At first, please update your centos. Every command I use, is used as root \ud83d\ude09<\/p>\n
yum -y update<\/pre>\nInstalling database server MariaDB<\/h1>\n
Next, we install and create empty database for our nextcloud. Then we start it and enable for autostart after boot.
\nIf you wish, you can skip installations of MariaDB and you can use built-in SQLite. Then you can continue with installing apache web server.<\/p>\nyum -y install mariadb mariadb-server\n...\nsystemctl start mariadb\nsystemctl enable mariadb<\/pre>\nNow, we run post installation script to finish setting up mariaDB server:<\/p>\n
mysql_secure_installation\n...\nEnter current password for root (enter for none): ENTER\nSet root password? [Y\/n] Y\nRemove anonymous users? [Y\/n] Y\nDisallow root login remotely? [Y\/n] Y\nRemove test database and access to it? [Y\/n] Y\nReload privilege tables now? [Y\/n] Y<\/pre>\nNow, we can create a database for nextcloud.<\/p>\n
mysql -u root -p\n...\nCREATE DATABASE nextcloud;\nGRANT ALL PRIVILEGES ON nextcloud.* TO 'nextclouduser'@'localhost' IDENTIFIED BY 'YOURPASSWORD';\nFLUSH PRIVILEGES;\nexit;<\/pre>\nInstalling Apache Web Server with ssl (letsencrypt)<\/h1>\n
Now, we install Apache web server, and we start it and enable for autostart after boot:<\/p>\n
yum install httpd -y\nsystemctl start httpd.service\nsystemctl enable httpd.service<\/pre>\nNow, we install ssl for apache and allow https service for firewall:<\/p>\n
yum -y install epel-release\nyum -y install httpd mod_ssl\n...\nfirewall-cmd --zone=public --permanent --add-service=https\nfirewall-cmd --zone=public --permanent --add-service=http\nfirewall-cmd --reload\nsystemctl restart httpd.service\nsystemctl status httpd<\/code><\/pre>\nNow we can access our server via https:\/\/out.server.sk
\nIf we want signed certificate from letsencrypt, we can do it with next commands. Certboot will ask some questions, so answer them.<\/p>\nyum -y install python-certbot-apache\ncertbot --apache -d example.com<\/span><\/code><\/pre>\nIf we are good, we can see:<\/p>\n
IMPORTANT NOTES:\n - Congratulations! Your certificate and chain have been saved at\n \/etc\/letsencrypt\/live\/example.com\/fullchain.pem.\n...\n<\/code><\/pre>\nAnd we can test our page with this:<\/p>\n
https:\/\/www.ssllabs.com\/ssltest\/analyze.html?d=example.com&latest<\/pre>\nInstall PHP 7<\/h1>\n
As creators of nextcloud recommends at minimal PHP 5.4, I use php 7.
\nPHP 5.4 has been end-of-life since September 2015 and is no longer supported by the PHP team. RHEL 7 still ships with PHP 5.4, and Red Hat supports it. Nextcloud also supports PHP 5.4, so upgrading is not required. However, it is highly recommended to upgrade to PHP 5.5+ for best security and performance.
\nNow we must add some additional repositories:<\/p>\nrpm -Uvh https:\/\/dl.fedoraproject.org\/pub\/epel\/epel-release-latest-7.noarch.rpm\nrpm -Uvh https:\/\/mirror.webtatic.com\/yum\/el7\/webtatic-release.rpm<\/pre>\nAnd we can install php 7.2:<\/p>\n
yum install mod_php72w.x86_64 php72w-common.x86_64 php72w-gd.x86_64 php72w-intl.x86_64 php72w-mysql.x86_64 php72w-xml.x86_64 php72w-mbstring.x86_64 php72w-cli.x86_64 php72w-process.x86_64<\/pre>\nCheck in:<\/p>\n
php --ini |grep Loaded\nLoaded Configuration File:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \/etc\/php.ini\nphp -v\nPHP 7.2.22 (cli) (built: Sep 11 2019 18:11:52) ( NTS )\nCopyright (c) 1997-2018 The PHP Group\nZend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies<\/pre>\nIn my case, I will use nextcloud as my backup device, so I increase the default upload limit to 200MB.<\/p>\n
sed -i \"s\/post_max_size = 8M\/post_max_size = 200M\/\" \/etc\/php.ini\nsed -i \"s\/upload_max_filesize = 2M\/upload_max_filesize = 200M\/\" \/etc\/php.ini\nsed -i \"s\/memory_limit = 128M\/memory_limit = 512M\/\" \/etc\/php.ini<\/pre>\nRestart web server:<\/p>\n
systemctl restart httpd<\/pre>\nInstalling Nextcloud<\/h1>\n
At first, I install wget tool for download and unzip:<\/p>\n
\u00a0yum -y install wget unzip<\/pre>\nNow we can download nextcloud (at this time the latest version is 16.0.4). And extract it from archive to final destination. Then we change ownership of this directory:<\/p>\n
wget https:\/\/download.nextcloud.com\/server\/releases\/nextcloud-16.0.4.zip\n...\nunzip nextcloud-16.0.4.zip -d \/var\/www\/html\/\n...\nchown -R apache:apache \/var\/www\/html\/nextcloud\/<\/pre>\nCheck, if you have enabled SELinux by command sestatus:<\/p>\n
sestatus \n\nSELinux status: enabled\nSELinuxfs mount: \/sys\/fs\/selinux\nSELinux root directory: \/etc\/selinux\nLoaded policy name: targeted\nCurrent mode: enforcing\nMode from config file: enforcing\nPolicy MLS status: enabled\nPolicy deny_unknown status: allowed\nMax kernel policy version: 31<\/pre>\nRefer to nextcloud admin manual, you can run into permissions problems. Run these commands as root to adjust permissions:<\/p>\n
