![]() ![]() If successful, you’ll see a confirmation of Certbot having obtained certificates for your domain. ![]() Finally indicate that it should redirect all traffic from HTTP to HTTPS.It should then indicate the my. and as domains to obtain certificates for, which you should agree to.You can then choose to receive information from the Electronic Frontier Foundation (EFF).It will then ask for your email address and that you read and agree to the terms of service.On the first run, you’ll need to provide Certbot with some details. Then obtain the certificates with the following command. sudo dnf install -y certbot python3-certbot-nginx Next, install Certbot which will automate setting up the certificate. server_name my. Afterwards, save and exit. Sudo firewall-cmd -reload Getting Let’s Encrypt certificatesĮdit Nginx configuration to indicate the domain name sudo nano /etc/nginx/nfĬhange the server name to use your domain, replace the my. with yours. Sudo firewall-cmd -zone=public -add-service=https -permanent Which should give an output similar to HTTP/1.1 200 OKĬreate a firewall rule to allow web access sudo firewall-cmd -zone=public -add-service=http -permanent Should give an output similar to nginx version: nginx/1.14.1Įnable (ensure Nginx automatically starts upon reboot) and start Nginx sudo systemctl enable nginx Then update the repositories and install Nginx sudo dnf -y install nginx Next, we’ll install NGINX to work as the underpinnings of our NextCloud server.īut first, add the EPEL repository which sudo dnf -y install epel-release You can read more about domain name systems and how to configure DNS records to point your domain to the correct IP address at our guide to domain names. If you do not have a domain name, you can use Freenom to get a free temporary domain name. You will need to configure a valid domain name to point to your cloud server IP address to be able to obtain SSL certificates as described later in this guide. Once done, continue below with the next step. Lastly, update the installed software sudo dnf -y update Memory protection checking: actual (secure) The output should then give the following. The changes will be applied at the next reboot but to save time, you can change the setting for the runtime using the command below. We will change SE Linux from permissive mode to enforcing mode by setting the SELINUX=enforcing sudo nano /etc/selinux/config SELINUX=enforcing This is especially helpful when running a service such as NextCloud, but it does increase the complexity of the setup. The primary purpose of SE Linux is to control file access permissions by following the principle of least privilege so that programs only access files that they need to. ![]() Once the reboot process is finished, disconnect and log back into with the new username ssh ĬentOS 8 offers some security protection when SE Linux is enabled. Then prevent root login by editing the /etc/ssh/sshd_config file and set PermitRootLogin to no nano /etc/ssh/sshd_config PermitRootLogin noĮxit the editor and restart SSHD service. Then give the new user a password passwd nextcloudĪdd the user to the wheel group to be able to invoke administrative privileges. To secure the server, it is good to prevent login as the root user, thus another user needs to be created.Ĭreate a new username for yourself. Once logged in change the password, then enter the new password twice. ![]() Once your server is deployed login by using SSH. In this case, we are using a Simple plan server with 1GB Memory, 25 GB storage with the CentOS 8 template. Login to UpCloud and deploy a new server. Test hosting on UpCloud! Setting up a new cloud server In this tutorial, we will set up Nextcloud 18 on a single cloud server using nginx as the webserver and PostgreSQL for the database engine. Nextcloud now has Onlyoffice to allow shared document editing and Nextcloud talk, to enable video conferencing, so is a virtual office productivity solution. Nextcloud is an open-source file sync and sharing software that can be used as a replacement for Google Drive, Yandex Disk and similar cloud-based storage. ![]()
0 Comments
Leave a Reply. |