How to Install NextCloud on Ubuntu 18.04 with Nginx (LEMP Stack)

This tutorial will be showing you how to install NextCloud on Ubuntu 18.04 LTS with Nginx. As you may probably know, NextCloud is a free open-source self-hosted cloud storage solution that is forked from ownCloud. At the time of this writing, the latest stable version is NextCloud 13.0.2, which is compatible with PHP7.2.

Prerequisites

To follow this tutorial, you first need to install LEMP stack on Ubuntu 18.04. If you haven’t already done so, please check out the following tutorial.

Optionally, if you want to create database from phpMyAdmin, you can follow the tutorial below to install phpMyAdmin on Ubuntu 18.04 with LEMP.

Now let’s install NextCloud.

Step 1: Download NextCloud 13 on Ubuntu 18.04

Login into your Ubuntu 18.04 server. Then download the NextCloud zip archive onto your server. The latest stable version is 13.0.2 at time of this writing. You may need to change the version number. Go to https://nextcloud.com/install and click the download button to see the latest version.

ubuntu 18.04 nextcloud

You can run the following command to download it on your server.

wget https://download.nextcloud.com/server/releases/nextcloud-13.0.2.zip

Once downloaded, extract the archive with unzip.

sudo apt install unzip

sudo unzip nextcloud-13.0.2.zip -d /usr/share/nginx/

The -d option specifies the target directory. NextCloud web files will be extracted to /usr/share/nginx/nextcloud/.  Then we need to change the owner of this directory to www-data so that the web server (Nginx) can write to this directory.

sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R

Step 2: Create a Database and User in MariaDB

Log into MariaDB database server with the following command. Since MariaDB is now using unix_socket plugin to authentication user login, there’s no need to enter MariaDB root password. We just need to prefix the mysql command with sudo.

sudo mysql

Alternatively, you can also use this command to login.

sudo mariadb

Then create a database for Nextcloud. This tutorial name the database nextcloud. You can use whatever name you like.

create database nextcloud;

Create the database user. Again, you can use your preferred name for this user. Replace your-password with your preferred password.

create user nextclouduser@localhost identified by 'your-password';

Grant this user all privileges on the nextcloud database.

grant all privileges on nextcloud.* to nextclouduser@localhost identified by 'your-password';

Flush privileges and exit.

flush privileges;

exit;

Step 3: Create a Nginx Config File for Nextcloud

Create a nextcloud.conf file in /etc/nginx/conf.d/ directory.

sudo nano /etc/nginx/conf.d/nextcloud.conf

Put the following text into the file. Replace the red-colored text with your actual data. Don’t forget to set A record for the domain name.

server {
    listen 80;
    server_name nextcloud.your-domain.com;

    # Add headers to serve security related headers
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

    #This header is already set in PHP, so it is commented out here.
    #add_header X-Frame-Options "SAMEORIGIN";

    # Path to the root of your installation
    root /usr/share/nginx/nextcloud/;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;

    location = /.well-known/carddav {
        return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
       return 301 $scheme://$host/remote.php/dav;
    }

    location ~ /.well-known/acme-challenge {
      allow all;
    }

    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;

    # Disable gzip to avoid the removal of the ETag header
    gzip off;

    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;

    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    location / {
       rewrite ^ /index.php$uri;
    }

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
       deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
       deny all;
     }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
       include fastcgi_params;
       fastcgi_split_path_info ^(.+\.php)(/.*)$;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param PATH_INFO $fastcgi_path_info;
       #Avoid sending the security headers twice
       fastcgi_param modHeadersAvailable true;
       fastcgi_param front_controller_active true;
       fastcgi_pass unix:/run/php/php7.2-fpm.sock;
       fastcgi_intercept_errors on;
       fastcgi_request_buffering off;
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
       try_files $uri/ =404;
       index index.php;
    }

    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=7200";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        # Optional: Don't log access to assets
        access_log off;
   }

   location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log off;
   }
}

Save and close the file. Test Nginx configuration, then reload Nginx for the changes to take effect.

sudo nginx -t

sudo systemctl reload nginx

Step 4: Install and Enable PHP Modules

Run the following commands to install PHP modules required or recommended by NextCloud.

sudo apt install php-imagick php7.2-common php7.2-gd php7.2-json php7.2-curl  php7.2-zip php7.2-xml php7.2-mbstring php7.2-bz2 php7.2-intl

Step 5: Enable HTTPS

Now you can access the Nextcloud web install wizard in your browser by entering the domain name for your Nextcloud installation.

