NextCloud: Difference between revisions

(4 intermediate revisions by the same user not shown)

Line 2:

== NextCloud Features ==

* ~~Free and open-source~~

*Gratis dan sumber terbuka

*Enkripsi ujung ke ujung, artinya file dapat dienkripsi pada perangkat klien sebelum diunggah ke server, jadi meskipun seseorang mencuri server Anda, mereka tidak dapat membaca file Anda.

*Dapat diintegrasikan dengan suite office online (Collobora Online, OnlyOffice) sehingga Anda dapat membuat dan mengedit file doc, ppt, xls langsung dari NextCloud.

*App store berisi ratusan aplikasi untuk memperluas fungsionalitas (seperti aplikasi kalender, aplikasi kontak, aplikasi pencatat, aplikasi konferensi video, dll).

*Klien sinkronisasi tersedia di Linux, macOS, Windows, iOS, dan android.

* End-to-end encryption, meaning files can be encrypted on client devices before uploaded to the server, so even if someone steals your server, they can not read your files.

* Can be integrated with an online office suite (Collobora Online, OnlyOffice) so you can create and edit your doc, ppt, xls files directly from NextCloud.

* The app store contains hundreds of apps to extend functionality (like calendar app, contacts app, note-taking app, video conferencing app, etc).

* The sync client is available on Linux, macOS, Windows, iOS and android.

== Installasi ==

=== Download NextCloud on Ubuntu 20.04 ===

Log into your Ubuntu 20.04 server. Then download the NextCloud zip archive onto your server. The latest stable version is 21.0.1 at time of this writing. You may need to change the version number. Go to https://nextcloud.com/install and click the <code>download for server</code> button to see the latest version.

You can run the following command to download it on your server.

~~wget~~ <~~nowiki~~>https://download.nextcloud.com/server/releases/nextcloud-21.0.1.zip</~~nowiki~~>

wget https://download.nextcloud.com/server/releases/nextcloud-21.0.1.zip

</syntaxhighlight>

You can always use the above URL format to download NextCloud. If a new version comes out, simply replace <code>21.0.1</code> with the new version number.

Once downloaded, extract the archive with <code>unzip</code>.

~~sudo apt install unzip~~

sudo unzip nextcloud-21.0.1.zip -d /usr/share/nginx/

sudo apt install unzip

</syntaxhighlight>

sudo unzip nextcloud-21.0.1.zip -d /usr/share/nginx/

</syntaxhighlight>

The <code>-d</code> option specifies the target directory. NextCloud web files will be extracted to <code>/usr/share/nginx/nextcloud/</code>. Then we need to change the owner of this directory to <code>www-data</code> so that the web server (Nginx) can write to this directory.

sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R

sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R

</syntaxhighlight>

=== Create a Database and User for Nextcloud in MariaDB Database Server ===

Log into MariaDB database server with the following command. Since MariaDB is now using <code>unix_socket</code> plugin to authentication user login, there’s no need to enter MariaDB root password. We just need to prefix the <code>mysql</code> command with <code>sudo</code>.

sudo mysql

sudo mysql

</syntaxhighlight>

Then create a database for Nextcloud. This tutorial name the database nextcloud. You can use whatever name you like.

create database nextcloud;

create database nextcloud;

</syntaxhighlight>

Create the database user. Again, you can use your preferred name for this user. Replace <code>your-password</code> with your preferred password.

create user [/cdn-cgi/l/email-protection ~~<nowiki>~~[email protected]~~</nowiki>~~] identified by 'your-password';

create user [/cdn-cgi/l/email-protection [email protected]] identified by 'your-password';

</syntaxhighlight>

Grant this user all privileges on the <code>nextcloud</code> database.

grant all privileges on nextcloud.* to [/cdn-cgi/l/email-protection ~~<nowiki>~~[email protected]~~</nowiki>~~] identified by 'your-password';

grant all privileges on nextcloud.* to [/cdn-cgi/l/email-protection [email protected]] identified by 'your-password';

</syntaxhighlight>

Flush privileges and exit.

