Installing Nextcloud 15 on Ubuntu 1804


Nerd on the Street - Tech


nerdonthestreet,jacob,kauffmann,jacobgkau,Nextcloud,DigitalOcean,Linode,ownCloud,Nextcloud 15,install,installation,how to,guide,setup,server,VPS,private cloud,installing,Ubuntu,Ubuntu 18.04,Ubuntu 18.10,Debian,Debian 9,CentOS,Linux,Apache,phpMyAdmin,MariaDB,MySQL,warning,warnings,errors,error,memcache,OPcache,PHP,HSTS,OCC,CALdav,CARDdav,resolve,redirect,Lets Encrypt,HTTPS,SSL,TLS,free,performance,PHP memory limit,PHP upload limit,memory limit,upload limit,secure

hello everyone I'm Jacob - I'm the nerd in the street and today we are setting up next cloud on an Ubuntu virtual private server ok everybody you've probably heard of next cloud before it is server-side software that you can use to host your own cloud instance similar to something like Google Drive you can put your files there but while Google Drive requires you giving your files to Google next cloud you can host on your own server so you can access your files from anywhere if you're setting this up on a web server but you still maintain control of your files because it's your server and you're running a next cloud which is open source software next cloud 15 was released not too long ago so we're going to be installing that normally I use Debian for my personal web servers but today I'm using Ubuntu 18.04 because I know lots of people are familiar with Ubuntu and finally I am doing this video using a digital ocean virtual private server simply because I've got a lot of credit built up on there so it's not going to cost me anything to do this video today however once again for my personal servers I usually use Linode instead just because they have more locations here in the United States which is closer to me whereas digitalocean has a lot more worldwide locations I have referral links for both digital ocean and Linode that you can find in the description of this video and you can use those to get a few dollars of free credit yourself so you can try this out without spending any money but without much further ado we'll go ahead and jump right in this is just going to be a basic installation of next cloud and we are going to take care of all of the errors warnings and recommended practices for installation taking care of all the messages that show up in the next cloud admin center so let's get to it okay and here we are on the desktop I will go ahead and open up Firefox here and we're going to start by creating our virtual private server over at digitalocean comm once again you can use whatever server provider you want digitalocean is relatively easy to use it's about the same ease of use as Linode in the exact same prices as well okay so we will create a new droplet and like I said for this video we're going to use Ubuntu 18.04 because it's a long-term support release lots of people are comfortable using Ubuntu for the droplet size today we're going to go all the way down to the five dollar-a-month option the is going to give us one gigabyte of RAM 25 gigabytes of storage one core of CPU and a thousand gigabytes of transfer 25 gigs is not a lot but it is about the same amount you get with a free Google Drive account anyway and of course if you do want to add more storage later you're free to do that we'll continue down the page and we're not going to enable any other services here but we are going to choose a region here in the United States actually I'll go to New York today we'll give ourself a host name next cloud tutorial and we will create that droplet so if you've never used digitalocean before or one of these VPS providers they're going to email me the root password for a Linux machine as soon as it's done creating their virtual machine here and I'm going to SSH into it it'll be just like I've got an actual server alright they've got my IP address there so I can copy that and I will go ahead and sign into my email here and here they have our root password which of course I'll change after the videos over actually it's gonna make me change it as soon as I log in here too so I'll open up my terminal drag that into frame and we will SSH let me go ahead and turn off the transparency here in my terminal just for you guys to be able to see a little bit better or at least we'll turn the transparency down a little bit how about we do alright that's better so we'll ssh into the IP address that was on my droplet manager there and it's actually going to be ssh root at the IP address because we're logging in as root we do want to connect and now we will copy our root password that i got in that email and paste it in to our terminal right here so i just pasted that and it's going to require me to change it like i said using a weak password for now but i will change it later like I said okay and now we are logged into our Ubuntu server so we'll just sudo apt update & sudo apt upgrade just to make sure that everything is up-to-date to start with here and at this point I am going to move Firefox away just because we're not going to be working with it for a little while looks like we do have a few updates we can install so I will see - apt upgrade and that will install those and we will go ahead and app to auto remove as well just to get rid of that it was giving us okay so now we have an up-to-date clean Ubuntu server nothing is installed on this right now the first thing we're going to do is install the Apache web server to do that for just a basic web server all we have to do is