nextcloud.your-domain.com

ubuntu 18.04 nextcloud nginx

If the web page can’t load, you probably need to open port 80 in firewall.

sudo iptables -I INPUT -p tcp --dport 80 -j ACCEPT

And port 443 as well.

sudo iptables -I INPUT -p tcp --dport 443 -j ACCEPT

Before entering any sensitive information, we should enable secure HTTPS connection on Nextcloud. We can obtain a free TLS certificate from Let’s Encrypt. Install Let’s Encrypt client (certbot) from Ubuntu 18.04 repository.

sudo apt install certbot python3-certbot-nginx

Python-certbot-nginx is the Nginx plugin. Next, run the following command to obtain a free TLS certificate using the Nginx plugin.

sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email your-email-address -d nextcloud.your-domain.com

Explanation:

  • –nginx: Use the Nginx authenticator and installer
  • –agree-tos: Agree to Let’s Encrypt terms of service
  • –redirect: Add 301 redirect.
  • –hsts: Add the Strict-Transport-Security header to every HTTP response.
  • –staple-ocsp: Enables OCSP Stapling.
  • -d flag is followed by a list of domain names, separated by comma. You can add up to 100 domain names.
  • –email: Email used for registration and recovery contact.

You will be asked if you want to receive emails from EFF(Electronic Frontier Foundation). After choosing Y or N, your TLS certificate will be automatically obtained and configured for you, which is indicated by the message below.

ubuntu 18.04 nextcloud 13

The Nginx plugin is not smart enough to handle such complex configuration file. It failed to redirect HTTP to HTTPS and the HSTS header wasn’t added. We can open the configuration file and enabled these two feature manually.

sudo nano /etc/nginx/conf.d/nextcloud.conf

To redirect HTTP to HTTPS, your Nginx configuration file needs to include a 301 redirect like below.

server {
    listen 80;
    server_name nextcloud.linuxbabe.com;
    return 301 https://nextcloud.linuxbabe.com$request_uri;
}

server {
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/nextcloud.linuxbabe.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/nextcloud.linuxbabe.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ......  
    ......
    remaining configurations
    ......
}

We can then add the following line in the ssl server block to enable HSTS header.

add_header Strict-Transport-Security "max-age=31536000" always;

Also, you can enable HTTP2 protocol by adding the option http2.

listen 443 ssl http2; # managed by Certbot

Here’s part of the configurations on my server.

nextcloud 13 ubuntu 18.04 LEMP stack

Save and close the file. Then text Nginx configurations.

sudo nginx -t

If the test is successful, reload Nginx for the change to take effect.

sudo systemctl reload nginx

The above configuation will get A+ score on SSL test.

install nextcloud 13 ubuntu 18.04

Finish the Installation in your Web Browser

Now you can access the Nextcloud web install wizard using HTTPS connection. To complete the installation, you need to create an admin account, enter the path of Nextcloud data folder, enter database details created earlier. You can use the default localhost as host address, or you can enter localhost:3306, as MariaDB listens on port 3306.

The data folder is where users’ files are stored. For security, it’s best to place the data directory outside of Nextcloud web root. So instead of storing users’ files under /usr/share/nginx/nextcloud/data/, we can change it to /usr/share/nginx/nextcloud-data. which can be created with the following command:

sudo mkdir /usr/share/nginx/nextcloud-data

Then make sure Nginx user (www-data) has write permission to the data directory.

sudo chown www-data:www-data /usr/share/nginx/nextcloud-data -R

nextcloud ubuntu 18.04 install guide

Once it’s done, you will see the Web interface of Nextcloud. Congrats! You can start using it as your private cloud storage.

setup nextcloud ubuntu nginx

How to Set up NextCloud Email Notification

If your NextCloud instance will be used by more than one person, it’s important that your NextCloud server can send transactional emails, such as password-resetting email. To configure email settings, go to Settings -> Basic settings. You will find the email server settings.