~~flush privileges;~~

exit;

flush privileges;

</syntaxhighlight>

exit;

</syntaxhighlight>

=== Create a Nginx Config File for Nextcloud ===

Create a <code>nextcloud.conf</code> file in <code>/etc/nginx/conf.d/</code> directory, with a command-line text editor like Nano.

sudo ~~nano~~ /etc/nginx/conf.d/nextcloud.conf

sudo vim /etc/nginx/conf.d/nextcloud.conf

</syntaxhighlight>

Copy and paste the following text into the file. Replace <code>nextcloud.example.com</code> with your own preferred sub-domain. Don’t forget to create DNS A record for this sub-domain in your DNS zone editor. If you don’t have a real domain name, I recommend going to NameCheap to buy one. The price is low and they give whois privacy protection free for life.

server {

listen 80;

listen [::]:80;

server {

server_name nextcloud.example.com;

listen 80;

listen [::]:80;

# Add headers to serve security related headers

server_name nextcloud.example.com;

add_header X-Content-Type-Options nosniff;

add_header X-XSS-Protection "1; mode=block";

# Add headers to serve security related headers

add_header X-Robots-Tag none;

add_header X-Content-Type-Options nosniff;

add_header X-Download-Options noopen;

add_header X-XSS-Protection "1; mode=block";

add_header X-Permitted-Cross-Domain-Policies none;

add_header X-Robots-Tag none;

add_header Referrer-Policy no-referrer;

add_header X-Download-Options noopen;

add_header X-Permitted-Cross-Domain-Policies none;

#I found this header is needed on Ubuntu, but not on Arch Linux.

add_header Referrer-Policy no-referrer;

add_header X-Frame-Options "SAMEORIGIN";

#I found this header is needed on Ubuntu, but not on Arch Linux.

# Path to the root of your installation

add_header X-Frame-Options "SAMEORIGIN";

root ~~'''~~/usr/share/nginx/nextcloud/~~'''~~;

# Path to the root of your installation

access_log /var/log/nginx/nextcloud.access;

root /usr/share/nginx/nextcloud/;

error_log /var/log/nginx/nextcloud.error;

access_log /var/log/nginx/nextcloud.access;

location = /robots.txt {

error_log /var/log/nginx/nextcloud.error;

allow all;

log_not_found off;

location = /robots.txt {

access_log off;

allow all;

}

log_not_found off;

access_log off;

# The following 2 rules are only needed for the user_webfinger app.

}

# Uncomment it if you're planning to use this app.

#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;

# The following 2 rules are only needed for the user_webfinger app.

#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json

# Uncomment it if you're planning to use this app.

# last;

#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;

#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json

location = /.well-known/carddav {

# last;

~~return 301 $scheme://$host/remote.php/dav;~~

}

location = /.well-known/carddav {

~~location = /.well-known/caldav~~ {

return 301 $scheme://$host/remote.php/dav;

}

location = /.well-known/caldav {

return 301 $scheme://$host/remote.php/dav;

}

location ~ /.well-known/acme-challenge {

allow all;

}

# set max upload size

client_max_body_size 512M;

fastcgi_buffers 64 4K;

# Disable gzip to avoid the removal of the ETag header

gzip off;

# Uncomment if your server is build with the ngx_pagespeed module

# This module is currently not supported.

#pagespeed off;

error_page 403 /core/templates/403.php;

error_page 404 /core/templates/404.php;

location / {

rewrite ^ /index.php;

}

location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {

deny all;

}

location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {

deny all;

}

~~location ~ /.well-known/acme-challenge {~~

location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {

~~allow all;~~

include fastcgi_params;

}

fastcgi_split_path_info ^(.+\.php)(/.*)$;

try_files $fastcgi_script_name =404;

~~# set max upload size~~

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

~~client_max_body_size 512M;~~

fastcgi_param PATH_INFO $fastcgi_path_info;

~~fastcgi_buffers 64 4K;~~

#Avoid sending the security headers twice

fastcgi_param modHeadersAvailable true;

~~# Disable gzip to avoid the removal of the ETag header~~

fastcgi_param front_controller_active true;

~~gzip off;~~

fastcgi_pass unix:/run/php/php7.4-fpm.sock;

fastcgi_intercept_errors on;

~~# Uncomment if your server is build with the ngx_pagespeed module~~

fastcgi_request_buffering off;

~~# This module is currently not supported.~~

~~#pagespeed off;~~

~~error_page 403 /core/templates/403.php;~~

~~error_page 404 /core/templates/404.php;~~

~~location / {~~

~~rewrite ^ /index.php;~~

}

~~location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {~~

~~deny all;~~

}

~~location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {~~

~~deny all;~~

}

location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {

include fastcgi_params;

fastcgi_split_path_info ^(.+\.php)(/.*)$;

try_files $fastcgi_script_name =404;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

fastcgi_param PATH_INFO $fastcgi_path_info;

