How to install Nextcloud on CentOS 7

NextCloud

Introduction

In a previous tutorial we talked about the installation of Nextcloud on an Ubuntu 16.04 server with Apache. Remember, Nextcloud is a cloud storage system. In this guide we’ll look at how to install and configure it on a CentOS 7 system, with Nginx as the web server, and MariaDB as the database.

Install Nginx and PHP7-FPM

First of all, add the EPEL repository, which contains Nginx:

# yum install epel-release

Next, install Nginx:

# yum install nginx

PHP7-FPM is available on an external repository. Yu want to use the webtatic one. To add it:

# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

Now, it’s possible to install PHP7-FPM and some Nextcloud dependencies:

# yum install php70w-fpm php70w-pecl-apcu-devel php70w-json php70w-pecl-apcu php70w-gd php70w-mcrypt php70w-mysql php70w-cli php70w-pear php70w-xml php70w-mbstring php70w-pdo

Check the PHP version to be sure that everything went well, with:

# php -v

Configure PHP-FPM

After installation, a configuration of PHP is required for use with Nginx. With a text editor, edit the /etc/php-fpm.d/www.conf file. In there, search lines containing user and group strings and modify as follows:

user = nginx
group = nginx

In the same file, look for listen string, and modify that too:

listen = 127.0.0.1:9000

PHP will listen on port 9000.
Uncomment the following lines:

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

Save and exit.

Create a new directory in /var/lib and change its owner to nginx user:

# mkdir -p /var/lib/php/session
# chown nginx:nginx -R /var/lib/php/session/

Start and enable both Nginx and PHP7-FPM:

# systemctl start php-fpm
# systemctl start nginx
# systemctl enable php-fpm
# systemctl enable nginx

Install MariaDB

As previously said, MariaDB will be the database system, so install it like this:

# yum install mariadb-server mariadb

Next:

# systemctl start mysql
# systemctl start mysql

Then, configure the root account for MariaDB:

# mysql_secure_installation
Set root password? [Y/n]
New password: my_strong_root_password
Re-enter new password: my_strong_root_password

Remove anonymous users? [Y/n]
Disallow root login remotely? [Y/n]
Remove test database and access to it? [Y/n]
Reload privilege tables now? [Y/n]

Now, it’s time to login to MariaDB and configure it for use with Nextcloud:

# mysql -u root -p

In its shell:

mysql> CREATE DATABASE my_nextclouddb;
mysql> CREATE USER [email protected] IDENTIFIED BY '[email protected]';
mysql> GRANT ALL PRIVILEGES ON my_nextclouddb.* TO [email protected] IDENTIFIED BY '[email protected]';
mysql> FLUSH PRIVILEGES;
mysql> EXIT;

Generate a SSL certificate

For using Nextcloud with HTTPS connection with the client, you’ll need an SSL certificate. Generate a self-signed one with OpenSSL. First, create a new directory for that file:

# mkdir -p /etc/nginx/cert/

and generate it:

# openssl req -new -x509 -days 365 -nodes -out /etc/nginx/cert/nextcloud.crt -keyout /etc/nginx/cert/nextcloud.key

N.B: the /etc/nginx/cert/ will contain all the SSL certificates your server will require eventually.

Change permissions:

# chmod 700 /etc/nginx/cert
# chmod 600 /etc/nginx/cert/*

Install Nextcloud

Now it’s time to download and install Nextcloud. Download the archive with:

# https://download.nextcloud.com/server/releases/nextcloud-11.0.2.zip

Extract it and move to /usr/share/nginx/html/

# unzip nextcloud-11.0.2.zip
# mv nextcloud/ /usr/share/nginx/html/

Create a new data directory for Nextcloud:

# mkdir -p /usr/share/nginx/html/nextcloud/data/

Change the owner of nextcloud to nginx user:

# chown nginx:nginx -R /usr/share/nginx/html/nextcloud

Configure a Virtual Host for Nextcloud

Create a new Virtual Host configuration file, /etc/nginx/conf.d/nextcloud.conf. There, paste the following configuration:

upstream php-handler {
    server 127.0.0.1:9000;
    #server unix:/var/run/php5-fpm.sock;
}
 
server {
    listen 80;
    server_name storage.mydomain.com;
    # enforce https
    return 301 https://$server_name$request_uri;
}
 
server {
    listen 443 ssl;
    server_name storage.mydomain.com;
 
    ssl_certificate /etc/nginx/cert/nextcloud.crt;
    ssl_certificate_key /etc/nginx/cert/nextcloud.key;
 
    # Add headers to serve security related headers
    # Before enabling Strict-Transport-Security headers please read into this
    # topic first.
    add_header Strict-Transport-Security "max-age=15768000;
    includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
 
    # Path to the root of your installation
    root /usr/share/nginx/html/nextcloud/;
 
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
 
    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;
 
    location = /.well-known/carddav {
      return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host/remote.php/dav;
    }
 
    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;
 
    # Disable gzip to avoid the removal of the ETag header
    gzip off;
 
    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;
 
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
 
    location / {
        rewrite ^ /index.php$uri;
    }
 
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
        deny all;
    }
 
    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
        include fastcgi_params;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS on;
        #Avoid sending the security headers twice
        fastcgi_param modHeadersAvailable true;
        fastcgi_param front_controller_active true;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
    }
 
    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
        try_files $uri/ =404;
        index index.php;
    }
 
    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=7200";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        # Before enabling Strict-Transport-Security headers please read into
        # this topic first.
        add_header Strict-Transport-Security "max-age=15768000;
        includeSubDomains; preload;";
        add_header X-Content-Type-Options nosniff;
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        # Optional: Don't log access to assets
        access_log off;
    }
 
    location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log off;
    }
}

Save, exit and test Nginx with:

# nginx -t

Then, restart it:

# systemctl restart nginx

Conclusions

The last thing to do is to complete a graphical installation wizard. With a web browser go to storage.mydomain.com, create an admin account and enter informations about the database created in the previous steps.
At the end, a complete Dropbox-like storage system will be available on the server!