There are two send modes: sendmail and smtp. You can choose the sendmail mode if your NextCloud host has a SMTP server running.

nextcloud email server

If you would like to use a SMTP server running on another host, then choose smtp mode and enter the login credentials like below.

nextcloud reset password email

For how to set up an email server, please check out the following tutorial:

How to Install NextCloud Client on Ubuntu 18.04 Desktop

The NextCloud team provides an official PPA. Run the following commands on Ubuntu 18.04 desktop to isntall the client.

sudo add-apt-repository ppa:nextcloud-devs/client

sudo apt install nextcloud-client

Note that you don’t need to run sudo apt update anymore in Ubuntu 18.04 when addding PPA. It will run automatically 🙂

ubuntu 18.04 nextcloud ppa

NextCloud Client on Ubuntu 18.04

ubuntu 18.04 nextcloud client

How to Move the Data Directory

In case you need to move the NextCloud data directory, there are 4 steps to accomplish this. First, you need to use the cp command to copy the data directory to the new directory. For example, the mount point of my external hard drive is /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731. I create the new data directory on the external hard drive.

sudo mkdir /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/

Then I copy the original data directory to the new data directory. -R flag means the copy operation is recursive.

sudo cp /usr/share/nginx/nextcloud-data/* /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/ -R

You also need to copy the .ocdata file.

sudo cp /usr/share/nginx/nextcloud-data/.ocdata /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/

Next, you need to set www-data (Nginx user) as the owner.

sudo chown www-data:www-data /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/ -R

Lastly, you need to edit the config.php file.

sudo nano /usr/share/nginx/nextcloud/config/config.php

Find the following line and change the value of datadirectory.

'datadirectory' => '/usr/share/nginx/nextcloud-data',

Save and close the file. Reload NextCloud web page and you are done.

I hope this tutorial helped you install NextCloud 13 on Ubuntu 18.04 server with Nginx. As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care.

Rate this tutorial
[Total: 18 Average: 4.4]

82 Responses to “How to Install NextCloud on Ubuntu 18.04 with Nginx (LEMP Stack)

  • John Doe
    1 year ago

    Great. Thanks !

      • Hi Xiao

        I was just wondering would you to fix the curl not installed error in nextcloud running on apache?
        It happened when I upgraded my ubuntu server 16.04 to ubuntu server 18.04

        Thanks

  • Hello,
    Thank you very much for this well done tutorial. I especially appreciated the way you provided an explanation of what was going to be done at each step before giving the actual code to do it.

    All went smoothly until I got to the security section at step 5. I could not obtain a certificate because I don’t have a publicly registered domain. My server is connected to a private LAN and not exposed to the Internet. My router does dns internally so the server has a host name that is usable. I can get the nextcloud wizard using http:///

    Will the desktop software work if I never use SSL? I really don’t need the security since my LAN is behind a router that does no port forwarding. Thank you in advance for any advice you might offer.

    Regards, Steve W.

    • It should work. But if you are going to sync files when you are away from home, register a domain name and enable HTTPS. I recommend NameCheap because you get whois privacy protection free for life.

  • Hey Linux Babe

    I followed your guide and for only being on Linux for 3 weeks, it worked GREAT!.

    I have two quandaries at this point:

    A: I have installed this setup exactly per your guide on a small 256 NVME ssd @ /usr/share/nginx/nextcloud-data
    as you said. Can i now move this elsewhere? for example an external 2tb ssd? or Internal ssd?
    Can you tell me how i can accomplish to move the data/ or move the location of where i store my actual files such as photos,videos so that i dont fill up my small NVME ssd?

    B: On the nextcloud start page- where username, password, data folder, database user etc etc goes,
    i filled everything out correctly i believe, except for the localhost section. I used the example they gave for this. So i typed “localhost:5432” Is this bad or good. Should i change this?

    Thank you!! im a big fan!

    • Hi Jacob,

      I just added instruction for moving the data directory at the end of this tutorial.

      If you are using MariaDB/MySQL as the database server, you should enter localhost or localhost:3306. 3306 is the port used by MariaDB/MySQL. Port 5432 is used by PostgreSQL database server.

      If you made a mistake, you can always change the port in /usr/share/nginx/nextcloud/config/config.php file. The database configuration is saved like below.

        'dbtype' => 'mysql',
        'version' => '13.0.4.0',
        'dbname' => 'nextcloud',
        'dbhost' => 'localhost',
        'dbport' => '',
        'dbtableprefix' => 'oc_',
      
  • Thanks Xiao!

    Can you tell me if now i have the correct syntax in my config.php?

    https://postimg.cc/image/zfnjy1hr5/

  • Hey, is it possible to use two hdd for storage at the same time?

    • Yes, you can set up RAID 0 to make two physical hdd as one logical hdd. The total disk space is the space of smaller disk * 2.

      If you want redundancy, set up RAID 1 instead.