semanage fcontext -a -t httpd_sys_rw_content_t '\/var\/www\/html\/nextcloud\/data(\/.*)?'\nsemanage fcontext -a -t httpd_sys_rw_content_t '\/var\/www\/html\/nextcloud\/config(\/.*)?'\nsemanage fcontext -a -t httpd_sys_rw_content_t '\/var\/www\/html\/nextcloud\/apps(\/.*)?'\nsemanage fcontext -a -t httpd_sys_rw_content_t '\/var\/www\/html\/nextcloud\/.htaccess'\nsemanage fcontext -a -t httpd_sys_rw_content_t '\/var\/www\/html\/nextcloud\/.user.ini'\nrestorecon -Rv '\/var\/www\/html\/nextcloud\/'<\/pre>\nIf you see error “-bash: semanage: command not found”, install packages:<\/p>\n
yum provides \/usr\/sbin\/semanage<\/pre>\nyum install policycoreutils-python-2.5-33.el7.x86_64<\/pre>\nAnd finally, we can access our nextcloud and set up administrators password via our web: https:\/\/you-ip\/nextcloud
\nNow you must complete the installation via web interface. Set Administrator’s password and locate to MariaDB with used credentials:<\/p>\nDatabase user: nextclouduser\nDatabase password: YOURPASSWORD\nDatabase name: nextcloud\nhost: localhost<\/pre>\nIn my case, I must create a DATA folder under out nextcloud and set permissions:<\/p>\n
mkdir \/var\/www\/html\/nextcloud\/data\nchown apache:apache \/var\/www\/html\/nextcloud\/data -R\nsemanage fcontext -a -t httpd_sys_rw_content_t '\/var\/www\/html\/nextcloud\/data(\/.*)?'\nrestorecon -Rv '\/var\/www\/html\/nextcloud\/'<\/pre>\nFor easier access, I created a permanent redirect for my IP\/domain Nextcloud root folder. This redirect allow you to open page<\/p>\n
https:\/\/your-ip<\/pre>\nand redirect you to:<\/p>\n
https:\/\/your-ip\/nextcloud<\/pre>\nYou must edit httpd.conf file and add this line into directory \/var\/www\/html:<\/p>\n
vim \/etc\/httpd\/conf\/httpd.conf\n...\nRedirectMatch ^\/$ https:\/\/your-ip\/nextcloud\n...\nsystemctl restart httpd.service<\/pre>\nIf we see an error like “Your data directory and files are probably accessible from the Internet. The .htaccess file is not working. ” try edit and change variable<\/p>\n
vim \/etc\/httpd\/conf\/httpd.conf\n....\n<Directory \"\/var\/www\/html\">\n AllowOverride All<\/span>\n Require all granted\n Options Indexes FollowSymLinks\n<\/Directory>\n\n<\/pre>\nEnable updates via the web interface<\/h3>\n
To enable updates via the web interface, you may need this to enable writing to the directories:<\/p>\n
\n\nsetsebool httpd_unified on\n<\/pre>\n<\/div>\n<\/div>\nWhen the update is completed, disable write access:<\/p>\n
\n\nsetsebool -P httpd_unified off<\/pre>\n\nDisallow write access to the whole web directory<\/h3>\n
For security reasons it\u2019s suggested to disable write access to all folders in \/var\/www\/ (default):<\/p>\n
\n\nsetsebool -P httpd_unified off\n<\/pre>\n<\/div>\n<\/div>\n<\/div>\nA way to enable enhanced security with own configuration file<\/h3>\n
vim \u00a0\/etc\/httpd\/conf.d\/owncloud.conf\n...\nAlias \/nextcloud \"\/var\/www\/html\/nextcloud\/\"\n<Directory \/var\/www\/html\/nextcloud\/>\n\u00a0 Options +FollowSymlinks\n\u00a0 AllowOverride All\n\u00a0<IfModule mod_dav.c>\n\u00a0 Dav off\n\u00a0<\/IfModule>\n\u00a0SetEnv HOME \/var\/www\/html\/nextcloud\n\u00a0SetEnv HTTP_HOME \/var\/www\/html\/nextcloud\n<\/Directory><\/pre>\n<\/div>\n<\/div>\n ","protected":false},"excerpt":{"rendered":"At first, please update your centos. Every command I use, is used as root \ud83d\ude09 yum -y update Installing database server MariaDB Next, we install and create empty database for our nextcloud. Then we start it and enable for autostart after boot. If you wish, you can skip installations of MariaDB and you can use … Continue reading How to install nextcloud on centos 7 minimal<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[3,68,69,70],"class_list":["post-242","post","type-post","status-publish","format-standard","hentry","category-centos","tag-centos","tag-https","tag-letsencrypt","tag-nextcloud"],"_links":{"self":[{"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=\/wp\/v2\/posts\/242","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=242"}],"version-history":[{"count":3,"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=\/wp\/v2\/posts\/242\/revisions"}],"predecessor-version":[{"id":485,"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=\/wp\/v2\/posts\/242\/revisions\/485"}],"wp:attachment":[{"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=242"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=242"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gonscak.sk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=242"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}