Nextcloud on AWS EC2

1. Make a SSH connection

2. Setup a mySql 

mysql -u root -p
CREATE USER 'nextcloud-user'@'localhost' IDENTIFIED BY 'your_strong_password';
CREATE DATABASE `nextcloud-db` CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
GRANT ALL PRIVILEGES ON `nextcloud-db`.* TO "nextcloud-user"@"localhost";
FLUSH PRIVILEGES;
exit

3. Prepare nextcloud

wget https://download.nextcloud.com/server/releases/latest.zip
unzip latest.zip
rm latest.zip
cd nextcloud

4. Make a nextcloud folder

sudo mkdir /var/www/nextcloud
sudo mv * /var/www/nextcloud
cd ..
rm -r nextcloud

5. Fix file permissions

sudo chown -R apache:apache /var/www/nextcloud

6. Make the cloud.w--w--w.com vhost

sudo vim /etc/httpd/conf.d/vhosts.conf

<VirtualHost *:80>
ServerName cloud.w--w--w.com
Redirect permanent / https://cloud.w--w--w.com
</VirtualHost>
<VirtualHost *:443>
ServerName cloud.w--w--w.com
DocumentRoot /var/www/nextcloud
<IfModule security2_module>
# VIDEOS
SecRuleRemoveById 958291 # Range Header Checks
SecRuleRemoveById 981203 # Correlated Attack Attempt
# PDF
SecRuleRemoveById 950109 # Check URL encodings
# ADMIN (webdav)
SecRuleRemoveById 960024 # Repeatative Non-Word Chars (heuristic)
SecRuleRemoveById 981173 # SQL Injection Character Anomaly Usage
SecRuleRemoveById 981204 # Correlated Attack Attempt
SecRuleRemoveById 981243 # PHPIDS - Converted SQLI Filters
SecRuleRemoveById 981245 # PHPIDS - Converted SQLI Filters
SecRuleRemoveById 981246 # PHPIDS - Converted SQLI Filters
SecRuleRemoveById 981318 # String Termination/Statement Ending Injection Testing
SecRuleRemoveById 973332 # XSS Filters from IE
SecRuleRemoveById 973338 # XSS Filters - Category 3
SecRuleRemoveById 981143 # CSRF Protections ( TODO edit LocationMatch filter )
# COMING BACK FROM OLD SESSION
SecRuleRemoveById 970903 # Microsoft Office document properties leakage
# NOTES APP
SecRuleRemoveById 981401 # Content-Type Response Header is Missing and X-Content-Type-Options is either missing or not set to 'nosniff'
SecRuleRemoveById 200002 # Failed to parse request body
# UPLOADS ( 100 MB max excluding file size )
SecRequestBodyLimit 104857600
# GENERAL
SecRuleRemoveById 960017 # Host header is a numeric IP address
# REGISTERED WARNINGS, BUT DID NOT HAVE TO DISABLE THEM
SecRuleRemoveById 981220 900046 981407
SecRuleRemoveById 981222 981405 981185 981184
</IfModule>
<Directory /var/www/nextcloud>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
</VirtualHost>

7. Restart httpd

sudo service httpd restart

8. Setup cron

sudo crontab -u apache -e

*/15 * * * * php -f /var/www/nextcloud/cron.php

9. S3 && APCu

sudo vim /var/www/nextcloud/config/config.php

'memcache.local' => '\OC\Memcache\APCu',
'objectstore' => array(
'class' => 'OC\\Files\\ObjectStore\\S3',
'arguments' => array(
'bucket' => 'cloud.w--w--w.com',
'autocreate' => true,
'key' => 'USERNAME',
'secret' => 'PASSWORD',
'hostname' => 's3.amazonaws.com',
'port' => 443,
'use_ssl' => true,
'region' => 'us-east-1',
'use_path_style'=>true
),
),
'htaccess.RewriteBase' => '/',

10. Exit ssh

exit

P.S. log url https://cloud.w--w--w.com/index.php/settings/admin/logging