  • Steve Waisner
    1 year ago

    Hello,
    I have been trying to install Nextcloud on my Ubuntu server attached to my home network for several weeks now and have never gotten past the Wizard. I have not installed security because I will never need to access from the WAN side of my router.
    DNS service is supplied by my dd-wrt router. I’m no expert but it seems to be working because I can ping the various host names and get replies. Even Windows to Ubuntu and the reverse.
    I am following your procedure from an Ubuntu desktop machine ssh into the Ubuntu server. The communication seems to work as always.
    I feel like a dunce that I cannot get this going. I think the problem is my interpretation of the red type, replacing it with the correct interpretation of my actual network.
    In every case I have reloaded Ubuntu Server 18.04 so that I start with a pristine instance running.
    Is there a common mistake made by Linux newbe’s like me that you could mention? Any help would be appreciated.
    Regards,
    Steve W.

  • Steve Waisner
    1 year ago

    Hello,
    Thank you for trying to answer my cryptic question. My problem is in filling in the blanks on the Wizard page. I need to go to at least the step where I can fill in the data folder path. I have given Nginx ownership with sudo chown www-data:www-data /home/nextcloud/data. I previously made that directory on a larger spinning drive. I have always given a user and password in the top two fields of the wizard. At that point should I just click on the “finish” button?

    In the past, once I clicked on finish I seemed to have full control. But, if I closed the web page I couldn’t get back to it. I don’t know the URL to get back there. Can you tell me the URL?

    Thank you for your help and patience.

    Regards,

    Steve

    • In the Wizard, you also need to enter the database name, database username and password. The URL is what you write for server_name in /etc/nginx/conf.d/nextcloud.conf file.

  • jacob ahern
    1 year ago

    Hello again Linux babe- Cheers Xiao!

    I installed using this guide for over 2 months now and works great.
    But i had to delete it because i was gatting errors in nextcloud.

    So i fresh install with your exact same directions here and get the same errors!
    It works but doesnt work good with other clients.

    Can you help me fix these please?

    Error #1

     PHP does not seem to be setup properly to query system environment variables. The test with getenv("PATH") only returns an empty response.
    Please check the installation documentation ↗ for PHP configuration notes and the PHP configuration of your server, especially when using php-fpm.

    Error #2

     The "X-Frame-Options" HTTP header is not set to "SAMEORIGIN". This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.
    • Hi Jacob,

      To enable PHP-FPM query system environment variables, edit the www.conf file.

       sudo nano /etc/php/7.2/fpm/pool.d/www.conf

      And uncomment the following lines. (Remove the beginning semicolons)

      ;env[HOSTNAME] = $HOSTNAME
      ;env[PATH] = /usr/local/bin:/usr/bin:/bin
      ;env[TMP] = /tmp
      ;env[TMPDIR] = /tmp
      ;env[TEMP] = /tmp
      

      Save and close the file. And reload PHP-FPM.

      sudo systemctl reload php7.2-fpm

      I found out that the X-Frame-Options header is already set in PHP, so you need to remove the following line from /etc/nginx/conf.d/nextcloud.conf file.

      add_header X-Frame-Options "SAMEORIGIN";

      After that, reload Nginx.

      sudo systemctl reload nginx
  • Austin
    1 year ago

    Outstanding tutorial, thank you!

  • Thanks for the help again Xiao!!!

    This is the best nextcloud guide on the web!

    One final question:

    I accidentally added or deleted { or } from my conf as im now getting

    pre> nginx: [emerg] unexpected “{” in /etc/nginx/conf.d/nextcloud.conf:114

    these errors.

    I kept adding and deleting these at the end between lines 110 and 120

    What would you recomend to fix this?

    Is the code default to where i could simply copy and past in what is supposed to be there originally?

    Do you think that making a backup of this first is a good idea? Or no?

    Thanks again! Keep up the awesome job!!!!

  • Thanks a lot for the super guide. Really thankfull for you great work.
    I have one problem in step 5, where I get an error when testing the nginx.conf
    ( sudo nginx -t
    nginx: [emerg] a duplicate listen 0.0.0.0:443 in /etc/nginx/conf.d/nextcloud.conf:116
    nginx: configuration file /etc/nginx/nginx.conf test failed)

    Am I doing something wrong here ?

    • Never mind my question.
      Was a error#40 (aka. me being stupid).

  • Hi,

    I am having some problems with the last part of this guide, where I wanna change the data directory.
    The problem is that I am not able to give permissions to the folder that I am changing it to.
    I have a hunch that it might be the other disk’s setup that is causing the problem, but this is my first ubuntu server, so very new to this.
    I have a NTFS disk that I would like to store the data on, but I cannot seem to give the permissions for the www-data user there.
    Can anyone give a hit to why this could be, and how to fix it ?
    Thanks a lot.