#Avoid sending the security headers twice

fastcgi_param modHeadersAvailable true;

fastcgi_param front_controller_active true;

fastcgi_pass unix:/run/php/php7.4-fpm.sock;

fastcgi_intercept_errors on;

fastcgi_request_buffering ~~off;~~

}

~~location ~ ^/(?:updater|ocs-provider)(?:$|/) {~~

~~try_files $uri/ =404;~~

~~index index.php;~~

}

~~# Adding the cache control header for js and css files~~

~~# Make sure it is BELOW the PHP block~~

~~location ~* \.(?:css|js)$ {~~

~~try_files $uri /index.php$uri$is_args$args;~~

~~add_header Cache-Control "public, max-age=7200";~~

~~# Add headers to serve security related headers (It is intended to~~

~~# have those duplicated to the ones above)~~

~~add_header X-Content-Type-Options nosniff;~~

~~add_header X-XSS-Protection "1; mode=block";~~

~~add_header X-Robots-Tag none;~~

~~add_header X-Download-Options noopen;~~

~~add_header X-Permitted-Cross-Domain-Policies none;~~

~~add_header Referrer-Policy no-referrer;~~

~~# Optional: Don't log access to assets~~

~~access_log~~ off;

}

location ~* \.(?:~~svg~~|~~gif~~|~~png|html|ttf|woff|ico|jpg|jpeg~~)$ {

location ~ ^/(?:updater|ocs-provider)(?:$|/) {

try_files $uri /index.php~~$uri$is_args$args;~~

try_files $uri/ =404;

~~# Optional: Don't log access to other assets~~

index index.php;

~~access_log off~~;

}

# Adding the cache control header for js and css files

# Make sure it is BELOW the PHP block

location ~* \.(?:css|js)$ {

try_files $uri /index.php$uri$is_args$args;

add_header Cache-Control "public, max-age=7200";

# Add headers to serve security related headers (It is intended to

# have those duplicated to the ones above)

add_header X-Content-Type-Options nosniff;

add_header X-XSS-Protection "1; mode=block";

add_header X-Robots-Tag none;

add_header X-Download-Options noopen;

add_header X-Permitted-Cross-Domain-Policies none;

add_header Referrer-Policy no-referrer;

# Optional: Don't log access to assets

access_log off;

}

location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {

try_files $uri /index.php$uri$is_args$args;

# Optional: Don't log access to other assets

access_log off;

}

</syntaxhighlight>

Save and close the file. (To save a file in Nano text editor, press <code>Ctrl+O</code>, then press <code>Enter</code> to confirm. To exit, press <code>Ctrl+X</code>.)

Then test Nginx configuration.

sudo nginx -t

sudo nginx -t

</syntaxhighlight>

If the test is successful, reload Nginx for the changes to take effect.

sudo systemctl reload nginx

sudo systemctl reload nginx

</syntaxhighlight>

=== Install and Enable PHP Modules ===

Run the following commands to install PHP modules required or recommended by NextCloud.

sudo apt install imagemagick php-imagick php7.4-common php7.4-mysql php7.4-fpm php7.4-gd php7.4-json php7.4-curl php7.4-zip php7.4-xml php7.4-mbstring php7.4-bz2 php7.4-intl php7.4-bcmath php7.4-gmp

sudo apt install imagemagick php-imagick php7.4-common php7.4-mysql php7.4-fpm php7.4-gd php7.4-json php7.4-curl php7.4-zip php7.4-xml php7.4-mbstring php7.4-bz2 php7.4-intl php7.4-bcmath php7.4-gmp

</syntaxhighlight>

== Terkait ==

* [[NextCloud:Disable server-side-encryption]]

*[[NextCloud:Install di LAMP Stack]]

*[[NextCloud: Install Collabora]]

== Source ==

* [https://www.linuxbabe.com/ubuntu/install-nextcloud-ubuntu-20-04-nginx-lemp-stack linuxbabe.com]

[[Category:Server]]

[[Category:Linux]]