type sudo apt install apache2 that's the name of the package and it is going to pull on some dependencies as you'll see so enabling all these modules and as soon as that's done installing we can systemctl start apache to systemctl enable apache to and what this enable is going to do is automatically start the web server whenever our system turns on all right and now if we go and open up Firefox and we navigate to this IP address that we are currently SSH into we will see the Apache default page telling us that our web server is installed properly you can see if we go back to our terminal here and stop Apache to systemctl stop Apache to and we reload this unable to connect because we stopped the server but we'll go ahead and start it again and there we go so that's running now next cloud is a complicated application it uses more than just a basic web server so there are a few more things we need to install for one thing we need a database server and for that we are using Mario DB it is a MySQL like server it is completely compatible with MySQL commands but Mario DB is a fork that was eventually created as a result of Oracle purchasing Sun Microsystems and we're just going to use that for today so app to install Marya DB server we will run that and it is going to pull in dependencies as well including the Maurya DB client if you can see that in the scrolling text there okay and that is done installing we do need to secure the installation so we will run MySQL secure installation and this does need to be run as root so you see - if you're not already logged in as root so this is asking us to set the Maurya DB root password this is separate from your systems root password it's currently nothing so we'll hit enter for none we are going to set a repass word once again I'm making it insecure for this video but that's just because this is an example ideally you should use a different password for every password that I'm making here today and write those all down somewhere safe for the rest of these you can mostly just accept the defaults and/or type yes for everything this script is just like I said securing our installation here and now we have a secure Mario DB setup we do need to install PHP because next cloud is a PHP application so we will app to install PHP as well as the Lib Apache to mod PHP which hooks PHP in with our web server and PHP MySQL which will hook PHP in with our Mario DB server we'll run that and it's going to pull in a few more things once again okay and now we have that and for the sake of this video I'm also going to install a program called PHP myadmin you do not strictly need this to run next cloud but it is helpful whenever you're using any PHP application that is also using MySQL databases that you can log into your database using a GUI and see what's going on a little bit easier than the command line so we will run app install PHP myadmin and that is going to install this tool it is going to ask us which web server we want to use of course we just installed Apache to so we will tell PHP myadmin to configure itself for Apache 2 you can answer yes for the database configuration just so that PHP myadmin is useable after we're done it's asking you what the mysql or mariadb root password is so I'll provide that this is the one you just made in that other script we ran ok and as soon as that's done you can go to your IP address slash PHP myadmin and that is going to give you a login page now we cannot log in as root right now for one thing Firefox is warning us that we're using an HTTP connection right now which is not secure we're sending our password over plaintext so don't do this in real life but for example here I'm also going to try logging in as root I have just typed the correct password and I'll click go and you can see access has been denied for root at localhost I did type the correct password and I'll do it one more time just so you can see the reason we are getting an access denied is because Marya DB disallows root login from applications like page from my admin by default just for security it is possible to override that but we're not going to override that today we are going to go ahead and create our MySQL database in Marya DB we're going to need that in a few minutes when we actually start installing next cloud and then we're going to log in here in PHP myadmin just to verify that the database is there so for this we are going to start up our Mario DB client we're going to run Mario DB and it's going to connect us up and we're going to run create database next cloud and that is going to create a database for us called next cloud next we're going to create a user for that so create user we're going to call this next cloud as well identified by and then the password we want once again I'm using an insecure password for the video we'll hit enter there and let's try this again with quotation marks around passcode all right generally it's a good idea to put quotation marks around any input you're giving Mario DB especially when the input has special characters and things in it so next we need to tell Mario DB that this next cloud user has permissions for the next cloud database for that we will type grant usage on asterisk asterisk those are wild cards too next cloud at localhost identified by passcode and this is actually just telling Mario DB that we will be allowed to access and use the database server using this account so it accepted that next we will grant all privileges