Skip to content

Instantly share code, notes, and snippets.

@butageek

butageek/nextcloud.md

Created February 4, 2021 03:14
Show Gist options
  • Save butageek/9f0ffbbef317436c9fbe8cf4c4ab8d76 to your computer and use it in GitHub Desktop.
Save butageek/9f0ffbbef317436c9fbe8cf4c4ab8d76 to your computer and use it in GitHub Desktop.
Download ZIP
Install Nextcloud
Raw
nextcloud.md

Installing

Download the Nextcloud snap package and install it

sudo snap install nextcloud

Getting Additional Information About the Nextcloud Snap

The snap info command can show you the description, the Nextcloud management commands available, as well as the installed version and the snap channel being tracked:

snap info nextcloud

To see what snap connections this snap defines, type:

snap connections nextcloud

To learn about all of the specific services and apps that this snap provides, you can take a look at the snap definition file by typing:

cat /snap/nextcloud/current/meta/snap.yaml

Configuring an Administrative Account

To configure Nextcloud with a new administrator account, use the nextcloud.manual-install command. You must pass in a username and a password as arguments:

sudo nextcloud.manual-install username password

Adjusting the Trusted Domains

You can view the current settings by querying the value of the trusted_domains array:

sudo nextcloud.occ config:system:get trusted_domains

We can add an entry for our server’s domain name or IP address by typing:

sudo nextcloud.occ config:system:set trusted_domains 1 --value=example.com

Securing the Nextcloud Web Interface with SSL

If you have a domain name associated with your Nextcloud server, the Nextcloud snap can help you obtain and configure a trusted SSL certificate from Let’s Encrypt. If your Nextcloud server does not have a domain name, Nextcloud can configure a self-signed certificate which will encrypt your web traffic but won’t be automatically trusted by your web browser.

Option 1: Setting Up SSL with Let’s Encrypt

Start by opening the ports in the firewall that Let’s Encrypt uses to validate domain ownership.

sudo ufw allow 80,443/tcp

Next, request a Let’s Encrypt certificate by typing:

sudo nextcloud.enable-https lets-encrypt

You will first be asked whether your server meets the conditions necessary to request a certificate from the Let’s Encrypt service:

In order for Let's Encrypt to verify that you actually own the
domain(s) for which you're requesting a certificate, there are a
number of requirements of which you need to be aware:

1. In order to register with the Let's Encrypt ACME server, you must
   agree to the currently-in-effect Subscriber Agreement located
   here:

       https://letsencrypt.org/repository/

   By continuing to use this tool you agree to these terms. Please
   cancel now if otherwise.

2. You must have the domain name(s) for which you want certificates
   pointing at the external IP address of this machine.

3. Both ports 80 and 443 on the external IP address of this machine
   must point to this machine (e.g. port forwarding might need to be
   setup on your router).

Have you met these requirements? (y/n)

Type y to continue.

Next, you will be asked to provide an email address to use for recovery operations:

Please enter an email address (for urgent notices or key recovery):

Enter your email and press Enter to continue.

Finally, enter the domain name associated with your Nextcloud server:

Please enter your domain name(s) (space-separated): example.com

Option 2: Setting Up SSL with a Self-Signed Certificate

To generate a self-signed certificate and configure Nextcloud to use it, type:

sudo nextcloud.enable-https self-signed

Now that the interface is secure, open the web ports in the firewall to allow access to the web interface:

sudo ufw allow 80,443/tcp

Logging in to the Nextcloud Web Interface

Now that Nextcloud is configured, visit your server’s domain name or IP address in your web browser:

https://example.com

Enter the credentials you created for the administrative user.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment