Installing NextCloud on WebFaction
Below is a complete set of commands needed to install a NextCloud server on your WebFaction shared account. Tested on CentOS 7.
Preparation
Go to the Webfaction Control Panel and follow these steps:
- Ceate a new application for the Cloud: Custom + Custom app (listening on port)
- Ceate a new subdomain for the Cloud: Default settings
-
Ceate a new website for the Cloud: Encrypted website (https) + Cloud subdomain + Cloud application
Reopen the website and select Let's Encrypt certificate - Ceate a new database for the Cloud: PostgreSQL + Unicode + Tsearch2
- Ceate a new application for Redis: Custom + Custom app (listening on port)
Now SSH into your WebFaction account and start pasting. My advice is that you go slowly, line-by-line, and check for errors in the output of every command you enter.
The source folder
mkdir ~/src
Variables
Copy the values for the DOMAIN_*, APPNAME_* and PORT_* variables from the WebFaction control panel. Building with the provided VER_* numbers is tested and all should work. You may want to use newer components, in which case you'll need to solve any potential issues yourself.
FOLDER_DATA="$HOME/cloud/nextcloud"
DOMAIN_CLOUD="cloud.example.com"
APPNAME_CLOUD="example_com_cloud"
APPNAME_REDIS="example_com_redis"
PORT_CLOUD="12345"
PORT_REDIS="12345"
VER_OPENSSL="1.0.2q"
VER_IMAP="2007f"
VER_LDAP="2.4.46"
VER_ONIGURUMA="6.9.5"
VER_CMAKE="3.18.2"
VER_LIBZIP="1.7.3"
VER_NEXTCLOUD="19.0.1"
VER_PHP="7.4.9"
VER_MCRYPT="1.0.3"
VER_IMAGICK="3.4.4"
VER_REDISPHP="5.3.1"
VER_REDIS="5.0.2"
Apache
mkdir -p $HOME/apache/var/run
cd $HOME/apache
mkdir bin conf logs
cd $HOME/apache/bin
echo '#!/bin/bash' >> start
echo '' >> start
echo 'MYDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"' >> start
echo 'exec /usr/sbin/httpd -f "$MYDIR/../conf/httpd.conf" -k start # -D FOREGROUND' >> start
echo '#!/bin/bash' >> stop
echo '' >> stop
echo 'MYDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"' >> stop
echo 'exec /usr/sbin/httpd -f "$MYDIR/../conf/httpd.conf" -k stop' >> stop
echo '#!/bin/bash' >> restart
echo '' >> restart
echo 'MYDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"' >> restart
echo '$MYDIR/stop' >> restart
echo 'sleep 3' >> restart
echo '$MYDIR/start' >> restart
chmod 755 start stop restart
cd $HOME/apache/conf
cat << EOF > httpd.conf
LoadModule mpm_event_module /usr/lib64/httpd/modules/mod_mpm_event.so
LoadModule remoteip_module /usr/lib64/httpd/modules/mod_remoteip.so
LoadModule dav_module /usr/lib64/httpd/modules/mod_dav.so
LoadModule dav_fs_module /usr/lib64/httpd/modules/mod_dav_fs.so
LoadModule authz_core_module /usr/lib64/httpd/modules/mod_authz_core.so
LoadModule authz_host_module /usr/lib64/httpd/modules/mod_authz_host.so
LoadModule authz_groupfile_module /usr/lib64/httpd/modules/mod_authz_groupfile.so
LoadModule authz_owner_module /usr/lib64/httpd/modules/mod_authz_owner.so
LoadModule authz_user_module /usr/lib64/httpd/modules/mod_authz_user.so
