Setup Nextcloud – The Stuckpacket WiKi

Recommended server specs:

OS: Debian 11 x64
CPU: 2x cores (or more)
RAM: 6GB (or more)
SSD: 30GB (or more)

Here is what will be configured for you:

System Update to start
Apache2 and all required modules
php7.4 and all required modules
mysql server ( will config the server for you and create databases )
configure apache2 for http only access ( you can add nextcloud to your nginx server as a reverse proxy later )
configure php for 99GB upload limit and allow memory usage up to 4GB
configure opcache & reds / mem cache
Download and install apps that make Nextcloud great – calendar, contacts, extract, files_external, impersonate, previewgenerator, ransomware_protection, twofactor_totp, quota_warning files_rightclick, apporder, guests, spreed
Office application - Collabora Office, Collabora Office Built-in CODE Server

INSTALLING

Notice: After installation the username is: Admin and the password is: Password-123

Before starting please run the following.

su -

Let’s get the script now!

wget https://cdn.sesipod.info/sesipod.info/linux/debian/Nextcloud/nextcloud-menu.sh && chmod +x nextcloud-menu.sh && ./nextcloud-menu.sh

REVERSE PROXY CONFIGS:

cloud.sshosting.org

server {
    listen 80;
    server_name cloud.sshosting.org;
    return 301 https://$host$request_uri;
}

server {

    listen 443;
    server_name cloud.sshosting.org; 
    keepalive_timeout 300;
    ssl_certificate           /root/.acme.sh/sesipod.info/fullchain.cer;
    ssl_certificate_key       /root/.acme.sh/sesipod.info/sesipod.info.key;
    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    access_log            /var/log/nginx/jenkins.access.log;


    location / {

      client_max_body_size 0;
      add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
      proxy_http_version 1.1;
      proxy_buffering off;
      proxy_buffer_size  128k;
      proxy_buffers 100  128k;
      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-For $remote_addr;
###   proxy_set_header        X-Forwarded-Proto $scheme;
      proxy_set_header        HTTP_X-Forwarded-For $proxy_add_x_forwarded_for;
#      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
###   add_header X-Cache-Status $upstream_cache_status;

#######
      proxy_cache off;
      proxy_pass          http://192.168.1.152:80;
      proxy_read_timeout  90;
      proxy_redirect      http://192.168.1.152:80 https://cloud.sshosting.org;
#######
    }

    location /.well-known/carddav {
      return 301 $scheme://$host/remote.php/dav;
    }

    location /.well-known/caldav {
      return 301 $scheme://$host/remote.php/dav;
    }
#######


#    location /office/ {
#       proxy_set_header    X-Forwarded-Proto https;
#       proxy_pass http://192.168.1.153/;
#    }

}

office.sshosting.org

server {
    listen 80;
    server_name office.sshosting.org;
    return 301 https://$host$request_uri;
}

server {

    listen 443;
    server_name office.sshosting.org;
    keepalive_timeout 300;
    ssl_certificate           /root/.acme.sh/sesipod.info/fullchain.cer;
    ssl_certificate_key       /root/.acme.sh/sesipod.info/sesipod.info.key;
    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    access_log            /var/log/nginx/jenkins.access.log;

location / {

#      proxy_http_version 1.1;
      proxy_buffering off;
      proxy_buffer_size  128k;
      proxy_buffers 100  128k;
      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-For $remote_addr;
#      proxy_set_header        X-Forwarded-Proto $scheme;
      proxy_set_header        HTTP_X-Forwarded-For $proxy_add_x_forwarded_for;
#      add_header X-Cache-Status $upstream_cache_status;

      # Fix the “It appears that your reverse proxy set up is broken" error.
      proxy_pass          https://192.168.1.152:443;
      proxy_read_timeout  90;

      proxy_redirect      https://192.168.1.152:443/ https://office.sshosting.org;
    }


    # main websocket
    location ~ ^/lool/(.*)/ws$ {
        proxy_pass https://192.168.1.152:443;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $http_host;
        proxy_read_timeout 36000s;
    }

    # Admin Console websocket
    location ^~ /lool/adminws {
        proxy_pass https://192.168.1.152:443;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $http_host;
        proxy_read_timeout 36000s;
    }

    # Capabilities
    location ^~ /hosting/capabilities {
        proxy_pass https://192.168.1.152:443;
        proxy_set_header Host $http_host;
    }

  }

Was this helpful?

1 / 0