@@ Line 2: / Line 2: @@
 == NextCloud Features ==
-* Free and open-source
+*Gratis dan sumber terbuka
+*Enkripsi ujung ke ujung, artinya file dapat dienkripsi pada perangkat klien sebelum diunggah ke server, jadi meskipun seseorang mencuri server Anda, mereka tidak dapat membaca file Anda.
+*Dapat diintegrasikan dengan suite office online (Collobora Online, OnlyOffice) sehingga Anda dapat membuat dan mengedit file doc, ppt, xls langsung dari NextCloud.
+*App store berisi ratusan aplikasi untuk memperluas fungsionalitas (seperti aplikasi kalender, aplikasi kontak, aplikasi pencatat, aplikasi konferensi video, dll).
+*Klien sinkronisasi tersedia di Linux, macOS, Windows, iOS, dan android.
-* End-to-end encryption, meaning files can be encrypted on client devices before uploaded to the server, so even if someone steals your server, they can not read your files.
-* Can be integrated with an online office suite (Collobora Online, OnlyOffice) so you can create and edit your doc, ppt, xls files directly from NextCloud.
-* The app store contains hundreds of apps to extend functionality (like calendar app, contacts app, note-taking app, video conferencing app, etc).
-* The sync client is available on Linux, macOS, Windows, iOS and android.
 == Installasi ==
 === Download NextCloud on Ubuntu 20.04 ===
 Log into your Ubuntu 20.04 server. Then download the NextCloud zip archive onto your server. The latest stable version is 21.0.1 at time of this writing. You may need to change the version number. Go to https://nextcloud.com/install and click the <code>download for server</code> button to see the latest version.
 You can run the following command to download it on your server.
- wget <nowiki>https://download.nextcloud.com/server/releases/nextcloud-21.0.1.zip</nowiki>
+<syntaxhighlight lang="bash">
+wget https://download.nextcloud.com/server/releases/nextcloud-21.0.1.zip
+</syntaxhighlight>
 You can always use the above URL format to download NextCloud. If a new version comes out, simply replace <code>21.0.1</code> with the new version number.
 Once downloaded, extract the archive with <code>unzip</code>.
- sudo apt install unzip
- sudo unzip nextcloud-21.0.1.zip -d /usr/share/nginx/
+<syntaxhighlight lang="bash">
+sudo apt install unzip
+</syntaxhighlight>
+<syntaxhighlight lang="bash">
+sudo unzip nextcloud-21.0.1.zip -d /usr/share/nginx/
+</syntaxhighlight>
 The <code>-d</code> option specifies the target directory. NextCloud web files will be extracted to <code>/usr/share/nginx/nextcloud/</code>. Then we need to change the owner of this directory to <code>www-data</code> so that the web server (Nginx) can write to this directory.
- sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R
+<syntaxhighlight lang="bash">
+sudo chown www-data:www-data /usr/share/nginx/nextcloud/ -R
+</syntaxhighlight>
 === Create a Database and User for Nextcloud in MariaDB Database Server ===
 Log into MariaDB database server with the following command. Since MariaDB is now using <code>unix_socket</code> plugin to authentication user login, there’s no need to enter MariaDB root password. We just need to prefix the <code>mysql</code> command with <code>sudo</code>.
- sudo mysql
+<syntaxhighlight lang="bash">
+sudo mysql
+</syntaxhighlight>
 Then create a database for Nextcloud. This tutorial name the database nextcloud. You can use whatever name you like.
- create database nextcloud;
+<syntaxhighlight lang="bash">
+create database nextcloud;
+</syntaxhighlight>
 Create the database user. Again, you can use your preferred name for this user. Replace <code>your-password</code> with your preferred password.
- create user [/cdn-cgi/l/email-protection <nowiki>[email protected]</nowiki>] identified by 'your-password';
+<syntaxhighlight lang="bash">
+create user [/cdn-cgi/l/email-protection [email protected]] identified by 'your-password';
+</syntaxhighlight>
 Grant this user all privileges on the <code>nextcloud</code> database.
- grant all privileges on nextcloud.* to [/cdn-cgi/l/email-protection <nowiki>[email protected]</nowiki>] identified by 'your-password';
+<syntaxhighlight lang="bash">
+grant all privileges on nextcloud.* to [/cdn-cgi/l/email-protection [email protected]] identified by 'your-password';
+</syntaxhighlight>
 Flush privileges and exit.
- flush privileges;
- exit;
+<syntaxhighlight lang="bash">
+flush privileges;
+</syntaxhighlight>
+<syntaxhighlight lang="bash">
+exit;
+</syntaxhighlight>
 === Create a Nginx Config File for Nextcloud ===
 Create a <code>nextcloud.conf</code> file in <code>/etc/nginx/conf.d/</code> directory, with a command-line text editor like Nano.