    • I have now tried to reinstall the nextcloud, and start over.
      Also changed the harddisk to ext4 instead, so that I was able to set the permissions on the drive.
      I am still not allowed to choose the folder that I created there, as the data folder.
      I get the error:
      Error
      Can’t create or write into the data directory /media/michael/data/nextcloud-data

      Can you help me with this ?

    • Try these two commands:

      sudo mkdir -p /media/micheal/data/nextcloud-data
      
      sudo setfacl -R -m "u:www-data:rwx" /media/micheal/data/nextcloud-data
    • I have just tried the two commands, and it doesn’t do anything 🙁
      I can see that the log shows this entry: “Permission denied at \/usr\/share\/nginx\/nextcloud\/lib\/private\/Setup.php#299”

    • To me it seems that it is not possible to use a location, on another disk as the data location, in the initial setup screen ?
      Is this really correct, or am I misunderstanding something.

  • Micheal,
    when youre at the nextcloud wizard(initial setup screen), put the path of the new place where your data is located in the wizard and do
    sudo chown www-data:www-data /Path to your new nextcloud data folder

  • Hey Xiao,

    The server is working AWESOME!!! Thank you!

    Question about pretty URLS…

    Since this is my setup, the one you wrote, do you have any suggestions on how to get “pretty urls”? as i dont see any place to configure .htaccess in your code or config.

    Some of my urls are very long and ugly!

    Thanks again! Keep up the great work!

  • Fadi Bunni
    11 months ago

    How do you add onlyoffice?

  • Hey Xiao,

    Hi Everyone,

    Would be appreciate if anyone could help me on this.

    ## Internal Server Error

    The server was unable to complete your request.

    If this happens again, please send the technical details below to the server administrator.

    More details can be found in the server log.

    ### Technical details

    * Remote Address: 1xx.xxx.xxx.xxx (my fixed IP)
    * Request ID: YPgcdxWXSoDCYYqq05ZM

  • Hi. Excellent tutorial, thank you!!

    Two questions:

    1.) How to make Certbot automatically renew the certificate? I think that would make a great addition to the tutorial.

    2.) This works well for remote (hosted) servers, but since Nginx uses the host header to determine which website to serve, it doesn’t work well on local networks. Entering the IP address of the server into the browser will lead to the default website, and entering the FQDN leads to the external address. Is it possible to make Nginx listen to multiple alias addresses on the same virtual host? Like “cloud.local”, for example?

    Thanks!

    • 1.) The certbot debian package ships with its own cron job (/etc/cron.d/certbot) and a systemd timer (/lib/systemd/system/certbot.timer) to automatically renew TLS certificate. So you don’t need to manually add cron job or systemd timer. The timer runs certbot.service twice a day.

      2.) You can create a separate .conf file for Nextcloud with server_name set to cloud.local.

    • Oh, excellent. I didn’t know Certbot came with its own cron job now. Last time I installed it (at least a year ago) that was still a manual process. Thanks!

  • Hi Xiao!!

    Thanks for the tutorial!! It works perfectly!!!

    I got one question…

    How do you set the session time, if I login the session will still continue after 24 hours. For security purposes the session should disconnect after 5 minutes of inactivity, but I can not find where to change that. Do you have any idea where can I change that or what code do I need to add and where?

    Thanks!!!

  • This all worked for me, however, I’m not able to access Nextcloud via nextcloud.domain.com on my internal network. I can access on my mobile when its only on LTE. I also tried IP address/nextcloud and no luck. What am I missing?

    • Also, when navigating to https://localhost/ I get the phpmyadmin page, not the nextcloud page

    • Nevermind. I didn’t get my cert in yet. Once I did that step, I was able to get in via address/nexcloud

  •  It is possible to reach nextcloud via IP address? 
  • Brad Peng
    9 months ago

    Hi Guo An,

    Thanks for the informative guide and I have been struggling to set the server up for the last two weeks. There are various issues I wish to address and please help me to understand –

    1) Standard set up using your guild (not changing data directory) – IT WORKED LIKE A CHARM, THANK YOU
    2) Adding an external HDD – I followed the guide on official nextcloud document but it simply won’t allow me to add local mounted device (1TB EXT4 partition) with www-data and also chmod 0750. https://docs.nextcloud.com/server/9/admin_manual/configuration_files/external_storage/local.html

    If I use chmod -R 0750 or chown -R www-data:www-data /path/to/externalHDD and they work and ls -al shows www-data. But if I use the sudo -u www-data chown -R www-data:www-data /localdir, then I get permission denied (on both commands) and I will not be able to add the EXTERNAL HDD

    3) If I follow your guide to change to EXTERNAL HDD (change of datadirectory) and I also added chown -R 0750. And I then changed in config.php – ‘datadirectory’ => ‘/path/to/new/drive/directory’, . Then I restart systemctl reload nginx – Then I get the following error on Chrome
    Internal Server Error

    The server encountered an internal error and was unable to complete your request.
    Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.
    More details can be found in the server log.