  • I have profited 104000 dollars in last 12 months by doing an online job from my house a­n­d I did it by working part time f­­o­­r 3 or sometimes more hours each day. I’m using an earning model I found online and I am amazed that i made so much money. It’s user friendly and I’m just so grateful that I found out about it. Here’s what I do… http://gee­.­su/rvuya

  • I got paid $104,000 last year by doing an online job a­n­d I was able to do it by work­ing in my own time f­o­r few h each day. I’m using a money making opportunity I stumbled upon from this website i found online and I am so amazed that i was able to make so much money. It’s newbie friendly a­n­d I am just so happy that i found this. Check out what I do… http://www.wzurl­.­me/tEXzrw

  • alice.masterson

    I got paid 104,000 thousand dollars in 2016 by working from my home a­n­d I manage to do it by w­orking part-time for several hours on daily basis. I was following an earning opportunity I was introduced by this company i found on-line and I am thrilled that I was able to earn so much money. It’s really newbie friendly and I am just so happy that i found it. Here is what i did… http://www.wzurl­.­me/m7IQvg

  • bell_raymond

    I was paid $104,000 in last 12 months by doing an online job a­­n­­d I did it by w­orking part time for 3 or sometimes more hrs /day. I was following a business model I stumbled upon online and I am so thrilled that i made so much money. It’s newbie friendly a­n­d I’m so grateful that i learned about it. Check out what I did… http://urlof­.­site/qYSkQ

  • I was paid 104000 bucks previous 12 months by doing a web-based job as well as I was able to do it by w­orking in my own time f­o­r quite a few hours each day. I utilized job opportunity I found online and I am delighted that I was in the position to earn such decent cash. It’s genuinely newbie-friendly and therefore I’m so pleased that I discovered out about it. Check out exactly what I do… I was without work for six months time when my early Co-worker finally advised me to get into freelancing from home… It was only just after I gained $5000 in my initial thirty days when I seriously believed I could do this for a living! Now a days I am joyful than ever… I work-from-home and I am my own boss now like I always wanted… I see a large number of disappointed people around me, working the same old boring job that’s sucking the daily life from all of them day by day… Each time I see some-one like that I say START FREELANCING MAN! This is how I started out >>>> www­.­cat­.­org­.­uk/snip/78276

  • I was paid 104000 bucks past 12 months by doing an on-line task and also I was able to do it by w­orking in my own time f­o­r quite a few hours each day. I applied work opportunity I found out on-line and so I am excited that I was able to make such great money. It is really newbie-friendly and I am so blessed that I discovered out regarding it. Have a look at what I do… www­.­cat­.­org­.­uk/snip/93439

  • lawrence_lee

    I was paid 104000 dollars past 12 month period by doing a web based work and I was able to do it by w­orking in my own time f­o­r quite a few hours every day. I tried job opportunity I found out on the internet and therefore I am thrilled that I was capable of to earn such decent money. It is genuinely newbie-friendly and therefore I am so delighted that I found out about it. Look into exactly what I do… http://polr­.­me/1g1h

  • I was paid 104000 bucks last year by doing a web-based work moreover I was able to do it by w­orking in my own time f­o­r several hours each day. I used work opportunity I stumbled upon on-line and I am excited that I was manage to make such decent earnings. It’s seriously newbie-friendly and therefore I’m so delighted that I found out about it. Take a look at what I do… http://ipt­.­pw/mMWmmZ

  • mobley.barbara

    I was without work for six months time when my early Fellow worker finally strongly suggested me to begin with freelancing online… It was just after I earned $5000 in my first 30 days when I really believed I really could do this for a living! Nowadays I am joyful than ever… I work at home and also I am my own boss now like I always wanted… I see a large number of not satisfied people around me, working the same old boring job that’s sucking the life from them day by day… Whenever I see some-one like that I say START FREELANCING MAN! This is how I started out >>>> http://flicom­.­ru/483636

  • Chairman of Yahoo and Google!, is telling folks to get started in “Work at home” practice, that I have been doing for more than twelve months now. These days alone, I made as much as $36k until now with nothing but my home computer as well as some free time, even though i have a regular nine to 5 job. Even people not used to this, actually make $50/per h undoubtedly and the income might be much very high as time passes… This is how i started >> http://adultadda­.­net/2Xm

  • M­a­n­y p­e­o­ple w­a­nt t­o ha­v­e a high earnings at their, bu­t t­he­y do­n’t kno­w ho­w t­o exactly d­o th­at o­n th­e Int­ernet. Th­ere ar­e a a number of w­ays t­o ea­rn massive am­ount of mo­ney, b­ut wh­enev­er p­eopl­e t­ry th­at the­y g­et tr­app­ed in a s­cam, Therefore Now I am sh­aring wi­th yo­u a g­enuine an­d gu­arante­ed w­ay f­or fre­e to ea­rn hug­e am­ount of mon­ey a­t ho­me.I am making atleast $10000 per month since 12 months.Its an internet work and also pretty easy to do, Even a little boy or girl can do this work and make money. If you want a happy and wealthy life then you need to copy and paste this website in web browser and then follow instructions to get started right now and make Thousands Over the internet……….. http://ipt­.­pw/26UqPm