LoadModule mime_module /usr/lib64/httpd/modules/mod_mime.so
LoadModule dir_module /usr/lib64/httpd/modules/mod_dir.so
LoadModule rewrite_module /usr/lib64/httpd/modules/mod_rewrite.so
LoadModule proxy_module /usr/lib64/httpd/modules/mod_proxy.so
LoadModule proxy_connect_module /usr/lib64/httpd/modules/mod_proxy_connect.so
LoadModule proxy_http_module /usr/lib64/httpd/modules/mod_proxy_http.so
LoadModule proxy_ftp_module /usr/lib64/httpd/modules/mod_proxy_ftp.so
LoadModule auth_basic_module /usr/lib64/httpd/modules/mod_auth_basic.so
LoadModule auth_digest_module /usr/lib64/httpd/modules/mod_auth_digest.so
LoadModule authn_file_module /usr/lib64/httpd/modules/mod_authn_file.so
LoadModule cgid_module /usr/lib64/httpd/modules/mod_cgid.so
LoadModule alias_module /usr/lib64/httpd/modules/mod_alias.so
LoadModule autoindex_module /usr/lib64/httpd/modules/mod_autoindex.so
LoadModule deflate_module /usr/lib64/httpd/modules/mod_deflate.so
LoadModule setenvif_module /usr/lib64/httpd/modules/mod_setenvif.so
LoadModule headers_module /usr/lib64/httpd/modules/mod_headers.so
LoadModule log_config_module /usr/lib64/httpd/modules/mod_log_config.so
LoadModule include_module /usr/lib64/httpd/modules/mod_include.so
LoadModule expires_module /usr/lib64/httpd/modules/mod_expires.so
LoadModule env_module /usr/lib64/httpd/modules/mod_env.so
LoadModule actions_module /usr/lib64/httpd/modules/mod_actions.so
LoadModule negotiation_module /usr/lib64/httpd/modules/mod_negotiation.so
LoadModule speling_module /usr/lib64/httpd/modules/mod_speling.so
LoadModule access_compat_module /usr/lib64/httpd/modules/mod_access_compat.so
LoadModule unixd_module /usr/lib64/httpd/modules/mod_unixd.so
ServerName 127.0.0.1:$PORT_CLOUD
ServerRoot $HOME/apache
DefaultRuntimeDir $HOME/apache/var/run
ScriptSock cgid.sock
Listen 127.0.0.1:$PORT_CLOUD
KeepAliveTimeout 3
KeepAlive Off
MaxRequestsPerChild 5000
Timeout 60
PidFile $HOME/apache/logs/httpd.pid
TypesConfig /etc/httpd/conf/mime.types
LogLevel warn
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
CustomLog $HOME/logs/user/access_$APPNAME_CLOUD.log combined
ErrorLog $HOME/logs/user/error_$APPNAME_CLOUD.log
<VirtualHost 127.0.0.1:$PORT_CLOUD>
ServerName $DOMAIN_CLOUD
DocumentRoot $HOME/webapps/$APPNAME_CLOUD
DirectoryIndex index.html index.htm index.cgi index.php
ProxyPreserveHost on
AddDefaultCharset utf-8
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
Header always set Referrer-Policy "no-referrer"
Options +ExecCGI
AddHandler cgi-script .cgi
Alias /cgi-bin/php.cgi $HOME/cgi-bin/php.cgi
Action php_custom /cgi-bin/php.cgi
AddHandler php_custom .php
SetEnv PHP_INI_SCAN_DIR $HOME/webapps/lib
<Directory $HOME/webapps/$APPNAME_CLOUD>
AllowOverride all
<FilesMatch \.ht(access|passwd)>
Require all denied
</FilesMatch>
<FilesMatch (\.user\.ini|php\.ini)>
Require all denied
</FilesMatch>
<FilesMatch \.php$>
SetHandler php_custom
</FilesMatch>
</Directory>
