Build your Nextcloud 14 Server using one shell script
October, 7th 2018:
– more secure using a new header statement: add_header Feature-Policy “geolocation ‘self'”;
find out more about Feature-Policy
… the entire update history
The initial script (install-nextcloud.sh) will install your self hosted Nextcloud within few minutes fully automated on either AMD64 or ARM64 (Odroid C2) environments. Your server will be built of:
- Fail2Ban (Nextcloud and SSH jails)
- MariaDB 10.3.10
- Nextcloud 14 latest
- NGINX 1.15.5 new
- OpenSSL 1.1.1 new + TLS v. 1.3 new
- PHP 7.2.10
- self signed or Let’s Encrypt SSL using the second script
- UFW (22, 80, 443)
Please remove already installed packages of NGINX, PHP, MariaDB and Redis firstsudo apt remove <package> --purge && sudo apt autoremove -y
The only precondition for the install-nextcloud.sh script is to utilize Ubuntu 18.04 LTS as your on-prem server OS. Optionally request your ssl certificate from Let’s Encrypt by issuing the second script called “ssl-certificate.sh”.
Beyond that you will find additional scripts at /usr/local/src/install-nextcloud/
to optimize and maintain your system easily. Ready to go? Let’s start:
(1) Build your self hosted Nextcloud server
If you are on Ubuntu 18.04 LTS:
sudo -s apt install git -y cd /usr/local/src git clone https://github.com/riegercloud/install-nextcloud.git cd install-nextcloud chmod +x *.sh
… be patient
Press ENTER to continue with the MariaDB installation and press ENTER again (without setting a MariaDB root password) if the magenta screen appears (3x). As described you will be asked to set/change the MariaDB root password while running mysql_secure_installation, at this step it is highly recommended to set the root password.
… be patient
Open your browser and call the shown URL from your shell
Nextcloud is already up, optimized and running!
(2) Optionally: Request your ssl certificate from Let’s Encrypt
Before you request your certificate ensure that your web-ports (80+443) are forwared to your server and your dyndns is properly configured to point to your server!
sudo -s /usr/local/src/install-nextcloud/ssl-certificate.sh
You only have to enter your DYNDNSNAME (YOUR.DEDYN.IO).
Then LetsEncrypt will ask you for
- your email adress
Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel):
- to agree to their Terms of Service
- if you are willing to share your email address with the Electronic Frontier Foundation
Y or N
Wait while your certificates are obtained.
If you receive this message:
Call: https://your.dedyn.io and enjoy your Nextcloud
your server is up and running using a verified certificate from Let’s Encrypt.
(3) Additional scripts
You will find additional scripts
restart all Nextcloud related services
try to renew your ssl certificates
to optimize and maintain your system easily.
Enjoy your personal data in your secured and hardened Nextcloud.
Don’t forget to backup your Nextcloud
Find more instructions here: Nextcloud Backup and Restore