on next cloud dot asterisks to next cloud at localhost and that's going to give the next cloud user privileges to do anything on our next cloud database we will flush our privileges just to make sure that that configuration gets applied and now if we go to our MySQL control panel of PHP myadmin if we type in next cloud for a username and we type our password here you can see we are logged into phpMyAdmin because we gave ourselves religious to access and use the database and we do have a single database here called next cloud and we are able to create tables or do whatever we want to in here so now we have a database set up for us to use and next cloud is going to utilize that we are just going to install a few more dependencies here back in our terminal I am taking these dependencies from the next cloud 15 administration manual here you can see the admin manual actually suggests that we installed next cloud using Ubuntu snaps personally I am NOT a fan of snap packages at all for a variety of reasons we're going to be installing next cloud manually today I think it gives people more control and I think it makes things easier for you the administrator in the long term so we're going to come down here and take a look at just some of the other requirements here we've already installed Apache the Mario DB server and live Apache tube mod PHP but they do just have some other packages that we are going to install so we'll copy these one line at a time we're using app instead of apt-get because we're using a newer version of Ubuntu we will go ahead and quit Marya DB quit there we go clear a command line and apt install actually these are not valid packages in Ubuntu 18.04 as you can see it's going to say could not locate I think if we go through here and just to remove the version numbers there we go and those are all already installed except for PHP JSON so we will install the JSON app there PHP plug-in that is and we will copy the rest of these so do app to install paste and once again we will just remove the 7.01 - used to support PHP 5 and PHP 7 at the same time at this point it's just moved over to PHP 7 so you don't need to specify the 7.0 anymore in it M Crypt has been deprecated it looks like so we are not even going to install that we will install the rests all right so it's always a good idea to install any dependencies you might be able to get away with not having some of these but obviously software will work best if you install the dependencies they tell you that it needs so next we're going to finally actually get next cloud for this you can go to next cloud comm and you can read all about next cloud you know go through all the different features and stuff but we are going to click get next cloud we are going to click download for server and we are going to go with the archive file here this is going to give us all of the files for the next cloud application we are going to download it and it's tracked it into our web servers directory that it's serving if we hover over this download link we can see down in the bottom left that it's a zip file you can also download as a tar ball down here I'm actually going to do that just for fun I'm going to copy that download link we will open up our terminal again and right now I am in slash root which is the root users home directory that's fine we're going to download here first and then we'll move the files to our web servers directory later so we will W get this download link it's going to go very quickly because our digitalocean server has a very fast uplink to the internet so now if I list everything in our directory you can see we do have next cloud 1500 and that is a tarball we will run tar dash x VF on that next cloud tar ball to extract it lots of files in that archive as you can see and when that's finally done we will clear our screen and we will LS - al one more time so now we have a directory called next cloud it currently has no owner and if we go into that next cloud directory we can see a number of files including HD access so these are hidden files that Apache is going to use later we've also got things like index dot PHP and at next out HTML that are going to be obviously accessed later so here's what we're going to do we are going to move everything in this current directory that we're in the next cloud directory we're going to move it all to VAR w wh which is the default directory that Apache is serving on if we go back to our IP address here this is the default page as you can see this is located within that default directory this is about to get overwritten by what we're doing here our move operation index.html here I think is going to overwrite the index dot HTML that we're seeing right now here is this index dot HTML or index dot HTM yeah that's HTML HTML found so in just a moment this page is not going to exist anymore we're going to run this move operation like that and now if we LS - al you can see there are still two files here because they're hidden files they're not included in our move all operation we will rectify that in just a moment but now if we list everything in var WW HTML you can see we've got all the other files that we just moved over there including the directories and you know everything like I said we do have two dot files here still left behind those are important so we will once again just move manually dot slash dot h TX s to VAR w w HTML and it's same thing with dot user any and now if we LS - al we've got