Redirect 301 /.well-known/carddav https://$DOMAIN_CLOUD/remote.php/dav
Redirect 301 /.well-known/caldav https://$DOMAIN_CLOUD/remote.php/dav
</VirtualHost>
EOF
(crontab -l 2>/dev/null; echo "*/20 * * * * $HOME/apache/bin/start") | crontab -
OpenSSL
cd ~/src
wget http://www.openssl.org/source/openssl-$VER_OPENSSL.tar.gz
tar -xzf openssl-$VER_OPENSSL.tar.gz
cd openssl-$VER_OPENSSL
./Configure --prefix=$HOME linux-x86_64
make
make install
IMAP
cd ~/src
wget https://www.mirrorservice.org/sites/ftp.cac.washington.edu/imap/imap-$VER_IMAP.tar.gz
tar zxf imap-$VER_IMAP.tar.gz
cd imap-$VER_IMAP
sed -i "s@SSLDIR=/usr/local/ssl@SSLDIR=$HOME/ssl@" src/osdep/unix/Makefile
ln -s $HOME/include/openssl $HOME/ssl/include
ln -s $HOME/lib $HOME/ssl/lib
make clean
make sl5 "EXTRALDFLAGS=-L$HOME/lib -L/usr/local/lib -L/usr/lib -ldl -lcrypt" EXTRAAUTHENTICATORS=gss
cp c-client/c-client.a $HOME/lib/libc-client.a
mkdir -p $HOME/include/imap
cp c-client/*.h c-client/linkage.c $HOME/include/imap/
LDAP
cd ~/src
wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-$VER_LDAP.tgz
tar zxf openldap-$VER_LDAP.tgz
cd openldap-$VER_LDAP
CPPFLAGS=-I$HOME/include LDFLAGS=-L$HOME/lib ./configure --prefix=$HOME --with-tls
make depend
make
make install
Oniguruma
cd ~/src
wget https://github.com/kkos/oniguruma/releases/download/v$VER_ONIGURUMA/onig-$VER_ONIGURUMA.tar.gz
tar zxf onig-$VER_ONIGURUMA.tar.gz
cd onig-$VER_ONIGURUMA
CPPFLAGS=-I$HOME/include LDFLAGS=-L$HOME/lib ./configure --prefix=$HOME
make
make install
CMake
cd ~/src
wget https://github.com/Kitware/CMake/releases/download/v$VER_CMAKE/cmake-$VER_CMAKE.tar.gz
tar zxf cmake-$VER_CMAKE.tar.gz
cd cmake-$VER_CMAKE
./bootstrap --prefix=$HOME
make
make install
libzip
cd ~/src
wget https://github.com/nih-at/libzip/releases/download/v$VER_LIBZIP/libzip-$VER_LIBZIP.tar.gz
tar zxf libzip-$VER_LIBZIP.tar.gz
cd libzip-$VER_LIBZIP
sed -i "s/cmake_minimum_required.*/cmake_minimum_required(VERSION 3.0.2)\ncmake_policy(SET CMP0048 NEW)/" CMakeLists.txt
$HOME/bin/cmake -DCMAKE_INSTALL_PREFIX=$HOME
make
make install
NextCloud
cd ~/src
wget https://download.nextcloud.com/server/releases/nextcloud-$VER_NEXTCLOUD.tar.bz2
tar jxf nextcloud-$VER_NEXTCLOUD.tar.bz2
cp -R nextcloud/* ~/webapps/$APPNAME_CLOUD
cp nextcloud/.htaccess ~/webapps/$APPNAME_CLOUD
cp nextcloud/.user.ini ~/webapps/$APPNAME_CLOUD
PHP
cd ~/src
wget http://php.net/distributions/php-$VER_PHP.tar.bz2
tar -xjf php-$VER_PHP.tar.bz2
cd php-$VER_PHP
LIBZIP_CFLAGS="-I$HOME/include" LIBZIP_LIBS="-L$HOME/lib -lzip" ONIG_CFLAGS="-I$HOME/include" ONIG_LIBS="-L$HOME/lib -lonig" ./configure --prefix=$HOME --enable-pcntl --with-pdo-pgsql=/usr/pgsql-9.4 --enable-sockets --enable-intl --enable-bcmath --enable-calendar --enable-exif --enable-ftp --enable-mbstring --enable-soap --enable-opcache --with-curl --with-imap-ssl=$HOME --with-imap=$HOME --with-ldap=$HOME --with-gettext --with-gmp --with-iconv --with-bz2 --with-kerberos --with-mhash --with-openssl --with-pgsql=/usr/pgsql-9.4 --with-xmlrpc --with-xsl --with-zlib-dir --with-config-file-path=$HOME/lib --without-pear --enable-gd --with-freetype --with-zlib --with-zip