    I will check the log again and see what could be the possible error but I have been battling for the last two week so any assistance would be greatly appreciated. Thanks, Brad

  • Brad Peng
    9 months ago

    Hi Guo An,

    Thanks for the great article and I managed to make it work as it had something to do with user/group permission. And it is now 100%. But just one step is missing, after you changed datadirectory, you got to rescan the files sudo -u www-data php occ files:scan –all for NC to see all the new files and update cache.

  • Timo Carlier
    9 months ago

    This is a more general question. I have looked elsewhere first but can’t find a clear answer. I am running Ubuntu on an actual machine, not in a virtual machine. Do I have to type all the information in step 3 by hand? I have tried a ‘curl’ this link, but I get more information than I can scroll back up and see (using shift page up, I can only see the last three pages).

    Thanks,
    Timo

  • Timo Carlier
    9 months ago

    Hi,

    At the end of step 3 when I run sudo nginx -t I get the comment:

    nginx: [emerg] unknown directive “PK” in /etc/nginx/sites-enabled/nextcloud-14.0.3.zip:4
    nginx: configuration file /etc/nginx/nginx.conf test failed

    When I check, the only line in nginx.conf that points at /etc/nginx/sites-enabled/nextcloud-14.0.3.zip is the one under

    gzip on;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;

    Should I maybe put a hashtag in front of gzip on; and the two lines that follow?

    Thanks again

    • You shouldn’t put the nextcloud-14.0.3.zip file in /etc/nginx/sites-enabled/ directory, which is for virtual host file only.
      Put the zip archive in your home directory first.

    • Timo Carlier
      9 months ago

      Sorry – meant I don’t have a graphical interface at all on the machine I’m installing on, only Ubuntu Server. Somebody showed me how to ssh from the terminal of another computer and copy & paste text like that.

  • Timo Carlier
    9 months ago

    Sorry – I can see now that the line

    include /etc/nginx/sites-enabled/*;

    is not related to the gzip section.

    Can I put a # in front of this line?

  • Hi,
    Just wondering what would i put for the server_name if I am running on a free ddns service? i use no-ip’s service, so my server is name.ddns.net. Would the server_name be nextcloud.name.ddns.net?

    Thanks

    • The name must exist in your no-ip account and not being used by another Nginx virtual host (server block) on your server.

      You can use nextcloud.name.ddns.net if you can create this sub-domain in your no-ip account.

  • dude help me please,

    nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/nextcloud.sankalemmm.com/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/etc/letsencrypt/live/nextcloud.sankalemmm.com/fullchain.pem’,’r’) error:2006D080:BIO routines:BIO_new_file:no such file)
    nginx: configuration file /etc/nginx/nginx.conf test failed

  • ls: cannot access ‘/etc/letsencrypt/live/nextcloud.sankalemmm.com/fullchain.pem’: No such file or directory

  • Followed the strep to install but I can access the Web install Wizard. Hosting on my local server before moving to HTTPS. I was able to get everything running using the snap version of nextcloud but could not get smb share to work. So i moved to the full install. Since I using a local static ip address how do enter the server_name?

    • Just enter the IP address of your Ubuntu server. If you need to securely access Nextcloud from outside of home network, you need to use a domain name and enable HTTPS. Usually dynamic DNS providers like no-ip.com can provide a free hostname to you.

      • Thanks I actually had the root pointing to a folder that did not exist. I have a domain I want to use but not sure what ip address to use. My service provider IP but I always assumed that the IP address provided by the ISP was dynamic.

  • Hi Xiao,

    I’ve followed your instructions through many iterations and it has worked perfectly every time. This version seems to have worked except for the step 5 (for me, I see others have been successful). I wondered if you have any ideas.
    I have nextcloud installed on an Ubuntu 18 machine. I have completed step 3 for Nginx. If I go to my WAN IP I get the Nginx welcome screen. If I go to my DynDNS host I get the Nginx Welcome screen.
    If I go to the subdomain.domain.com, I get the page cannot be found error:
    This site can’t be reached [removed] refused to connect.
    Try:

    Checking the connection
    Checking the proxy and the firewall
    ERR_CONNECTION_REFUSED

    As I can get to the Nginx Welcome via DynDNS Host and WAN IP I know my router is forwarding correctly.