nothing and now if we let's go ahead and change directory to var www HTML clear our screen and we'll go ahead and list everything here now we've got those dot files as well and the last thing we're going to do this is pretty important we do need to set our user in group for this stuff right now obviously you can see nobody owns these files next cloud is going to complain about that later so we are going to just see H own wwww data so that's Apaches user and Apaches group everything in here and we're actually going to do that recursively ok so now if we LS - al you can see everything is owned by WWD once again we're going to have to do that two more times for our dot files HT access dot user dot ini' so LS - al everything is owned by the web server that is what we wants so now we can come over here to our web browser and if we refresh this page now we have next cloud and it looks like we missed a module the HP module GD is not installed actually we definitely installed this module earlier you remember when we typed in sudo apt install one of the things we tried to install was PHP - GD and it was already installed so it didn't get reinstalled we probably just need to restart our web server because we installed it and have not restarted the server since so we will systemctl restart apache - and let's see if we refresh there we go all right I'm going to make this window a little bit bigger so it looks nicer on video ok and we are going to create our next cloud admin account I'm just going to make it called admin once again using an insecure password and actually this would be a great time to set up encryption because you can see Firefox is currently telling me this connection is not secured logins entered here could be compromised once again we're currently browsing over HTTP not HTTPS so if I were to click finish setup right now and send this password over the internet it would be sent in plain text and my internet service provider or people the digitalocean or anyone else in between me and the server would be able to tell what password I'm actually sitting so rather than doing that let's go ahead and take this opportunity to set up SSL TLS we're going to do that using let's encrypt now for this we are going to need a domain name right now we are accessing this server at 2:06 dot 189 199 dot 243 obvious that you don't want to have to type in an IP address every time you're accessing a server I'm going to assume for the purposes of this video that you guys watching have purchased your own domain name that you're going to use I've got none in the street com obviously I'm going to go to my domain registrar's control panel here and I use hover myself I think it's a very nice demand registrar they do not try to upsell me their prices are a couple dollars more than something like GoDaddy GoDaddy is super cheap but of course it's only super cheap if you're able to dig out coupons and stuff I don't want to have to deal with hunting for all that and they also always try and sell me extra stuff whenever I use GoDaddy so I'm a fan of hover it's owned by two cows which is a very large Canadian internet company it really doesn't matter what registrar you're using though I'm going to go into nerd on the street comm here and what you're going to have to do is go ahead and create a DNS entry for me I just click add a record it's going to be an a record host name we're going to call it example one and that's going to make this example wonder to the street comm I'll paste in my IP address here get rid of the leading protocol so example one is your subdomain if you want it to just be dot-com you know you don't want a subdomain then you would put at in here or you could put ww2 have that be what you've put before it I'm going to use example one once again and I'm going to click add record now at this point it might take a few hours depending on your registrar until this new record actually works hover usually propagates that information within a few minutes and I'm using Google for my DNS at the moment but depending on your DNS provider and depending on your registrar with GoDaddy I usually had to wait a few hours but if I open up a terminal here I can check whether or not that's working yet so here's a fresh terminal on my local machine I'm going to ping example one dot nerd on the streets comm and you can see it's already up and running it found that IP address so now if I come back to my web browser I can go to example 1 or to the street comm and I've got next cloud once again we are still browsing over HTTP so for this we are going to use something called let's encrypt back here on our web server I'll clear the screen I'm going to type in sudo apt install cert bot and cert bot is in the Ubuntu repository it is a client for let's encrypt and let's encrypt is a free automated and open certificate authority as they call themselves on the let's encrypt homepage they provide free SSL certificates you know a decade ago you would have had to pay for SSL TLS certificates for your web server luckily since we've seen how important it is to encrypt your data we've got less incur providing free ssl certificates for a large portion the internet right now and you can use this yourself we're going to use cert bots and we're going to type in cert BOTS - - Apache we'll hit enter and the requested Apache plugin does not appear to be installed so so we do need to also install a package called python cert bot apache and that is going to