make
make install
mkdir $HOME/cgi-bin
ln -s $HOME/bin/php-cgi $HOME/cgi-bin/php.cgi
mcrypt
cd ~/src
wget https://pecl.php.net/get/mcrypt-$VER_MCRYPT.tgz
tar zxf mcrypt-$VER_MCRYPT.tgz
cd mcrypt-$VER_MCRYPT
phpize
./configure
make
make install
echo "extension=mcrypt.so" >> $HOME/lib/php.ini
imagick
cd ~/src
wget https://pecl.php.net/get/imagick-$VER_IMAGICK.tgz
tar zxf imagick-$VER_IMAGICK.tgz
cd imagick-$VER_IMAGICK
phpize
./configure
make
make install
echo "extension=imagick.so" >> $HOME/lib/php.ini
redis PHP
cd ~/src
wget https://pecl.php.net/get/redis-$VER_REDISPHP.tgz
tar zxf redis-$VER_REDISPHP.tgz
cd redis-$VER_REDISPHP
phpize
./configure
make
make install
echo "extension=redis.so" >> $HOME/lib/php.ini
redis
cd ~/src
wget http://download.redis.io/releases/redis-$VER_REDIS.tar.gz
tar -xzf redis-$VER_REDIS.tar.gz
cd redis-$VER_REDIS
make
cd ~/webapps/$APPNAME_REDIS
cp ~/src/redis-$VER_REDIS/src/redis-server .
cp ~/src/redis-$VER_REDIS/src/redis-cli .
cp ~/src/redis-$VER_REDIS/redis.conf .
sed -i "s@daemonize no@daemonize yes@" redis.conf
sed -i "s@pidfile /var/run/redis_6379.pid@pidfile $HOME/webapps/$APPNAME_REDIS/redis.pid@" redis.conf
sed -i "s@port 6379@port $PORT_REDIS@g" redis.conf
echo -e "client cli:\n\t./redis-cli -p $PORT_REDIS\n\nstart restart:\n\t./redis-server redis.conf\n\nstop:\n\tcat redis.pid | xargs kill" > Makefile
(crontab -l 2>/dev/null; echo "*/5 * * * * make -C ~/webapps/$APPNAME_REDIS/ -f ~/webapps/$APPNAME_REDIS/Makefile start") | crontab -
(crontab -l 2>/dev/null; echo "@reboot make -C ~/webapps/$APPNAME_REDIS/ -f ~/webapps/$APPNAME_REDIS/Makefile start") | crontab -
make start
OPcache
echo "zend_extension=opcache.so" >> $HOME/lib/php.ini
echo "opcache.enable=1" >> $HOME/lib/php.ini
echo "opcache.enable_cli=1" >> $HOME/lib/php.ini
echo "opcache.interned_strings_buffer=8" >> $HOME/lib/php.ini
echo "opcache.max_accelerated_files=10000" >> $HOME/lib/php.ini
echo "opcache.memory_consumption=128" >> $HOME/lib/php.ini
echo "opcache.save_comments=1" >> $HOME/lib/php.ini
echo "opcache.revalidate_freq=1" >> $HOME/lib/php.ini
Configuration
(crontab -l 2>/dev/null; echo "*/15 * * * * $HOME/bin/php -f ~/webapps/$APPNAME_CLOUD/cron.php") | crontab -
mkdir -p $FOLDER_DATA
This should help with the next step
echo $FOLDER_DATA
echo $PORT_REDIS
Add these to your ~/webapps/APPNAME_CLOUD/config/config.php (change FOLDER_DATA to the absolute path, and PORT_REDIS to the redis port):
'datadirectory' => 'FOLDER_DATA',
'filelocking.enabled' => true,
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.local' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array
(
'host' => 'localhost',
'port' => PORT_REDIS,
'timeout' => 0.0,
'password' => '',
),
'blacklisted_files' => array(),
Finish and clean up
$HOME/apache/bin/restart
rm -R $HOME/src
Found an error in this article?