Nextcloud on AWS EC2
1. Make a SSH connection
2. Setup a mySql
mysql -u root -p
CREATE USER 'nextcloud-user'@'localhost' IDENTIFIED BY 'your_strong_password';
CREATE DATABASE `nextcloud-db` CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
GRANT ALL PRIVILEGES ON `nextcloud-db`.* TO "nextcloud-user"@"localhost";
FLUSH PRIVILEGES;
exit
3. Prepare nextcloud
wget https://download.nextcloud.com/server/releases/latest.zip
unzip latest.zip
rm latest.zip
cd nextcloud
4. Make a nextcloud folder
sudo mkdir /var/www/nextcloud
sudo mv * /var/www/nextcloud
cd ..
rm -r nextcloud
5. Fix file permissions
sudo chown -R apache:apache /var/www/nextcloud6. Make the cloud.w--w--w.com vhost
sudo vim /etc/httpd/conf.d/vhosts.conf
<VirtualHost *:80>
ServerName cloud.w--w--w.com
Redirect permanent / https://cloud.w--w--w.com
</VirtualHost>
<VirtualHost *:443>
ServerName cloud.w--w--w.com
DocumentRoot /var/www/nextcloud
<IfModule security2_module>
# VIDEOS
SecRuleRemoveById 958291 # Range Header Checks
SecRuleRemoveById 981203 # Correlated Attack Attempt
SecRuleRemoveById 950109 # Check URL encodings
# ADMIN (webdav)
SecRuleRemoveById 960024 # Repeatative Non-Word Chars (heuristic)
SecRuleRemoveById 981173 # SQL Injection Character Anomaly Usage
SecRuleRemoveById 981204 # Correlated Attack Attempt
SecRuleRemoveById 981243 # PHPIDS - Converted SQLI Filters
SecRuleRemoveById 981245 # PHPIDS - Converted SQLI Filters
SecRuleRemoveById 981246 # PHPIDS - Converted SQLI Filters
SecRuleRemoveById 981318 # String Termination/Statement Ending Injection Testing
SecRuleRemoveById 973332 # XSS Filters from IE
SecRuleRemoveById 973338 # XSS Filters - Category 3
SecRuleRemoveById 981143 # CSRF Protections ( TODO edit LocationMatch filter )
# COMING BACK FROM OLD SESSION
SecRuleRemoveById 970903 # Microsoft Office document properties leakage
# NOTES APP
SecRuleRemoveById 981401 # Content-Type Response Header is Missing and X-Content-Type-Options is either missing or not set to 'nosniff'
SecRuleRemoveById 200002 # Failed to parse request body
# UPLOADS ( 100 MB max excluding file size )
SecRequestBodyLimit 104857600
# GENERAL
SecRuleRemoveById 960017 # Host header is a numeric IP address
# REGISTERED WARNINGS, BUT DID NOT HAVE TO DISABLE THEM
SecRuleRemoveById 981220 900046 981407
SecRuleRemoveById 981222 981405 981185 981184
</IfModule>
<Directory /var/www/nextcloud>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
</VirtualHost>
7. Restart httpd
sudo service httpd restart
8. Setup cron
sudo crontab -u apache -e
*/15 * * * * php -f /var/www/nextcloud/cron.php
9. S3 && APCu
sudo vim /var/www/nextcloud/config/config.php
'memcache.local' => '\OC\Memcache\APCu',
'objectstore' => array(
'class' => 'OC\\Files\\ObjectStore\\S3',
'arguments' => array(
'bucket' => 'cloud.w--w--w.com',
'autocreate' => true,
'key' => 'USERNAME',
'secret' => 'PASSWORD',
'hostname' => 's3.amazonaws.com',
'port' => 443,
'use_ssl' => true,
'region' => 'us-east-1',
'use_path_style'=>true
),
),
'htaccess.RewriteBase' => '/',
10. Exit ssh
exit
P.S. log url https://cloud.w--w--w.com/index.php/settings/admin/logging