make things easier for us here because cert bob is going to install the certificate for us right after it creates it because now all we have to do is type in cert bots - - apache and it's going to walk us through this entire process enter your email address I'm going to use Jacob at nerd in the street comm and you do need to agree to the Terms of Service for this it's trying to sign me up for the Electronic Frontier Foundation's email list I believe I'm already subscribed and at this point it's telling us that there are no domains available in our Apache configuration so I will cancel out of this and here's what's going on at this point VAR w w HTML is the default directory for apache right now Apache is just directing it absolutely anything that it receives any requests that it receives it's directing them to VAR w w HTML that's why we can use example 1 under the street comm or we can type in that IP address from earlier if I go and grab that again I can put that here and obviously this is not a domain name but it's sending me to the same place no matter what I'm typing into my web browser because this is the default directory there are a couple different ways you can get around this one way would be to create another directory for us to use for next cloud me personally I'm just going to go ahead and add the domain name to our default directories configuration files so that cert bat will recognize the domain name we're trying to use so I'm going to nano into EGC Apache two sites available and we should have 0 0 0 default dot config so this is our default virtual host you can see the document root is var @ww HTML and you can see this very first line here server name is commented out right now we are going to uncomment that and we are going to make this example 1 dot nerd on the street calm now you can see here Apache lets you know in the comment for the default virtual host this file this value is not decisive as it is used as a last resort host regardless so we are setting this server name right now to tell cert bot that example 1 or the street comm is the domain name that we intend to use for VAR w w HTML what this comment means though is that you'll still be able to type in anything and as long as it resolves to this IP address it's still going to send you 2 VAR w w HTML so some people might see that as a security risk under certain circumstances that's why you might want to consider just creating another apache virtual host specifically for your next cloud installation in another document root you know if you want to go that far just for our tutorial this is how i'm doing it but that is something to keep in mind i'm going to go ahead and change the server admin here to my actual email address just for good practice as well and we'll go ahead and say that file and restart apache ok so nothing has changed with our webserver but now if we run certain bot again it should be able to tell that we have example 1 or 2 the street comm there we're going to leave our selection blank because there's only one option there so it's going to select it for us so now it's going to run through our challenge so it's proving right now that we do in fact control example one or the street comm and it has created an SSL certificate for us it's created an SSL virtual host file for us in the Apache configuration and now you can choose here whether you want to redirect from HTTP to HTTPS or not these options used to say easy or secure I always picked secure anyway looks like they renamed the options to no redirect or redirect which is probably more accurate anyway because it's still very easy even if we choose the secure option so I'm going to choose the redirect option okay they say congratulations your certificate and Shane have been saved and it tells us see let's encrypt is where all of your certificate files live and we will need to go in here for another video I'm going to do later on the same server just for setting up next cloud though we don't need to worry about those files cert bot has taking care of it for us so if we come back over to our website here and we just refresh we're going to get redirected to HTTPS and you can see here now we are accessing this securely and we no longer get a warning from Firefox in the past room field so we're going to type in admin and make our password once again weak password I know it's just a video down here on our storage and database this is one thing I do usually change is the data folder if we go back to our command line here and look in our directory there's not currently WW HTML data this data directory has not been created yet we could just let it create this data directory personally this is the this is the folder where your files are going to be saved in so when you upload files to your next cloud server this folder is where those files are physically going to be located now I personally even though Apache and next cloud set themselves up in such a way that you can't just go to for this example data is the directory subdirectory here so trying to access that from a web browser would look like this example one or the street comm slash data if we created a directory in here slash data would be a directory we could attempt to go to right now it's not found after it's created like I said next cloud and Apache will set themselves up in such a way that it's going to tell you permission denied if you try and access your data in this manner straight from the web browser with