We had published a tutorial on how to install Nextcloud on Ubuntu 16.04 with Apache web server back in June 2016, shortly after the first public release of Nextcloud. But many folks want to use Nginx rather than Apache as the web server. So in this tutorial we will see how to install Nextcloud 13 on Ubuntu 16.04 with Nginx.
Note: If you are using Ubuntu 18.04, please follow this tutorial: Install Nextcloud on Ubuntu 18.04 with Nginx (LEMP stack)
Table of Contents
Prerequisites
First, you should check out this LEMP install tutorial for Ubuntu 16.04 if you haven’t installed LEMP yet. Once it’s installed, come back here and read on.
Step 1: Download NextCloud 13
Download the NextCloud server zip archive onto your server. The latest stable version is 13.0.4 at time of this writing. You may need to change the version number. Go to https://nextcloud.com/install and click the download button to check out the latest version.
wget https://download.nextcloud.com/server/releases/nextcloud-13.0.4.zip
Extract it.
sudo apt install unzip unzip nextcloud-13.0.4.zip
A new directory named nextcloud will be created in the current working directory. Move the new directory and all of its content to the document root of Nginx web server
sudo mv nextcloud /usr/share/nginx/
Then you also need to set Nginx user (www-data) as the owner of NextCloud directory.
sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R
Step 2: Create a Database and User in MariaDB
Log into MariaDB database server with the following command:
sudo mysql -u root
Then create a database for Nextcloud. This tutorial name the database nextcloud. You can use whatever name you like.
create database nextcloud;
Create the database user. Again, you can use your preferred name for this user. Replace your-password with your preferred password.
create user nextclouduser@localhost identified by 'your-password';
Grant this user all privileges on the nextcloud database.
grant all privileges on nextcloud.* to nextclouduser@localhost identified by 'your-password';
Flush privileges and exit.
flush privileges; exit;
Step 3: Enable Binary Logging in MariaDB
Edit the mysqld configuration file.
sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf
Add the following three lines in [mysqld] section.
log-bin = /var/log/mysql/mariadb-bin log-bin-index = /var/log/mysql/mariadb-bin.index binlog_format = mixed
The format of binary log must be mixed. Save and close the file. Then restart MariaDB service.
sudo systemctl restart mysql
Now binary log is enabled in MariaDB.
Step 4: Create an Nginx Config File for Nextcloud
Create a nextcloud.conf file in /etc/nginx/conf.d/ directory.
sudo nano /etc/nginx/conf.d/nextcloud.conf
Put the following text into the file. Replace the red-colored text with your actual data. Don’t forget to set A record for the domain name.
server {
listen 80;
server_name nextcloud.your-domain.com;
# Add headers to serve security related headers
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Path to the root of your installation
root /usr/share/nginx/nextcloud/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
# last;
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location ~ /.well-known/acme-challenge {
allow all;
}
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~* \.(?:css|js)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
# Optional: Don't log access to other assets
access_log off;
}
}
Save and close the file. Test Nginx configuration, then reload Nginx for the changes to take effect.
sudo nginx -t sudo systemctl reload nginx
Step 5: Install and Enable PHP Modules
Run the following commands to install needed PHP modules.
sudo apt install php7.0-common php7.0-gd php7.0-json php7.0-curl php7.0-zip php7.0-xml php7.0-mbstring
Step 6: Enable HTTPS
Now you can access the Nextcloud web install wizard in your browser by entering the domain name for your Nextcloud installation.
nextcloud.your-domain.com
But before entering any sensitive information, we should enable secure HTTPS connection on Nextcloud. We can obtain a free TLS certificate from Let’s Encrypt. Run the following commands to install certbot (Let’s Encrypt) client on Ubuntu 16.04 from the official PPA. The software-properties-common package is needed to add PPA on Ubuntu. Sometimes, it’s not installed by default on Ubuntu. Python-certbot-nginx is the Nginx plugin.
sudo apt install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt update sudo apt install certbot python-certbot-nginx
You may also need to upgrade some libraries.
sudo apt upgrade
Next, run the following command to obtain a free TLS certificate using the Nginx plugin.
sudo certbot --nginx --agree-tos --redirect --staple-ocsp --email your-email-address -d nextcloud.your-domain.com
Within a few seconds, you shall see a message like below, which means the TLS certificate was successfully obtained and installed.
Finish the Installation in your Web Browser
Now you can access the Nextcloud web install wizard using HTTPS connection. To complete the installation, you need to create an admin account, enter the path of Nextcloud data folder, enter database details created earlier.
The data folder is where users’ files are stored. For security, it’s best to place the data directory outside of Nextcloud web root. So instead of storing users’ files under /usr/share/nginx/nextcloud/data/, we can change it to /usr/share/nginx/nextcloud-data, which can be created with the following command:
sudo mkdir /usr/share/nginx/nextcloud-data
Then make sure Nginx user (www-data) has write permission to the data directory.
sudo chown www-data:www-data /usr/share/nginx/nextcloud-data -R
Once it’s done, you will see the Web interface of Nextcloud. Congrats! You can start using it as your private cloud storage.
That’s it! I hope this tutorial helped you install Nextcloud on Ubuntu 16.04 with Nginx config. As always, if you found this post useful, then subscribe to our free newsletter. You can also follow us on Google+,
Twitter or like our Facebook page.