Installing Nextcloud on Ubuntu 16.04 LTS with Redis, APCu, SSL & Apache


(Bwillyb) #62

after all
How To install collabora online with an existing nextcloud on domain ?


(Jason Bayton) #63

Have a look for guides over on help.nextcloud.com :slight_smile:


(Kourosh) #64

Thank you for this guide.
Greatly appreciated.
I am trying to install NC on a UDOO X86 SBC running openSUSE Leap 15.
I have followed SDB:Nextcloud - openSUSE Wiki
and installed NC and am able to login.
The purpose of the Nextcloud installation is to be able to store photos and videos from our devices inside our house. What I don’t know is how to setup Let’s Encrypt, because NC is running locally and not on a domain name. So instead of nc.domain.org , what should I put?
sudo ./certbot-auto --apache --agree-tos --rsa-key-size 4096 --email user@domain.org --redirect -d nc.domain.org

This is what I get at the NC’s settings page:

Security & setup warnings

It’s important for the security and performance of your instance that everything is configured correctly. To help you with that we are doing some automatic checks. Please see the Tips & Tricks section and the documentation for more information.

  • Accessing site insecurely via HTTP. You are strongly adviced to set up your server to require HTTPS instead, as described in the [security tips].

  • Your web server is not properly set up to resolve “/.well-known/caldav”. Further information can be found in the [documentation].

  • Your web server is not properly set up to resolve “/.well-known/carddav”. Further information can be found in the [documentation].

  • No memory cache has been configured. To enhance performance, please configure a memcache, if available. Further information can be found in the [documentation]

  • The PHP OPcache is not properly configured. [For better performance it is recommended]to use the following settings in the php.ini :

opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

Would apreciate any help.

Regards,
Kourosh


(Jason Bayton) #65

Hey @Simorgh

You can’t LE an internal host, it requires a public domain name.
The closest I guess you’d get would be a self-signed cert but you’ll still get warnings on this.


(Kourosh) #66

Thank you for your reply.
How can I setup my NC so I can access it in my LAN and have HTTPS enabled?

Appreciate your help.


#67

Impressive guide, thank you!

I’ve been trying to get NextCloud set up on my home server for the last two weeks. I know next to nothing about Linux so it has been very frustrating. I followed a video guide by a gentleman on Youtube and finally was able to get a working NextCloud. However, I’m now trying to secure it and be able to access it outside of my network.

So I found your guide and I am trying it. I have a new VM with a fresh install of Ubuntu Server 18.04.2 LTS running on ESXi.

Everything seemed to go well until I got to 4.2.1 in your guide. I have a subdomain I created at duckdns.org. So I entered this when I ran the Let’s Encrypt client -d mydomain.duckdns.org

Running it, I received the following
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for url
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. url (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching -url- .well-known/acme-challenge/blahblahblah: Timeout during connect (likely firewall problem)

IMPORTANT NOTES:

  • The following errors were reported by the server:

Domain: url
Type: connection
Detail: Fetching
url .well-known/acme-challenge/blahblahblah: Timeout during connect (likely firewall problem)

I forwarded ports 80 and 443 to the VM’s ip. Currently, if I put my public ISP ip address in a browser, I get the Apache2 Ubuntu default page.

Any help would be appreciated. This instance of NextCloud will only be used on my home server for my wife and I to access and share files but I would like it secure and able to be used away from home. Thank you so much!

  • As a new user I am limited to 2 links. So I had to substitute url for the actual url/link

(Jason Bayton) #68

Hey,

Just to check, does this show as open for 80/443 to you?

https://www.yougetsignal.com/tools/open-ports/

I haven’t done SSL on duckdns directly, but I do use duckdns on my domain (CNAME) and haven’t had any SSL issues.


#69

Both ports are closed.

ISP blocking?

I was using the Ubuntu server without desktop, so to make things easier for myself, I did a clean install with the desktop. I went back through your guide to the same step.


#70

So, I also took a look at no-ip and see that it has a port 80 redirect option. I’ve been playing around with that as well as the response I found from you here: Change port 443 and 80 - support - Nextcloud community

No joy yet, but I’m not giving up!


(Jason Bayton) #71

If the ports are closed, yep. Either local network or ISP blocks are in place