that going through next cloud however even though they set themselves up like that it still makes me pause thinking about having all of my personal data on my server in my actual web server directory I'm not trying to serve this data after all I'm trying to serve next cloud here which I have but I don't want my data to ever be accessed directly from the web server so for that reason what I normally do is I just create a directory at slash next cloud data and I'm going to CH own wwww data / next cloud data and now if I go ahead and do an LS - a L on my root directory you see I've got you know all my normal Linux directories been bhudev Etsy home and then I get down here I've got next cloud data since this is a dedicated next cloud server I can just put it right on the root of my filesystem it is owned by is delete the files you need it to be owned by that user however now that this is outside of my web servers directory there's absolutely no possibility that a misconfigured Apache or a misconfigured whatever would allow anybody to access my files directly from their web browser without going and creating another Apache virtual host first on my server - point - slash next cloud data so if that makes any sense at all then hopefully you get why I do that if it doesn't make any sense to you you can ignore it but we will go ahead and change our data folder now to slash next cloud - data since I did just create that now you can see next cloud detects that MySQL slash Marya DB is the only available database it's the only plug-in we installed for PHP we will go ahead and type in our database user which was next cloud our database password and the database name was also next cloud those were the things in PHP myadmin earlier and now we'll just finish setup and it's going to install next cloud for us it is taking just a second this is a very small droplet like I said one CPU core one gigabyte of RAM but you can see after a second it does redirect us and now we have next cloud installed so this is installed and functioning we can go and look through our different folders and things we have next cloud installed that's it now like I said for our video today I am going to show you just a few more things if you go into your settings you will see here under administration and overview it's going to show you setup and security warnings now you could just go on your merry way and next cloud right now but in order to take full advantage of all the features and to have the greatest peace of mind security wise you do need to pay attention to these warnings and we're just gonna go through them one by one and fix them all let me go ahead and close hover here so we don't have that tab distracting me so the first thing here like I said we'll just go through these one-by-one the PHP memory limit is below the recommended value of 512 megabytes this is a classic PHP configuration change so we'll just go into our web server and we're going to nano into at C PHP 7.2 Apache 2 PHP dot ini' and this is the configuration file for PHP which takes effect using the Apache web server for PHP version 7.2 it's a very long directory name but we will nano into that file and this is a very large file but if we scroll down here we can see we've got various options for PHP and we are going to go ahead and search upload and here's a whole section on our PHP dot ini' for handling file uploads so we've got file uploads turned on obviously our max file size by default is only 2 megabytes you're probably gonna want files larger than 2 megabytes to be able to be uploaded now some applications out there such as file run are able to break files down into say 2 megabyte chunks to upload next cloud does not do that at this time though so however big you want to be able to upload files you need to make your upload max file size at least that big we're just going to use the next cloud recommended minimum of 512 megabytes right now so after you've changed that just go ahead and save that file we do need to restart Apache too and now we'll come back to our admin overview and just refresh and that first warning should go away and it's not quite away yet alright let's head back into that file alright in addition to the max upload there are two more things we do need to fix here one of them is called memory underscore limit so search for that this is 128 megabytes right now once again make it 512 megabytes you can't upload a 512 megabyte file if PHP only has 120 megabytes of memory to buffer so we will fix that and then the last one is post max size our browser is going to be delivering this file via a post request so we need to set that to 512 megabytes as well so let's save that let's restart Apache 2 one more time and now let's refresh and see if that first warning goes away excellent so that warning is gone next up the strict Transport Security HTTP header is not set to at least this many seconds this has to do with making sure that attackers cannot force your web server to downgrade its security requirements when connecting over HTTPS to your your next cloud installation they say for enhanced security it is recommended to enable HSTs as described in the security tips so we'll open that in a new tab and this is part of the admin manual as well looks like they're linking to an outdated version of the manual though this is the next cloud 14 manual we are using next cloud 15 I know for a fact that this is still going to work but the next cloud developers should