Editing Kulgram Part #05 Implementasi NextCloud Sebagai Internal Cloud Storage
Hai semua, perkenalkan nama saya Nur Hamim, saya salah satu anggota Group dari Komunitas GNUX Linux Malang (KLiM). Saya asli dari madura anak kampung yang sedang berkarir di dunia Cloud Computing di PT Infinys System Indonesia tepatnya berada di Jakarta Selatan.
Pada kesempatan kali ini saya akan sharing bagaimana cara membuat sebuat penyimpanan internal secara aman layaknya Google Drive atau Dropbox.
Gambar diatas menggambarkan dimana Anda sedang berfikir dan mempunyai sebuah keinginan untuk menyimpan sebuah berkas atau data yang bersifat privasi maupun pribadi bahkan data - data penting perusahaan, pendidikan dan sebagainya secara aman di Cloud dan dapat dikelola secara mandiri, dan dapat dilakukan managenent mulai dari user, group yang dapat mengakses penyimpanan tersebut dengan mudah dan fleksibel ?
Jawaban yang tepat yaitu BISA !!!
Lalu pasti akan muncul sebuah pertanyaan, pertanyaan yang sering di dengar yaitu menggunakan apa ? dan bagaimana caranya ?
Yapss Anda tidak perlu membingungkannya semua akan dapat terwujud dengan menggunakan aplikasi NextCloud yang open source, Nikmat yaa open source itu heheheheheh...
Nextcloud adalah aplikasi open source (bebas) yang dapat digunakan untuk membuat Cloud Storage atau penyimpanan basis data dimana Anda dapat menyimpan berbagai macam ekstensi data ataupun file statik sepertihalnya file music, video, dan sebagainya.
Secara fungsi Nextcloud sama sepertihalnya Dropbox, atau Google Drive bahkan Nectcloud juga dapat dimanfaatkan untuk berbagai macam kepentingan sepertihalnya Video Conference (Vicon) dan masih banyak lainnya.
Nextcloud sendiri telah menyediakan applikasi klien yang dapat Anda gunakan di berbagai media diantaranya iOS dan Android.
Nah berikut ini merupakan requirement yang dibutuhkan dalam Kulgram kali ini.
- Sistem operasi yang digunakan CentOS 7
- Database yang digunakan yaitu MySQL atau MariaDB 5.5+ (recommended)
- Webserver Apache 2.4 dengan mod_php atau php-fpm (recommended)
- Menggunakan PHP Version 7.0, 7.1 atau 7.2
Note : Requirement diatas hanya untuk kulgram ini ya :).
Jika Anda ingin mengetahui sistem operasi dan requirement lengkap dari NextCloud Anda dapat mengunjungi tautan berikut : http://bit.ly/requirementnya
Oh iya guyss teruntuk kulgram kali ini kita akan menggunakan sistem operasi CentOS 7 dengan Database MariaDB dan Webserver Apache, serta modul PHP versi 7.2
Oke langsung saja berikut ini tahapan - tahapan instalasi LAMP (Linux, Apache, MariaDB, PHP) dan NextCloud di CentOS 7 :
- Silakan update terlebih sistem operasi CentOS 7 Anda
[root@kulgram-klim ~]# yum update -y
- Install beberapa depensi yang dibutuhkan oleh NextCloud, berikut perintahnya
[root@kulgram-klim ~]# yum install -y epel-release yum-utils unzip curl wget bash-completion policycoreutils-python mlocate bzip2
Silakan tunggu instalasi sampai selesai,
- Selanjutnya silakan install webserver apache pada CentOS 7 dengan cara menjalankan perintah berikut :
[root@kulgram-klim ~]# yum install httpd -y
- Jika sudah, berikutnya membuat VirtualHost apache, Untuk membuat VirtualHost apache Anda dapat membuatnya pada direktory
/etc/httpd/conf.d/untuk penamaan file bebas sesuai dengan keinginan ya :). Berikut contohnya
vi /etc/httpd/conf.d/nextcloud.conf
Berikut isi dari File VirtualHost-nya
<VirtualHost *:80>
DocumentRoot /var/www/html/nextcloud
ServerName nama_domain_anda.com_or_IP_Server_Anda
<Directory "/var/www/html/">
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
</Directory>
</VirtualHost>
- Memastikan apache telah running dan agar dapat otomatis running nantinya pada saat server mengalami reboot Anda dapat menjalankan beberapa perintah berikut :
[root@kulgram-klim ~]# systemctl enable httpd
[root@kulgram-klim ~]# systemctl start httpd
[root@kulgram-klim ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Sab 2018-12-15 11:48:38 WIB; 20s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 1937 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /system.slice/httpd.service
├─1937 /usr/sbin/httpd -DFOREGROUND
├─1938 /usr/sbin/httpd -DFOREGROUND
├─1939 /usr/sbin/httpd -DFOREGROUND
├─1940 /usr/sbin/httpd -DFOREGROUND
├─1941 /usr/sbin/httpd -DFOREGROUND
└─1942 /usr/sbin/httpd -DFOREGROUND
Des 15 11:48:36 kulgram.hamim.web.id systemd[1]: Starting The Apache HTTP Server...
