How to up Nextcloud 19 server on Debian 10 Buster in 10 min

Before start please check system requirements for Nextcloud 19 server.

In my guide I using Debian 10 (Buster) GNU/Linux for OS.

 

1. Choice of Database

First need choice database for Your Nextcloud. Depend of Your need.

If just wont to try/test Nextcloud You can to use SQLite, alternative to SQLite if don't have big number of users good choice is MariaDB but in time from my experience number of user will go up and my choice is PostgreSQL.

Database is very important and Debian 10 (Buster) comming with PostgreSQL 11, but for better performance I using PostgreSQL 12 from repository pgdg.

* If will use SQLite please ignore instructions about PostgreSQL.

 

Add PostgreSQL 12 Repository & install package:

echo 'deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main' >> /etc/apt/sources.list.d/pgdg.list
wget --no-check-certificate -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O- | apt-key add -
apt-get update
apt-get install postgresql-12

Create new user & database for Nextcloud:

su - postgres
psql
CREATE DATABASE nextcloud;
CREATE USER ncuser WITH PASSWORD 'StorngPasswordHere';
GRANT ALL PRIVILEGES ON DATABASE nextcloud to ncuser;

Now Your database is ready for use.

 

2. Add repository Jurisic and install package nextcloud-server

echo 'deb http://apt.jurisic.org/debian/ buster main contrib non-free' >> /etc/apt/sources.list.d/jurisic.list
wget -q http://apt.jurisic.org/Release.key -O- | apt-key add -
apt-get update
apt-get install nextcloud-server

 

3. Configure Apache2 service (Virtual Host, SSL Certificate)

If using friesh installed Debian, package nextcloud-server will install apache2 and php packages.

Default Apache config will configure working url at links http://<ip address>/nextcloud or http://<hostname>/nextcloud

First we need enable support for ssl and that is very easy:

a2enmod ssl
a2ensite default-ssl
systemctl restart apache2

After enable Apache module ssl and site default-ssl we have self signed certificate at links https://<ip address>/nextcloud or https://<hostname>/nextcloud and its You fine with links no need more adjust Apache.

But for example I buy domain example.com and wont to run nextcloud at link https://example.com, here instruction what need to add in Apache.

Open text editor with:

nano /etc/apache2/sites-available/example.com.conf

Make file:

<VirtualHost *:80>
        ServerName example.com
        ServerAdmin webmaster@example.com
        DocumentRoot /var/www/nextcloud

        Redirect permanent / https://example.com/

        ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
        CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined

</VirtualHost>

<IfModule mod_ssl.c>

<VirtualHost _default_:443>
        ServerName example.com
        ServerAdmin webmaster@example.com
        DocumentRoot /var/www/nextcloud

        <Directory "/var/www/nextcloud">
            Options +FollowSymLinks
            AllowOverride All

            <IfModule mod_dav.c>
                Dav off
            </IfModule>

            SetEnv HOME /var/www/nextcloud
            SetEnv HTTP_HOME /var/www/nextcloud
        </Directory>

        <Directory "/var/www/nextcloud/data">
            Require all denied
        </Directory>

         <IfModule mod_headers.c>
            Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
        </IfModule>

        <IfModule mod_php7.c>
            <IfModule mod_env.c>
                SetEnv htaccessWorking true
            </IfModule>
        </IfModule>

        ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
        CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined

        SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem
        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

</VirtualHost>
</IfModule>

Now disable stadard site and enable new with:

a2dissite 000-default
a2dissite default-ssl
a2ensite example.com

Now is good time for setup ssl certificate. We can to use any solution or use free service Let's Encrypt.

Easy way to create and activate ssl certificate with Certbot:

apt-get install certbot python-certbot-apache
certbot --apache

 

4. Configure PHP (php.ini)

Settings for PHP can simple change. Just open file /etc/php/7.3/apache2/php.ini :

nano /etc/php/7.3/apache2/php.ini

Find keys and change value:

upload_max_filesize = 512M
post_max_size = 512M
memory_limit = 512M
mbstring.func_overload = 0
default_charset = "UTF-8"
output_buffering = 0

 

5. Optional configure PHP-FPM (Fast/CGI) instead default PHP

Switch Apache to event mode and enable fcgid:

a2dismod php7.3
a2dismod mpm_prefork
a2enmod mpm_event
a2enmod proxy_fcgi

Install package php-fpm :

apt-get install php-fpm
a2enconf php7.3-fpm
systemctl restart apache2 php7.3-fpm

Settings for PHP-FPM can simple change. Just open file /etc/php/7.3/fpm/php.ini :

nano /etc/php/7.3/fpm/php.ini

Find keys and change value:

upload_max_filesize = 512M
post_max_size = 512M
memory_limit = 512M
mbstring.func_overload = 0
default_charset = "UTF-8"
output_buffering = 0

Check great article about PHP FPM - optimization.

Example of my configuration (Note: PC have 8 CPU core, 8 Gb of RAM:):

Adjusted StartServers, MaxRequestWorkers and MaxConnectionsPerChild:

nano /etc/apache2/mods-enabled/mpm_event.conf

Example of file:

<IfModule mpm_event_module>
        StartServers            8
        MinSpareThreads         25
        MaxSpareThreads         75
        ThreadLimit             64
        ThreadsPerChild         25
        MaxRequestWorkers       248
        MaxConnectionsPerChild  1000
</IfModule>

Adjusted PHP-FPM pool:

nano /etc/php/7.3/fpm/pool.d/www.conf

Changed variables:

pm = dynamic
pm.max_children = 400
pm.start_servers = 32
pm.min_spare_servers = 16
pm.max_spare_servers = 32
pm.max_requests = 1000

Restart services :

systemctl restart apache2 php7.3-fpm

 

6. Optional configure memory caching

Good idea is to setup memory caching. If you have enough memory, use APCu for Memory Caching and Redis for File Locking.

 

6.1 For PHP APCu first need to install package and restart services:

apt-get install php-apcu
systemctl restart apache2 php7.3-fpm

 

6.2 Install Redis server and configure for work over unix socket:

apt-get install redis-server php-redis

Adjusted Redis server:

Enable unixsocket

nano /etc/redis/redis.conf

Find in file unixsocket and uncomment lines (note: change permission from 700 to 770):

unixsocket /var/run/redis/redis-server.sock
unixsocketperm 770

Change somaxconn and overcommit:

nano /etc/sysctl.d/40-redis-server.conf

Add in new file:

net.core.somaxconn = 1024
vm.overcommit_memory = 1

Transparent Huge Pages (THP) support disable:

nano /etc/default/grub

Add in line GRUB_CMDLINE_LINUX_DEFAULT :

GRUB_CMDLINE_LINUX_DEFAULT="transparent_hugepage=never"

Then apply changes with:

update-grub

Reboot server:

systemctrl reboot

 

7. Web install of Nextcloud

Now is server ready for Nextcloud web installation, open url:

https://example.com or https://example.com/nextcloud (depend how You configure Your Apache2)

Create admin account (username,password), configure database (click on PostgreSQL,username,password,database) and click "Finish setup":

 

8. Optional enable cache in config file of Nextcloud

Check section 6.1 and 6.2. If wont enable cache by PHP APCu and Redis server:

nano /var/www/nextcloud/config/config.php

Add in config:

  'memcache.local' => '\\OC\\Memcache\\APCu',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => '/var/run/redis/redis-server.sock',
    'port' => 0,
    'timeout' => 0,
    'password' => '',
    'dbindex' => 0,
  ),

 

Congratulations and enjoy in Nextcloud !!!

Page top