probably get on updating that link for the new version so we will scroll down here to using HTTPS and what we're looking for here is HTTP strict Transport Security that is HSTs we want to enable this because next cloud recommends that we do so for security purposes they give us the exact configuration we need to perform right here within the Apache virtual host file so we will go into our web server we will nano into Etsy Apache 2 sites enabled and we are going to go into it's no longer 0 0 0 default config that we're editing we have enabled let's encrypt this file only exists to forward people to this file so 0 0 0 default - le SSL that config is the file we want to edit so this is what people are actually using when they access our website we have mod SSL installed obviously because we're using SSL and this is our virtual host we will go down under 'if servername example one or two the street comm we are going to add the section here they're telling us to add that is if module mod headers dot C and we will end that if module so we don't forget to do that later and we're just going to copy their recommended config in here for one thing header always set strict Transport Security HSTs max age which is what it was telling us at once it was the max age will have it set that and then we are also going to add this we recommend the additional setting preload to be added to that header now they actually mentioned down here that once you add this that's actually going to signal to the Internet that this domain name should always have HTTPS enabled they recommend you only do this if you actually need to use it I'm going to go ahead and put it in because you know we're all about best practices here so we will paste that in at the end of this line make sure you're inside the quotations there so this is the configuration that next cloud truly recommends for us so we will save that file we will restart apache to once again what restart apache to alright and now if we head back over to next cloud and refresh once again that other yellow warning should go away and it has not so we just put this configuration inside an if statement that says to only run if we have mod headers installed I think we've already got it installed let's try enabling it with a - in mod headers all right so enabling modulo headers so we already had the headers module installed it just was not enabled so that configuration was not taking effect because the if statement was not getting triggered so now we can restart systemctl restart apache to once again clear this because we're getting close to the edge of our screen there and why don't I go ahead and move this up here to will refresh one more time and see if that second yellow error goes away alright and that has gone next up your web server is not properly set up to resolve dot well-known stash Cal dev or stash card dev this took me a while to fix the last time I next cloud a few weeks ago for a client now if we go right now to example 1.9 the street comm / well-known / Cal Deb it's not found Apache is not redirecting for us the reason that we are not getting redirected from dot well-known slash Cal dev to the actual Cal Bev endpoint is because Apache right now is not using our HT access files so you remember earlier I made a big point to make sure that we were indeed copying or moving this dot htaccess file over into our web server directory but right now Apaches not using it we can tell because it's not redirecting us and if we go into this dot htaccess file and we do a search for a dot well known you can see we have our rewrite rules here that are supposed to redirect us from dot well-known slash card dev and kal dev to the actual locations where those endpoints are that's how we can tell the des patchi's not actually using this config file to fix this we'll go into once again Nano let's see Apache 2 sites enabled 0 0 0 - default let's encrypt all that we're gonna come down here and right below our if statement that we added before we are going to add a directory statement so this is saying for the directory of rww HTML which obviously is the directory that we have all our files in that we're serving for next cloud within that directory we want to tell Apache options + follows symlinks we also want to tell it allow override all and this allow override all this is telling Apache hey look for that htaccess file and let it override your default settings so with that we will save that file restart Apache to right here and now if we go and refresh this again you see now we get to the web dab interface so we'll go back to our next cloud settings refresh and those two errors should go away and they did next no memory cache has been configured to enhance performance please configure a memcache if available now this is entirely optional this is just for increasing performance especially if you are using next cloud in a very large heavily used environment so we will go down to the configuring a memory cache section we will go to the updated version this manual we're going to be using a PC you simply because it's available in most Linux distributions it's very easy to setup if you're doing complicated things like transactional file locking you might have to use Redis which is a more complex system but a PC use the recommended option for small installations which seems kind of strange because this entire memory caching section is for large installations but this is for smaller larger installations