How to install Nextcloud on Raspberry Pi

How to install Nextcloud on Raspberry Pi

Install operating system image

Follow these instructions to write an image of raspbian or raspnian-lite Stretch to the SD card.

Access Pi

Pi terminal can be accessed either directly or using a console cable.

Configure Pi

• Setup hostname, timezone, chnage password and enable ssh
• Configure networking

Get updates

sudo apt-get update && sudo apt-get upgrade

Setup firewall

• Install Uncomplicated Firewall (ufw)

sudo apt-get install ufw

• Allow access to port 80 from local subnet

sudo ufw allow from 192.168.178.0/24 to any port 80 proto tcp

• Allow access to port 443 from local subnet

sudo ufw allow from 192.168.178.0/24 to any port 80 proto tcp

• If you intent to access the Pi over ssh, allow access to port 22 from local subnet

sudo ufw allow from 192.168.178.0/24 to any port 22 proto tcp

Note: Replace the IP with the IP of your subnet. To allow all sources, just drop the ‘from’ option.

Install Apache and PHP

• Install Apache

sudo apt-get install apache2

• Install PHP

sudo apt-get install libapache2-mod-php php7.0 php7.0-xml php7.0 php7.0-cgi php7.0-cli php7.0-gd php7.0-curl php7.0-zip php7.0-mysql php7.0-mbstring wget unzip -y

• Restart Apache

sudo /etc/init.d/apache2 restart

• Add necessary modules

a2enmod rewrite
a2enmod headers
a2enmod env
a2enmod dir
a2enmod mime

Install and configure MariaDB

• Install MariaDB

sudo apt-get install mariadb-server

• Secure MariaDB

sudo mysql_secure_installation

Create Nextcloud database

• Log in to MariaDB

sudo mysql 

• Create database

CREATE DATABASE nextcloud;

• Create user

CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY '<password>';

Note: Replace password with a strong secret.

• Grant nextcloud user access to the nextcloud database

GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost';

• Flush privileges

FLUSH PRIVILEGES;

Mount external drive for Nextdata data directory

• Create directory to mount the external drive

sudo mkdir /media/nextdata

• Change the owner of the Nextcloud data directory to Apache

sudo chown -R www-data:www-data /media/nextdata

• Connect and mount external drive(formatted as ext4) and note the UUID

sudo blkid

• Append the following line to /etc/fstab to mount the drive on boot

UUUID=<>       /media/nextdata auto    nosuid,nodev,nofail     0       0

• Apply new changes from /etc/fstab

sudo mount -a

Install Nextcloud

• Download Nextcloud

wget https://download.nextcloud.com/server/releases/latest.zip

• Uncompress zip

unzip latest.zip

• Move Nextcloud to Apache web root directory

sudo mv nextcloud /var/www/

• Change ownership of the Nextcloud directory

sudo chown -R www-data:www-data /var/www/nextcloud

• Create Apache virtual host for Nextcloud

sudo vim /etc/apache2/sites-available/nextcloud.conf

and add the following lines:

<VirtualHost *:80>
    DocumentRoot "/var/www/nextcloud"
    ServerName <pi-ip-address>
</VirtualHost>

Note: Replace <pi-hostname> with the hostname of your Pi.

• Disable default site

sudo a2dissite 000-default

• Add Nextcloud virtual host

a2ensite nextcloud

• Restart Apache

sudo /etc/init.d/apache2 restart

Nextcloud initial setup

Point your browser to http://<pi-ip-address>/ and complete the initial setup

• Configure the data folder: /media/nextdata
• Configure database:
  • Database user: nextcloud
  • Database password: <password>
  • Database name: nextcloud

Enable HTTPS

• Create self-signed certicifate

sudo openssl req -x509 -nodes -days 1149 -newkey rsa:2048 -keyout /etc/ssl/private/apache-nextcloud.key -out /etc/ssl/certs/apache-nextcloud.crt

• Add virtual host and redirect http traffic to https

Modify /etc/apache2/sites-enabled/nextcloud.conf to look like follows:

Alias /nextcloud "/var/www/nextcloud/"

<Directory /var/www/nextcloud/>
  Options +FollowSymlinks
  AllowOverride All

 <IfModule mod_dav.c>
  Dav off
 </IfModule>

 SetEnv HOME /var/www/nextcloud
 SetEnv HTTP_HOME /var/www/nextcloud

</Directory>

<VirtualHost *:80>
    DocumentRoot "/var/www/nextcloud"
    ServerName <pi-hostname>
    Redirect permanent / https://<pi-hostname>/
</VirtualHost>

<VirtualHost *:443>
    DocumentRoot "/var/www/nextcloud"
    ServerName <pi-hostname>
    <IfModule mod_headers.c>
        Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
    </IfModule>
    SSLEngine on
    SSLOptions +StrictRequire
    SSLCertificateFile /etc/ssl/certs/apache-nextcloud.crt
    SSLCertificateKeyFile /etc/ssl/private/apache-nextcloud.key
</VirtualHost>

• Add hostname to trusted domains

Add <pi-hostname> to trusted domains array in /var/www/nextcloud/config/config.php

...
  'trusted_domains' => 
  array (
    0 => '192.168.178.42',
    1 => '<pi-hostname>'
  ),
...

Note: <pi-hostname> with the hostname of your Pi.

• Restart Apache

sudo /etc/init.d/apache2 restart

• Login to Nextcloud

Point your browser to https://<pi-hostname>/nextcloud

Configure CalDAV and CardDAV redirect

• Redirect CalDAV and CardDAV requests

Append the following lines to /etc/apache2/sites-enabled/nextcloud.conf

Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav

• Restart Apache

sudo /etc/init.d/apache2 restart