Install NextCloud on CentOS 7 / Red Hat (RHEL) / Scientific Linux
Install NextCloud on CentOS 7 / Red Hat (RHEL) / Scientific Linux
These instructions will guide you through the easiest setup of NextCloud on Linux. No messing around with Nginx, apache, marianDB and super easy to manage with “nextcloud.occ” commands. We use “Snap” to install the NextCloud snap package. A snap is a package containing an application together with its dependencies, and a description of how it should safely be run on your system, especially the different ways it should talk to other software. Most importantly snaps are designed to be secure, sandboxed, containerized applications isolated from the underlying system and from other applications.
The snap package includes Nextcloud 18.0.4, Apache 2.4, PHP 7.3, MySQL 5.7, Redis 5.0 and mDNS for network discovery.
We are assuming this is a fresh install of CentOS, if so please setup static IP and update all modules
1. Updating all modules:
$ Yum -y Update
2. Disabling SElinux (disabling SELinux for smooth operations):
$ sudo setenforce 0
$ sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
3. Set host name:
$ Hostname example.com
4. Adding EPEL to CentOS 7:
$ sudo yum install epel-release
5. Installing snapd:
With the EPEL repository added to your CentOS installation, simply install the snapd package:
$ sudo yum install snapd
- If you receive dependency issues attempting to install “snapd” rather than waiting for EPEL packages to be updated, you can enable the continuous release (CR) repository.
Once installed, the systemd unit that manages the main snap communication socket needs to be enabled:
$ sudo systemctl enable --now snapd.socket
To enable classic snap support, enter the following to create a symbolic link between /var/lib/snapd/snap and /snap:
$ sudo ln -s /var/lib/snapd/snap /snap
Either log out and back in again or restart your system to ensure snap’s paths are updated correctly.
6. If you get “too early for operation, device not yet seeded or device model not acknowledged”
$ snap wait system seed.loaded
$ systemctl restart snapd.seeded.service
7. Install Nextcloud via snap:
$ sudo snap install nextcloud
8. Create new admin account:
To configure Nextcloud with a new administrator account, use the nextcloud.manual-install command. You must pass in a username and a password as arguments:
$ sudo nextcloud.manual-install sammy password
Or
$ sudo snap run nextcloud.manual-install sammy password
9. Adding trusted domains:
When installing from the command line, Nextcloud restricts the host names that the instance will respond to. By default, the service only responds to requests made to the “localhost” hostname. We will be accessing Nextcloud through the server’s domain name or IP address, so we’ll need to adjust this setting to accept these type of requests.
You can view the current settings by querying the value of the trusted_domains array:
$ sudo nextcloud.occ config:system:get trusted_domains
Currently, only localhost is present as the first value in the array. We can add an entry for our server’s domain name or IP address by typing:
$ sudo nextcloud.occ config:system:set trusted_domains 1 --value=example.com
If we query the trusted domains again, we will see that we now have two entries:
$ sudo nextcloud.occ config:system:get trusted_domains
10. Ports config:
HTTP/HTTPS port configuration
By default, the snap will listen on port 80. If you enable HTTPS, it will listen on both 80 and 443, and HTTP traffic will be redirected to HTTPS. But perhaps you’re putting the snap behind a proxy of some kind, in which case you probably want to change those ports.
If you’d like to change the HTTP port (say, to port 81), run:
$ sudo snap set nextcloud ports.http=81
To change the HTTPS port (say, to port 444), run:
$ sudo snap set nextcloud ports.https=444
Note that, assuming HTTPS is enabled, this will cause HTTP traffic to be redirected to port 444. You can specify both of these simultaneously as well:
$ sudo snap set nextcloud ports.http=81 ports.https=444
Note: Let’s Encrypt will expect that Nextcloud is exposed on ports 80 and 443. If you change ports and don’t put Nextcloud behind a proxy such that ports 80 and 443 are sent to Nextcloud for that domain name, Let’s Encrypt will be unable to verify ownership of your domain and will not grant certificates.
Also note: Nextcloud’s automatic hostname detection can fail when behind a proxy; you might notice it redirecting incorrectly. If this happens, override the automatic detection (including the port if necessary), e.g.:
$ sudo nextcloud.occ config:system:set overwritehost --value="example.com:81"
11. Firewall configuration:
Add Http and HTTPS:
$ sudo firewall-cmd --zone=public --add-service=http$ sudo firewall-cmd --zone=public --add-service=https
If using custom ports enter them:
$ sudo firewall-cmd --zone=public --permanent --add-port=50881-50882/tcp
Save and enable firewalld if needed:
$ sudo firewall-cmd –reload
$ sudo systemctl enable firewalld
$ sudo systemctl start firewalld
12. Setting Up SSL with a Self-Signed Certificate:
If your Nextcloud server does not have a domain name, you can still secure the web interface by generating a self-signed SSL certificate. This certificate will allow access to the web interface over an encrypted connection, but will be unable to verify the identity of your server, so your browser will likely display a warning.
To generate a self-signed certificate and configure Nextcloud to use it, type:
$ sudo nextcloud.enable-https self-signed
More Resources:
https://docs.nextcloud.com/server/15/admin_manual/installation/source_installation.html
https://github.com/nextcloud/nextcloud-snap