Install NextCloud on CentOS 7 with PHP7

From Daco.tech Technical Documentation

How to install NextCloud on CentOS 7, with PHP7, SELinux enabled, and no third party repos

This is the procedure I used to install NextCloud on my VPS.

I set the bar quite high with the following requirements:

  • PHP version 7 (CentOS ships with an old 5.4 version)
  • No third party repos, for stability reasons.

It is possible to completely avoid third party repos, by using Redhat Software Collections.

Caveat:This procedure makes the installation more complex. Therefore, I'm not sure CentOS is the ideal candidate for hosting NextCloud with PHP7. But it can be done. More on this later (Ubuntu LTS procedure will follow soon).


Procedure

First of all, I installed the Software Collections repo (Contains PHP7+):

yum install centos-release-scl

According to this source, you can't use the base httpd with the newer rh-php70 package. We have to use httpd24 from Software Collections.

yum install httpd24
systemctl start httpd24-httpd
systemctl enable httpd24-httpd

Disable Apache WebDAV, as recommended by NextCloud:

sed -i 's/^/#&/g' /opt/rh/httpd24/root/etc/httpd/conf.modules.d/00-dav.conf


Install the following packages:

yum install rh-php70-php rh-php70-php-mysqlnd rh-php70-php-gd rh-php70-php-mbstring sclo-php70-php-pecl-apcu

These packages will pull the following dependencies:

Dependencies01.png

Dependencies02.png

You can confirm the PHP version with the following command:

scl enable rh-php70 'php -v'

Enable the software collection package like this

scl enable rh-php70 bash

Then, install/configure MariaDB:

yum install mariadb mariadb-server wget

mysql_secure_installation

Backup then edit your php.ini to increase the size limits (Use any value you see fit, I chose 512M):

cp /etc/opt/rh/rh-php70/php.ini /root/backup/
sed -i "s/post_max_size = 8M/post_max_size = 512M/" /etc/opt/rh/rh-php70/php.ini
sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 512M/" /etc/opt/rh/rh-php70/php.ini


Next, we can install NextCloud:

wget https://download.nextcloud.com/server/releases/nextcloud-11.0.1.zip
yum install unzip
unzip nextcloud-11.0.1.zip
cp -r nextcloud/* /opt/rh/httpd24/root/var/www/html/
chown -R apache:apache /opt/rh/httpd24/root/var/www/html/
systemctl restart httpd.service

Next, we have to create new SELinux rules, to allow Apache to write to some directories:

semanage fcontext -a -t httpd_sys_rw_content_t '//opt/rh/httpd24/root/var/www/html/data'
semanage fcontext -a -t httpd_sys_rw_content_t '//opt/rh/httpd24/root/var/www/html/config'
semanage fcontext -a -t httpd_sys_rw_content_t '//opt/rh/httpd24/root/var/www/html/apps'
restorecon -Rv /opt/rh/httpd24/root/var/www/html/


That's it for the basic installation. You can do the next part (Configuring the mysql database) by using the web Wizard, like this, or you could do it manually like this


At that point, I managed to login into NextCloud, and use the web wizard to install the database.

But then I ran into some problems with the Certbot script. Because we're using the special httpd24 from Software Collections, our file paths are very different from the default settings, so it throws off the Certbot script.

Here's a fix:

First of all, we have to create the default directory structure, or else the Certbot script will crash:

mkdir -p /etc/httpd/conf.d/

Next, download the latest Certbot script:

wget https://raw.githubusercontent.com/certbot/certbot/master/certbot-auto

Next, we can run the script. Double check the file paths. I used the default paths for httpd24. According to NextCloud manual, it's ok to install NextCloud in the web server root directory, if you're using Apache.

 ./certbot-auto --apache --must-staple --redirect --hsts --staple-ocsp --webroot-path /opt/rh/httpd24/root/var/www/html/ --apache-server-root /opt/rh/httpd24/root/etc/httpd --apache-vhost-root /opt/rh/httpd24/root/etc/httpd/conf.d/ -d daco.tech


Certbot issue

Next, we have to set strong permissions. The easiest way is to use NextCloud script, found here

Here's my version of the script, with the correct file path and user:

#!/bin/bash
ncpath='/opt/rh/httpd24/root/var/www/html/'
htuser='apache'
htgroup='apache'
rootuser='root'

printf "Creating possible missing Directories\n"
mkdir -p $ncpath/data
mkdir -p $ncpath/assets
mkdir -p $ncpath/updater

printf "chmod Files and Directories\n"
find ${ncpath}/ -type f -print0 | xargs -0 chmod 0640
find ${ncpath}/ -type d -print0 | xargs -0 chmod 0750

printf "chown Directories\n"
chown -R ${rootuser}:${htgroup} ${ncpath}
chown -R ${htuser}:${htgroup} ${ncpath}/apps/
chown -R ${htuser}:${htgroup} ${ncpath}/assets/
chown -R ${htuser}:${htgroup} ${ncpath}/config/
chown -R ${htuser}:${htgroup} ${ncpath}/data/
chown -R ${htuser}:${htgroup} ${ncpath}/themes/
chown -R ${htuser}:${htgroup} ${ncpath}/updater/

chmod +x ${ncpath}/occ

printf "chmod/chown .htaccess\n"
if [ -f ${ncpath}/.htaccess ]
 then
  chmod 0644 ${ncpath}/.htaccess
  chown ${rootuser}:${htgroup} ${ncpath}/.htaccess
fi
if [ -f ${ncpath}/data/.htaccess ]
 then
  chmod 0644 ${ncpath}/data/.htaccess
  chown ${rootuser}:${htgroup} ${ncpath}/data/.htaccess
fi