so the point is we're going to go to our server we're going to install PHP - a PC you alright it'll grab it from the repository there we're going to restart apache - and we're going to nano into our config dot PHP file it's that config slash config dot PHP within your web server directory and we're going to add this line memcache dot local and it's pointing to a PC you on our system this tells next cloud where it can go for the memcache Inge program we'll put that right there and we will exit now if we go back to our settings and refresh the memory cache warning should go away it did and next the PHP op cache is not properly configured for better performance is recommended to use the following settings in PHP ini so let's head into PHP dot ini' and see what's going on here that is once again at Etsy PHP 7.2 Apache 2 PHP ini I'm going to go ahead and just real quick for appcache enable and looks like that is already in our file it is commented out right now so they recommend that we set up cache dot enable to one which it is set to one by default if we uncomment that they recommend we enabled the CLI they recommend we set the intern strings buffer to eight which it already had eight types there we'll just uncomment it they recommend we set the max accelerated files to ten thousand which is the default they recommend we put the max memory consumption at 128 megabytes they recommend we put the save comments option to 1 which is down here and they recommend we put the revalidate frequency setting to 1 if you want to you can just copy these and paste them in here since all of those things were commented out anyway PHP would have just ignored the commented settings and used your settings that you paste it in I just as you saw went through it and uncommon to the settings just to leave it in the default layout that PHP dot ini' has it really doesn't matter which way you do it either or we are going to save this file now we're going to restart Apache 2 and we are going to refresh and see if that warning goes away and it did finally some columns and the database are missing a conversion to big int ok so this is just a one-time thing that we need to run for our database and I'm not sure why I didn't just run this by itself but we'll go ahead and copy this command now OCC is the CLI command for managing your next cloud instance it's called OCC because it's left over from own cloud I believe as you can see if we LS - al in our webserver directory here we've got a file called OCC so that's what it's trying to use if we just paste this command in it's not going to work because our webserver directory is not part of our system's path environment variable but if we run the exact same command but make it dot slash OCC that tells it to use this local file in the current directory for OCC's so we'll run that permission denied su command not found okay here's what we need to do we need to run this OCC if we cat out dot slash OCC it's a PHP file as you can see so we can't just run it we need to run it in PHP by mistake so all we have to do is once again I will paste our command and it's going to be like I said dot slash because it's in the current directory and we're going to run it in PHP so this is the entire command that we need to run we will run that console has to be executed with the user that owns the file config slash config.php alright as you can see it's currently telling me that even though I am the root user on the system it is performing a check and it's not gonna let me run this without being that wwa user so we're going to do exactly what it recommends right here we're going to su do and we're going to run this as Apache so sudo as w w data to use PHP to run dot slash OCC to run this command here to convert our database this can take up to hours depending on the number of files in your instance I don't have very many so we'll type yes and it's done okay that did not take hours we are going to refresh next cloud now and green checkmark all checks passed all right guys that took quite a while as you saw it's very easy to install next cloud but it does take a while to actually go through and fix all of the recommended security and setup warnings that it gives you but this is good stuff to do if you are trying to be a good system administrator you know now we have full peace of mind and we can tell our clients that their next cloud server is set up properly with the recommended configuration from next cloud themselves I am going to make another video in the future the near future about setting up collabora online for collaborative Google Docs like document editing on next cloud that is outside the scope of this video though for now we can upload files we can download files we can do everything the next cloud you know everything next cloud is made for out of the box so I hope you guys enjoyed that let me know if you have any down below in the comments or on the forums at nerd in the street comm and finally if this video was helpful to you I would ask that you consider becoming a nerd club member at nerd club not so basically you're supporting me on patreon if you're doing this and it would really help me out so if this video helped you set your personal or professional next cloud instance like I said consider giving back by joining the nerdy club for just three dollars a month for now though that's everything I have to say so I'm Jigglypuff and I'm the nerd in the street and I'll see you guys later bye [Music]