- sudo nano /etc/nginx/conf.d/nextcloud.conf
+<syntaxhighlight lang="bash">
+sudo vim /etc/nginx/conf.d/nextcloud.conf
+</syntaxhighlight>
 Copy and paste the following text into the file. Replace <code>nextcloud.example.com</code> with your own preferred sub-domain. Don’t forget to create DNS A record for this sub-domain in your DNS zone editor. If you don’t have a real domain name, I recommend going to NameCheap to buy one. The price is low and they give whois privacy protection free for life.
- server {
-     listen 80;
+<syntaxhighlight lang="nginx">
-     listen [::]:80;
+server {
-     server_name nextcloud.example.com;
+    listen 80;
+    listen [::]:80;
-     # Add headers to serve security related headers
+    server_name nextcloud.example.com;
-     add_header X-Content-Type-Options nosniff;
-     add_header X-XSS-Protection "1; mode=block";
+    # Add headers to serve security related headers
-     add_header X-Robots-Tag none;
+    add_header X-Content-Type-Options nosniff;
-     add_header X-Download-Options noopen;
+    add_header X-XSS-Protection "1; mode=block";
-     add_header X-Permitted-Cross-Domain-Policies none;
+    add_header X-Robots-Tag none;
-     add_header Referrer-Policy no-referrer;
+    add_header X-Download-Options noopen;
+    add_header X-Permitted-Cross-Domain-Policies none;
-     #I found this header is needed on Ubuntu, but not on Arch Linux.
+    add_header Referrer-Policy no-referrer;
-     add_header X-Frame-Options "SAMEORIGIN";
+    #I found this header is needed on Ubuntu, but not on Arch Linux.
-     # Path to the root of your installation
+    add_header X-Frame-Options "SAMEORIGIN";
-     root '''/usr/share/nginx/nextcloud/''';
+    # Path to the root of your installation
-     access_log /var/log/nginx/nextcloud.access;
+    root /usr/share/nginx/nextcloud/;
-     error_log /var/log/nginx/nextcloud.error;
+    access_log /var/log/nginx/nextcloud.access;
-     location = /robots.txt {
+    error_log /var/log/nginx/nextcloud.error;
-         allow all;
-         log_not_found off;
+    location = /robots.txt {
-         access_log off;
+        allow all;
-     }
+        log_not_found off;
+        access_log off;
-     # The following 2 rules are only needed for the user_webfinger app.
+    }
-     # Uncomment it if you're planning to use this app.
-     #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+    # The following 2 rules are only needed for the user_webfinger app.
-     #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
+    # Uncomment it if you're planning to use this app.
-     # last;
+    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
-     location = /.well-known/carddav {
+    # last;
-         return 301 $scheme://$host/remote.php/dav;
-     }
+    location = /.well-known/carddav {
-     location = /.well-known/caldav {
          return 301 $scheme://$host/remote.php/dav;
+    }
+    location = /.well-known/caldav {
+       return 301 $scheme://$host/remote.php/dav;
+    }
+    location ~ /.well-known/acme-challenge {
+      allow all;
+    }
+    # set max upload size
+    client_max_body_size 512M;
+    fastcgi_buffers 64 4K;
+    # Disable gzip to avoid the removal of the ETag header
+    gzip off;
+    # Uncomment if your server is build with the ngx_pagespeed module
+    # This module is currently not supported.
+    #pagespeed off;
+    error_page 403 /core/templates/403.php;
+    error_page 404 /core/templates/404.php;
+    location / {
+       rewrite ^ /index.php;
+    }
+    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
+       deny all;
+    }
+    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
+       deny all;
       }
-     location ~ /.well-known/acme-challenge {
+    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
-       allow all;
+       include fastcgi_params;
-     }
+       fastcgi_split_path_info ^(.+\.php)(/.*)$;
+       try_files $fastcgi_script_name =404;
-     # set max upload size
+       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-     client_max_body_size 512M;
+       fastcgi_param PATH_INFO $fastcgi_path_info;
-     fastcgi_buffers 64 4K;
+       #Avoid sending the security headers twice
+       fastcgi_param modHeadersAvailable true;
-     # Disable gzip to avoid the removal of the ETag header
+       fastcgi_param front_controller_active true;
-     gzip off;
+       fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+       fastcgi_intercept_errors on;
-     # Uncomment if your server is build with the ngx_pagespeed module
+       fastcgi_request_buffering off;
-     # This module is currently not supported.
-     #pagespeed off;
-     error_page 403 /core/templates/403.php;
-     error_page 404 /core/templates/404.php;
-     location / {
-        rewrite ^ /index.php;
-     }
-     location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
-        deny all;
-     }
-     location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
-        deny all;
-      }
-     location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
-        include fastcgi_params;
-        fastcgi_split_path_info ^(.+\.php)(/.*)$;
-        try_files $fastcgi_script_name =404;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_param PATH_INFO $fastcgi_path_info;
-        #Avoid sending the security headers twice
-        fastcgi_param modHeadersAvailable true;
-        fastcgi_param front_controller_active true;
-        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
-        fastcgi_intercept_errors on;
-        fastcgi_request_buffering off;
-     }
-     location ~ ^/(?:updater|ocs-provider)(?:$|/) {
-        try_files $uri/ =404;
-        index index.php;
-     }
-     # Adding the cache control header for js and css files
-     # Make sure it is BELOW the PHP block
-     location ~* \.(?:css|js)$ {
-         try_files $uri /index.php$uri$is_args$args;
-         add_header Cache-Control "public, max-age=7200";
-         # Add headers to serve security related headers (It is intended to
-         # have those duplicated to the ones above)
-         add_header X-Content-Type-Options nosniff;
-         add_header X-XSS-Protection "1; mode=block";
-         add_header X-Robots-Tag none;
-         add_header X-Download-Options noopen;
-         add_header X-Permitted-Cross-Domain-Policies none;
-         add_header Referrer-Policy no-referrer;
-         # Optional: Don't log access to assets
-         access_log off;
      }
-     location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
+     location ~ ^/(?:updater|ocs-provider)(?:$|/) {
-         try_files $uri /index.php$uri$is_args$args;
+       try_files $uri/ =404;
-         # Optional: Don't log access to other assets
+       index index.php;
-         access_log off;
      }
- }
+    # Adding the cache control header for js and css files
+    # Make sure it is BELOW the PHP block
+    location ~* \.(?:css|js)$ {
+        try_files $uri /index.php$uri$is_args$args;
+        add_header Cache-Control "public, max-age=7200";
+        # Add headers to serve security related headers (It is intended to
+        # have those duplicated to the ones above)
+        add_header X-Content-Type-Options nosniff;
+        add_header X-XSS-Protection "1; mode=block";
+        add_header X-Robots-Tag none;
+        add_header X-Download-Options noopen;
+        add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
+        # Optional: Don't log access to assets
+        access_log off;
+   }
+   location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
+        try_files $uri /index.php$uri$is_args$args;
+        # Optional: Don't log access to other assets
+        access_log off;
+   }
+}
+</syntaxhighlight>
 Save and close the file. (To save a file in Nano text editor, press <code>Ctrl+O</code>, then press <code>Enter</code> to confirm. To exit, press <code>Ctrl+X</code>.)
 Then test Nginx configuration.
- sudo nginx -t
+<syntaxhighlight lang="bash">
+sudo nginx -t
+</syntaxhighlight>
 If the test is successful, reload Nginx for the changes to take effect.
- sudo systemctl reload nginx
+<syntaxhighlight lang="bash">
+sudo systemctl reload nginx
+</syntaxhighlight>
 === Install and Enable PHP Modules ===
 Run the following commands to install PHP modules required or recommended by NextCloud.
- sudo apt install imagemagick php-imagick php7.4-common php7.4-mysql php7.4-fpm php7.4-gd php7.4-json php7.4-curl  php7.4-zip php7.4-xml php7.4-mbstring php7.4-bz2 php7.4-intl php7.4-bcmath php7.4-gmp
+<syntaxhighlight lang="bash">
+sudo apt install imagemagick php-imagick php7.4-common php7.4-mysql php7.4-fpm php7.4-gd php7.4-json php7.4-curl php7.4-zip php7.4-xml php7.4-mbstring php7.4-bz2 php7.4-intl php7.4-bcmath php7.4-gmp
+</syntaxhighlight>
 == Terkait ==
 * [[NextCloud:Disable server-side-encryption]]
+*[[NextCloud:Install di LAMP Stack]]
+*[[NextCloud: Install Collabora]]
 == Source ==
 * [https://www.linuxbabe.com/ubuntu/install-nextcloud-ubuntu-20-04-nginx-lemp-stack linuxbabe.com]
 [[Category:Server]]
 [[Category:Linux]]