Install NextCloud on CentOS 7 / Red Hat (RHEL) / Scientific Linux

Install NextCloud on CentOS 7 / Red Hat (RHEL) / Scientific Linux

These instructions will guide you through the easiest setup of NextCloud on Linux. No messing around with Nginx, apache, marianDB and super easy to manage with “nextcloud.occ” commands. We use “Snap” to install the NextCloud snap package. A snap is a package containing an application together with its dependencies, and a description of how it should safely be run on your system, especially the different ways it should talk to other software. Most importantly snaps are designed to be secure, sandboxed, containerized applications isolated from the underlying system and from other applications.

The snap package includes Nextcloud 18.0.4, Apache 2.4, PHP 7.3, MySQL 5.7, Redis 5.0 and mDNS for network discovery.

We are assuming this is a fresh install of CentOS, if so please setup static IP and update all modules

 

1. Updating all modules:

$ Yum -y Update

 

2. Disabling SElinux (disabling SELinux for smooth operations):

$ sudo setenforce 0

$ sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config

 

3. Set host name:

$ Hostname example.com

 

4. Adding EPEL to CentOS 7:

$ sudo yum install epel-release

 

5. Installing snapd:

With the EPEL repository added to your CentOS installation, simply install the snapd package:

$ sudo yum install snapd

  • If you receive dependency issues attempting to install “snapd” rather than waiting for EPEL packages to be updated, you can enable the continuous release (CR) repository.

 

Once installed, the systemd unit that manages the main snap communication socket needs to be enabled:

$ sudo systemctl enable --now snapd.socket

To enable classic snap support, enter the following to create a symbolic link between /var/lib/snapd/snap and /snap:

$ sudo ln -s /var/lib/snapd/snap /snap

Either log out and back in again or restart your system to ensure snap’s paths are updated correctly.

 

6. If you get “too early for operation, device not yet seeded or device model not acknowledged”

$ snap wait system seed.loaded

$ systemctl restart snapd.seeded.service

 

7. Install Nextcloud via snap:

$ sudo snap install nextcloud

 

8. Create new admin account:

To configure Nextcloud with a new administrator account, use the nextcloud.manual-install command. You must pass in a username and a password as arguments:

$ sudo nextcloud.manual-install sammy password

Or

$ sudo snap run nextcloud.manual-install sammy password

 

9. Adding trusted domains:

When installing from the command line, Nextcloud restricts the host names that the instance will respond to. By default, the service only responds to requests made to the “localhost” hostname. We will be accessing Nextcloud through the server’s domain name or IP address, so we’ll need to adjust this setting to accept these type of requests.

 

You can view the current settings by querying the value of the trusted_domains array:

 

$ sudo nextcloud.occ config:system:get trusted_domains

 

Currently, only localhost is present as the first value in the array. We can add an entry for our server’s domain name or IP address by typing:

$ sudo nextcloud.occ config:system:set trusted_domains 1 --value=example.com

 

If we query the trusted domains again, we will see that we now have two entries:

$ sudo nextcloud.occ config:system:get trusted_domains

 

10. Ports config:

HTTP/HTTPS port configuration

By default, the snap will listen on port 80. If you enable HTTPS, it will listen on both 80 and 443, and HTTP traffic will be redirected to HTTPS. But perhaps you’re putting the snap behind a proxy of some kind, in which case you probably want to change those ports.

 

If you’d like to change the HTTP port (say, to port 81), run:

$ sudo snap set nextcloud ports.http=81

 

To change the HTTPS port (say, to port 444), run:

$ sudo snap set nextcloud ports.https=444

 

Note that, assuming HTTPS is enabled, this will cause HTTP traffic to be redirected to port 444. You can specify both of these simultaneously as well:

$ sudo snap set nextcloud ports.http=81 ports.https=444

 

Note: Let’s Encrypt will expect that Nextcloud is exposed on ports 80 and 443. If you change ports and don’t put Nextcloud behind a proxy such that ports 80 and 443 are sent to Nextcloud for that domain name, Let’s Encrypt will be unable to verify ownership of your domain and will not grant certificates.

 

Also note: Nextcloud’s automatic hostname detection can fail when behind a proxy; you might notice it redirecting incorrectly. If this happens, override the automatic detection (including the port if necessary), e.g.:

 

$ sudo nextcloud.occ config:system:set overwritehost --value="example.com:81"

 

11. Firewall configuration:

Add Http and HTTPS:

$ sudo firewall-cmd --zone=public --add-service=http$ sudo firewall-cmd --zone=public --add-service=https

 

If using custom ports enter them:

$ sudo firewall-cmd --zone=public --permanent --add-port=50881-50882/tcp

 

Save and enable firewalld if needed:

$ sudo firewall-cmd –reload

$ sudo systemctl enable firewalld

$ sudo systemctl start firewalld

 

12. Setting Up SSL with a Self-Signed Certificate:

If your Nextcloud server does not have a domain name, you can still secure the web interface by generating a self-signed SSL certificate. This certificate will allow access to the web interface over an encrypted connection, but will be unable to verify the identity of your server, so your browser will likely display a warning.

 

To generate a self-signed certificate and configure Nextcloud to use it, type:

 

$ sudo nextcloud.enable-https self-signed

 

 

More Resources:

https://docs.nextcloud.com/server/15/admin_manual/installation/source_installation.html

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-nextcloud-on-ubuntu-18-04

https://github.com/nextcloud/nextcloud-snap

 

About the author: Amro Sahli

You must be logged in to post a comment.