Nextcloud Debian 12

You did it, you buy your first baremetal on your favourite cloud provider.

Let’s install Nextcloud

I assume you’ve already got ssh admin access to your freshly boot Debian server.

Nextcloud is a fantastic tool to create your own personal data manager. I start selfhosted my instance on a raspberry pi hide between ISP router and an external harddrive. Now my entire family use it without knowing how it work.

So let’s first install some packages:

sudo apt install apache2 libapache2-mod-php bzip2 -y;
sudo systemctl enable apache;
sudo systemctl start apache2;
sudo apt install php php-gd php-json php-mysql php-curl php-mbstring php-intl php-imagick php-xml php-zip php-fpm php-mysql -y;
sudo a2enconf php8.2-fpm;
sudo systemctl restart apache2;
sudo apt install mariadb-server mariadb-client -y;
sudo mysql_secure_installation
sudo mysql -u root -p
CREATE USER 'nextclouduser'@'localhost' IDENTIFIED BY 'changePasswordHere';
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextclouduser'@'localhost' IDENTIFIED BY 'changePasswordHere';
# Test with
SELECT User FROM mysql.user;

MariaDB [(none)]> SHOW GRANTS FOR 'nextclouduser'@localhost;
| Grants for nextclouduser@localhost                                                                                   |
| GRANT USAGE ON *.* TO `nextclouduser`@`localhost` IDENTIFIED BY PASSWORD '*Pass' |
| GRANT ALL PRIVILEGES ON `nextcloud`.* TO `nextclouduser`@`localhost`                                                 |
2 rows in set (0.000 sec)
cd /var/www/html/
tar jxvf  latest.tar.bz2
sudo chown -R www-data:www-data /var/www/html/nextcloud/
sudo chmod -R 755 /var/www/html/nextcloud/
sudo a2enmod ssl
sudo systemctl reload apache2.service
sudo apt install certbot
sudo certbot certonly --webroot -w /var/www/html/nextcloud/ -d

systemctl status certbot.timer
sudo certbot renew --dry-run

tom@garden:~$ cat /etc/apache2/sites-available/nextcloud.conf
<VirtualHost *:80>
        Redirect permanent /
<VirtualHost *:443>
  DocumentRoot /var/www/html/nextcloud/

  <Directory /var/www/html/nextcloud/>
    Require all granted
    AllowOverride All
    Options FollowSymLinks MultiViews

    <IfModule mod_dav.c>
      Dav off

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/

  ErrorLog ${APACHE_LOG_DIR}/nextcloud_error.log
  CustomLog ${APACHE_LOG_DIR}/nextcloud_access.log combined
tom@garden:~# crontab -u www-data -l | tail -1
*/5  *  *  *  * php -f /var/www/html/nextcloud/cron.php --define apc.enable_cli=1
sudo a2ensite nextcloud.conf
sudo a2enmod rewrite
sudo a2enmod headers
sudo systemctl restart apache2.service

tom@garden:~$ grep memory /etc/php/8.2/apache2/php.ini
; Maximum amount of memory a script may consume
memory_limit = 8192M


sudo apt install redis-server
sudo systemctl status redis-server.service
sudo apt install php-apc
sudo systemctl restart php8.2-fpm.service
sudo systemctl restart apache2.service

#Enable on nextcloud config
tom@garden:/var/www/html/nextcloud/config# tail config.php
  'opcache.revalidate_freq' => 30,
  'filelocking.enabled' => true,
  'memcache.local' => '\OC\Memcache\APCu',
  'memcache.distributed' => '\OC\Memcache\Redis',
  'memcache.locking' => '\OC\Memcache\Redis',
  'redis' => array(
     'host' => 'localhost',
     'port' => 6379,