    I followed your instructions step by step so have everything you have in this post. The only thing I can think of is that the Nginx file has something wrong.
    /etc/nginx/conf.d/nextcloud.conf
    I copied your example and just change the server to my subdomain.domain.com

    Any help would be appreciated.

  • Hi Xiao,
    I followed your instructions and install nextcloud successful with the domain: cloud.xxx.com,
    now i deployed another domain: www.xxx.com with the same VPS which ran nextcloud,
    i configured the .conf file for www.xxx.com like nextcloud.conf file ,
    but when i access www.xxx.com, the browse notified:

    {This server could not prove that it is www.xxx.com; its security certificate was issued for cloud.xxx.com. This may be caused by a misconfiguration or an attacker intercepting your connection.}

    how can i configure it?
    any help will be appreciated.

    • You need to use a separate TLS certificate for the second domain. Create a Nginx config file (only the port 80 server block) for the second domain and use certbot to install a new TLS certificate.

  • thank you so much! the nextcloud is running stable.
    so i wanna reuse the LEMP stack to run a blog application(hexo), but i encounter a problem-confusing with the configuration of nginx and php-fpm.

    could you post a tutorial for one VPS running both nextcloud and blog with 2 subdomain, based on LEMP stack?

    thanks in advance.

  • Awesome write up. Only problem is this error:
    nginx: [emerg] a duplicate listen 0.0.0.0:443 in /etc/nginx/conf.d/nextcloud.conf:116

    How do I resolve this?

  • Yes, thanks! I realised that. Just had no chance to post it yet.

    Cheers!

  • I have just installed this perfectly, but before I started to do anything with files, users etc I wanted to update to the latest version (15.02 at the time of writing). I am getting the following warnings

    The database is missing some indexes. Due to the fact that adding indexes on big tables could take some time they were not added automatically. By running "occ db:add-missing-indices" those missing indexes could be added manually while the instance keeps running. Once the indexes are added queries to those tables are usually much faster.
    Missing index "parent_index" in table "oc_share".
    Missing index "owner_index" in table "oc_share".
    Missing index "initiator_index" in table "oc_share".
    Missing index "fs_mtime" in table "oc_filecache".
    Some columns in the database are missing a conversion to big int. Due to the fact that changing column types on big tables could take some time they were not changed automatically. By running 'occ db:convert-filecache-bigint' those pending changes could be applied manually. This operation needs to be made while the instance is offline. For further details read the documentation page about this.
    filecache.mtime
    filecache.storage_mtime
    The "Referrer-Policy" HTTP header is not set to "no-referrer", "no-referrer-when-downgrade", "strict-origin", "strict-origin-when-cross-origin" or "same-origin". This can leak referer information. See the W3C Recommendation ↗.
    

    when I try to run the command

    sudo -u www-data php occ db:add-missing-indices

    I get

    Could not open input file: occ

    I have tried all sorts of things and various suggests from other forums, but nothing I find works. I wonder if you would be able to help?

    Thank you

    • Don’t want to reply to my own post, but for anyone else, I found the answer.

      cd /usr/share/nginx/nextcloud
      then run the commands in the form

      sudo -u www-data php occ db:add-missing-indices

      appears to have done the trick

  • hi, i followed this guide and it worked great.
    but the guide configures the nextcloud url as the domain (abc.com) itself.
    how can i update it such that nextcloud can be accessed at domain/nexcloud (abc.com/nextpath) path?

  • I followed this tutorial on a raspbian OS and ended up with a 502 bad gateway visiting http://myip/nextcloud. If I visit http://myip I can see an ugly nginx welcome page only. If I visit nextcloud.servername, it says router can’t find this server even if I added this server in router’s hosts file. Completely frustrated after 2 days of struggling.

  • MiguelNdeCarvalho
    3 months ago

    Hey,
    Basically I am getting a 504 gateway time-out, after entering the install button on UI
    Thanks,
    Miguel de Carvalho

  • The tutorial has worked well. However on trying to configure external storages i get this error “No external storage configured or you don’t have the permission to configure them”

  • Silly linux noob here wondering where the hell i’m supposed to set this “A” record. The linux machine, My Router, the Domain?

    All i want to do at the moment is access this installation from my internal network, not from an external WAN Connection

    I do have a Problem with Step 3:

    /etc/nginx/conf.d/nextcloud.conf

    When i put my “nextcloud.dmydomain.de” in there i can’t reach my Nextcloud anymore

    When i instead put the internel IP Adress of my nextcloud 192.168.23.235 in that spot i can reach the nextcloud with my browser only if i type in 192.168.23.235/index.php (Why is that so? is that configurable to “ip/nextloud”?)

    Same goes for phpmyadmin wich is unreachable from my browser (pma.mydomain.de)

  • Hello Linuxbabe, First want to tjank You for this awesome tutorial !

    I followed it and before the HTTPS secure part of the tutorial all is working and i can access the nextcloud site also from outside my LAN (via the WAN/internet)

    After I enable the HTTPS ( i tested NGINX conf gile as OK and reloaded) i get “This page isnt working” from all browsers from the outside of my LAN and it also says “mydomain.com (example) redirected You too many times” as well as ” ERR-TOO-MANY-REDIRECTS”

    What did i do wrong ?

    I appreciate Your help

    Thank You

    Lars

    • Hey again, I got it working by adding the listen 443 part to the TOP of the NGINX config file (it was at bottom)

      Now i can get to the https://cloud.mydomain.com (still example) but now Nextcloud tells me “Access through untrusted domain” and somethign about editing “trusted_domains” settings in config/config.php

      I have NO idea how to solve this or continue form here…please help ! seems i got so far and now stuck !

      Thank You

      • So now i got help from a friend and got it working by editing the trusted domains section of the config.php file 🙂

        SO i can now access nextcloud from OUTSIDE via WAN/Internet.

        But what do i need to do to be able to access my nextcloud server from INSIDE my LAN ?

        Do i need to add some virtual section in nextcloud.conf file ? or what do i call the server here ?

        Thank You

        • I also wanted to ask how i access the file son the local nextcloud server that i uploaded as a test from one of my clients (my phone), i uploaded a video file but when i navigate in Ubuntu on the nextcloud server via the filemanager to the “nextcloud-data” folder (as You recommended in your tutorial above) all folders have a small X in lower right corner and i cant copy or open them (like in a VLC video player)

          SO how do i access all the user files in the nextcloud-data folder (to back them up or copy them elsewhere etc) ???

      • You can’t access the nextcloud-data folder from the file manager because your user account doesn’t have permission to read or write to the folder. You can run the following command to grant read permission to your user account.

        sudo setfacl -R -m "u:your-username:rx" /usr/share/nginx/nextcloud-data/

        To grant read and write permission, run

        sudo setfacl -R -m "u:your-username:rwx" /usr/share/nginx/nextcloud-data/
    • You can access NextCloud from LAN with the https://cloud.example.com domain name. You can add an entry in the /etc/hosts file on the client computer like below

      192.168.0.101   cloud.example.com

      So the client computer can access NextCloud without sending packets to Internet.

  • Hello Linuxbabe, it’s a great tutorial, but i have a problem with SSL LetsEncrypt. When I renew a SSL with command ” sudo cerbot –nginx”, SSL cannot renew, and show this :

    http-01 challenge for mydomain
    nginx: [warn] conflicting server name "mydomain" on 0.0.0.0:80, ignored
    Waiting for verification...
    Cleaning up challenges
    nginx: [warn] conflicting server name "mydomain" on 0.0.0.0:80, ignored
    Failed authorization procedure. mydomain (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://mydomain/.well-known/acme-challenge/YWGQ9GwzH9dSfDpyeZ94xYUVvZcXfMdNj7x1gqh-Kis [my ip public]: 404
    
    IMPORTANT NOTES:
     - The following errors were reported by the server:
    
       Domain: mydomain
       Type:   unauthorized
       Detail: Invalid response from
       https://mydomain/.well-known/acme-challenge/YWGQ9GwzH9dSfDpyeZ94xYUVvZcXfMdNj7x1gqh-Kis
       [my ip public]: 404
    
       To fix these errors, please make sure that your domain name was
       entered correctly and the DNS A/AAAA record(s) for that domain
       contain(s) the right IP address.

    Please help me, Thanks

  • Thomas
    1 min ago

    The line:
    sudo cp /usr/share/nginx/nextcloud-data/* /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/nextcloud-data/ -R
    is incorrect.
    It should read:
    sudo cp /usr/share/nginx/nextcloud-data/ /media/linuxbabe/b43e4eea-9796-4ac6-9c48-2bcaa46353731/ -R

    Also with the correction, you dont have to copy the hidden file. It will have been copied already.

    Most of the problems with permissions moving the data to a new drive are caused by windows.

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • If my answer helped you, please consider supporting this site. Thanks :)