Salah satu aplikasi ‘cloud’ yang paling banyak digunakan adalh Nextcloud, saat ini nextcloud telah mencapai versi 17. Kita akan menggunakan PHP (7.2), Nginx (1.17.4), MariaDB (10.3.11) di serverside.
Setting DNS Domain
Untuk setting domain/subdodmain, terlebih dahulu setting A record untuk subdomain/domain pilihan anda. Biasanya recordnya seperti ini
nextcloud.jaranguda.com IN A 172.217.24.110
sesuaikan subdomain nextcloud.jaranguda.com dan IP server anda.
Konfigurasi ini penting, karena kita akan dibutuhkan untuk setting SSL Lets Encrypt
Nonaktifkan Selinux
sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/selinux/config
Install Utility
yum install tar wget unzip git socat -y
Buka Port 80 (http) dan 443 (https)
firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload
Install SSL
Download letsencrypt client acme
cd git clone https://github.com/Neilpang/acme.sh.git cd acme.sh
request ssl
./acme.sh --issue -d nextcloud.jaranguda.com --standalone
ganti nextcloud.jaranguda.com dengan subdomain anda.
Install PHP
yum install php php-pdo php-mbstring php-common php-cli php-mysqlnd php-xml php-fpm php-gd php-json php-intl php-zip -y
setting PHP
sed -i 's/user = apache/user = nginx/g' /etc/php-fpm.d/www.conf sed -i 's/group = apache/group = nginx/g' /etc/php-fpm.d/www.conf sed -i 's/;listen.owner = nobody/listen.owner = nginx/g' /etc/php-fpm.d/www.conf sed -i 's/;listen.group = nobody/listen.group = nginx/g' /etc/php-fpm.d/www.conf sed -i 's/;listen.mode = 0660/listen.mode = 0660/g' /etc/php-fpm.d/www.conf sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php.ini sed -i 's/;date.timezone =/date.timezone = Asia\/Jakarta/g' /etc/php.ini sed -i "s/\memory_limit = .*/memory_limit = 1024M/" /etc/php.ini
Install MariaDB
$ yum install mariadb-server -y
buat user dan database untuk Nextcloud. User root di Linux otomatis bisa login sebagai root di mariadb (dengan unix socket). Login ke mariadb dengan mengeksekusi perintah mysql
CREATE DATABASE nextcloud; GRANT ALL PRIVILEGES ON nextcloud.* TO "nextcloud"@"localhost" IDENTIFIED BY "YA7WJY7sMAcxNUnhwgie";
Install nginx
Install nginx versi terbaru dari repository nginx.org
yum install dnf-utils -y
Buat file baru /etc/yum.repos.d/nginx.repo, copy paste dibawah ini
[nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
install nginx dengan yum
yum install nginx -y
Buat konfigurasi server nginx di /etc/nginx/conf.d/nextcloud.jaranguda.com.conf
server { listen 80; server_name nextcloud.jaranguda.com; # enforce https return 301 https://$server_name:443$request_uri; } server { listen 443 ssl http2; server_name nextcloud.jaranguda.com; ssl_certificate /root/.acme.sh/nextcloud.jaranguda.com/fullchain.cer; ssl_certificate_key /root/.acme.sh/nextcloud.jaranguda.com/nextcloud.jaranguda.com.key; add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; fastcgi_hide_header X-Powered-By; root /var/www/nextcloud; location = /robots.txt { allow all; log_not_found off; access_log off; } # set max upload size client_max_body_size 512M; fastcgi_buffers 64 4K; # Enable gzip but do not remove ETag headers gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; location / { rewrite ^ /index.php$request_uri; } location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { deny all; } location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; # Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; # Enable pretty urls fastcgi_param front_controller_active true; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { try_files $uri/ =404; index index.php; } # Adding the cache control header for js, css and map files # Make sure it is BELOW the PHP block location ~ \.(?:css|js|woff2?|svg|gif|map)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463"; add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; # Optional: Don't log access to assets access_log off; } location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { try_files $uri /index.php$request_uri; # Optional: Don't log access to other assets access_log off; } }
yang perlu diganti hanya bagian
ssl_certificate
ssl_certificate_key
Download Nextcloud
cd /var/www wget https://download.nextcloud.com/server/releases/nextcloud-17.0.0.zip unzip nextcloud-17.0.0.zip chown nginx:nginx -R nextcloud
Jalankan php-fpm, mariadb dan nginx
systemctl restart nginx systemctl enable nginx systemctl restart mariadb systemctl enable mariadb systemctl restart php-fpm systemctl enable php-fpm
Buka https://subdomain.domain anda
isi form yang diminta
akhiri dengan mengklik Finish Setup
Anda akan diarahkan ke halaman login Nextcloud
jangan lupa menggunakan Nextcloud Client untuk mempermudah sync/upload/download file dengan berbagai sistem operasi