Instalasi NextCloud 18 pada Ubuntu 20.04 LTS
Spesifikasi
- MariaDB 10.3.x
- Apache 2.4.4x
- PHP 7.4.x
- NextCloud 18.x.x
Instalasi - script
#!/bin/bash
set -eux
# variables
USER_NAME="deploy"
MARIADB_VERSION="10.3"
PHP_VERSION="7.4"
INSTANCE_FQDN="sub.domain.tls"
NEXTCLOUD_RELEASE="18.0.0"
INSTALL_DIR="/opt/nextcloud-app"
DATA_DIR="/opt/nextcloud-data"
LOG_DIR="/var/log/nextcloud"
DB_HOST="db_host:db_port"
DB_NAME="db_name"
DB_USER="db_user"
DB_PASS="db_pass"
NC_ADMIN_USER="nc_admin_user"
NC_ADMIN_PASS="nc_admin_pass"
TIME_ZONE="Asia/Jakarta"
# Instalasi Apache2, MariaDB client 10.3, & PHP 7.4
apt-get install -y \
mariadb-client-$MARIADB_VERSION \
apache2 libapache2-mod-php$PHP_VERSION
# mengaktifkan modul dasar yang diperlukan untuk instalasi Nextcloud
a2enmod rewrite headers env dir mime
a2dismod dav
# instalasi modul tambahan php untuk optimasi instalasi Nextcloud
apt-get install -y \
php$PHP_VERSION-{bz2,curl,gd,imap,intl,ldap,mbstring,mysql,xml,zip}
apt-get install -y php-imagick php-apcu redis-server php-redis
apt-get install -y libreoffice
# akses redis bagi www-data
usermod -aG redis www-data
# meningkatkan batasan penggunaan memori
sed --in-place 's/^memory_limit.*/memory_limit = 512M/g' /etc/php/$PHP_VERSION/apache2/php.ini
# peningkatan performa dengan opcache
cat << EOF >> /etc/php/$PHP_VERSION/apache2/conf.d/10-opcache.ini
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
EOF
# pengaktifan APCu
cat << EOF >> /etc/php/$PHP_VERSION/apache2/conf.d/20-apcu.ini
apc.enable_cli=1
EOF
# menjalankan ulang layanan peladen web apache2
systemctl restart apache2
# hak akses
usermod -aG www-data $USER_NAME
cd /tmp
# unduh
wget https://download.nextcloud.com/server/releases/nextcloud-$NEXTCLOUD_RELEASE.tar.{bz2,bz2.asc}
wget https://nextcloud.com/nextcloud.asc
gpg --import nextcloud.asc
gpg --verify nextcloud-$NEXTCLOUD_RELEASE.tar.bz2.asc nextcloud-$NEXTCLOUD_RELEASE.tar.bz2
# ekstrak
tar -xvjf nextcloud-$NEXTCLOUD_RELEASE.tar.bz2
# direktori instalasi & data
mkdir -pv $INSTALL_DIR $DATA_DIR $LOG_DIR
# pindahkah konten ke direktori instalasi
mv -v nextcloud/* $INSTALL_DIR
touch $LOG_DIR/nextcloud.log
chown -Rv www-data:www-data $INSTALL_DIR $DATA_DIR $LOG_DIR
#
cat << EOF > /etc/apache2/sites-available/$INSTANCE_FQDN.conf
Alias / "$INSTALL_DIR/"
<Directory $INSTALL_DIR/>
AllowOverride All
Require all granted
Options FollowSymlinks MultiViews
Satisfy Any
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
EOF
# alias occ
alias occ="sudo -u www-data php $INSTALL_DIR/occ"
# instalasi Nextcloud
occ maintenance:install --database "mysql" \
--database-host "$DB_HOST" \
--database-name "$DB_NAME" \
--database-user "$DB_USER" \
--database-pass "$DB_PASS" \
--admin-user "$NC_ADMIN_USER" \
--admin-pass "$NC_ADMIN_PASS" \
--data-dir "$DATA_DIR"
# mengaktifkan VirtualHost
a2ensite $INSTANCE_FQDN.conf
# tambah FQDN sebagai domain yang diizinkan untuk akses
occ config:system:set trusted_domains 0 --value=$INSTANCE_FQDN
# mengaktifkan ssl sementara dan memuat ulang apache2
a2enmod ssl
a2ensite default-ssl
systemctl reload apache2
# manipulasi berkas konfigurasi via CLI
# konfigurasi log
occ config:system:set logtimezone --value="$TIME_ZONE"
occ config:system:set logfile --value="$LOG_DIR/nextcloud.log"
occ config:system:set log_rotate_size --value=1073741824 --type=integer
occ config:system:set loglevel --value=3 --type=integer
occ config:system:set log_type --value="owncloud"
occ config:system:set logdateformat --value="F d, Y H:i:s"
# lokasi direktori
#occ config:system:set datadirectory --value="$DATA_DIR"
# optimasi redis & opcache
occ config:system:set redis host --value=localhost
occ config:system:set redis port --value=6379 --type=integer
occ config:system:set redis dbindex --value=0 --type=integer
occ config:system:set redis timeout --value=0.0 --type=float
occ config:system:set memcache.local --value="\OC\Memcache\APCu"
occ config:system:set memcache.distributed --value="\OC\Memcache\Redis"
occ config:system:set memcache.locking --value="\OC\Memcache\Redis"
# libreoffice konversi PDF
occ config:system:set preview_libreoffice_path --value="/usr/bin/libreoffice"
Instalasi - manual (paska instalasi otomatis)
# optimasi DB
occ db:add-missing-indices
occ db:convert-filecache-bigint
# Let's Encrypt SSL (staging)
apt-get install -y certbot python3-certbot-apache
certbot --apache -m [email protected] --agree-tos --test-cert -d $INSTANCE_FQDN
a2dissite default-ssl
systemctl reload apache2
apache2ctl configtest
systemctl restart apache2
# tautan tanpa index.php
occ config:system:set overwrite.cli.url --value="https://$INSTANCE_FQDN/"
occ config:system:set htaccess.RewriteBase --value="/"
occ maintenance:update:htaccess
systemctl restart apache2
# keamanan
occ config:system:set overwriteprotocol --value="https"
occ config:system:set remember_login_cookie_lifetime --value=1800 --type=integer
#
occ config:system:set maintenance --value=false --type=boolean
# memuat ulang apache2 dan redis
systemctl restart apache2 redis-server
# melihat isi konfigurasi aktual
occ config:list --private
# cron
sudo crontab -u www-data -e
*/5 * * * * php -f $INSTALL_DIR/cron.php
systemctl restart cron
sudo -u www-data php $INSTALL_DIR/cron.php
nano /etc/apache2/sites-available/$INSTANCE_FQDN.conf
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000; preload"
</IfModule>
SetEnv HOME /opt/<$INSTALL_DIR>
SetEnv HTTP_HOME /opt/<$INSTALL_DIR>