name (e.g. server FQDN or YOUR name) []:nextcloud.domain.com
Email Address []:nextclouddomain@email.com
The most important, is the Common Name, it should match the internet name FQDN
Now we install the SSL mod for apache, this instruction pre configure the file /etc/apache2/ports.conf with some line and the important one that say Listen 443
In a Terminal:
We put the default-ssl site available creating a symbolic link
In a Terminal:
In a Terminal:
and we change the two lines relative to SSLCertificate as follow :
gksu leafpad /etc/apache2/sites-enabled/000-default-ssl
SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key
1
1
1
sudo a2enmod ssl
sudo ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/000-default-ssl.conf
sudo nano /etc/apache2/sites-enabled/000-default-ssl.conf
1
2
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key
Now restart apache server
In a Terminal:
now you can go with your favorite browser, in my example https://nextcloud.deomain.com, the browser will warn you because it is a self signed certificate, but if you accept it you will now have the same famous “It works!” but with encryption. To avoid warning by browser, you can add the certificate to Trusted Root Certificate Authority of your computer.
The nextcloud database should be reachable now bij ssl.
1
sudo /etc/init.d/apache2 restart