Des 15 11:48:38 kulgram.hamim.web.id httpd[1937]: AH00112: Warning: DocumentRoot [/var/www/html/nextcloud] does not exist
Des 15 11:48:38 kulgram.hamim.web.id systemd[1]: Started The Apache HTTP Server.
[root@kulgram-klim ~]#
- Selanjutnya menambahkan modul PHP, disini kami menggunakan repository webtatic dan menggunakan PHP versi 7.2 di CentOS 7. Silakan install menambahkan repostory webtatic dan menginstall dependensi php yang diinginkan seperti berikut ini :
[root@kulgram-klim ~]# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
Retrieving https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
warning: /var/tmp/rpm-tmp.Apqozf: Header V4 RSA/SHA1 Signature, key ID 62e74ca5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:webtatic-release-7-3 ################################# [100%]
[root@kulgram-klim ~]#
[root@kulgram-klim ~]# yum install -y php72w php72w-cli php72w-common php72w-curl php72w-gd \
> php72w-mbstring php72w-mysqlnd php72w-process php72w-xml php72w-zip \
> php72w-opcache php72w-pecl-apcu php72w-intl php72w-pecl-redis
Untuk melihat versi PHP Anda dapat menggunakan command php -v, seperti berikut
[root@kulgram-klim ~]# php -v
PHP 7.2.12 (cli) (built: Nov 11 2018 14:54:16) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.12, Copyright (c) 1999-2018, by Zend Technologies
[root@kulgram-klim ~]#
- Jika semua modul PHP yang dibutuhkan nextcloud selanjutnya silakan install database Mariadb Server dengan cara menjalankan perintah
[root@kulgram-klim ~]# yum install mariadb-server -y
Silakan tunggu proses instalasi Database MariaDB selesai, jika sudah berikutnya melakukan konfigurasi Database dan membuat database nextcloud
[root@kulgram-klim ~]#
[root@kulgram-klim ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@kulgram-klim ~]# systemctl start mariadb
[root@kulgram-klim ~]# systemctl status mariadb
● mariadb.service - MariaDB database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
Active: active (running) since Sab 2018-12-15 12:05:13 WIB; 14s ago
Process: 2231 ExecStartPost=/usr/libexec/mariadb-wait-ready $MAINPID (code=exited, status=0/SUCCESS)
Process: 2150 ExecStartPre=/usr/libexec/mariadb-prepare-db-dir %n (code=exited, status=0/SUCCESS)
Main PID: 2230 (mysqld_safe)
CGroup: /system.slice/mariadb.service
├─2230 /bin/sh /usr/bin/mysqld_safe --basedir=/usr
└─2391 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --log-...
Des 15 12:05:06 kulgram.hamim.web.id mariadb-prepare-db-dir[2150]: MySQL manual for more instructions.
Des 15 12:05:06 kulgram.hamim.web.id mariadb-prepare-db-dir[2150]: Please report any problems at http://mariadb.org/jira
Des 15 12:05:06 kulgram.hamim.web.id mariadb-prepare-db-dir[2150]: The latest information about MariaDB is available a...g/.
Des 15 12:05:06 kulgram.hamim.web.id mariadb-prepare-db-dir[2150]: You can find additional information about the MySQL...at:
Des 15 12:05:06 kulgram.hamim.web.id mariadb-prepare-db-dir[2150]: http://dev.mysql.com
Des 15 12:05:06 kulgram.hamim.web.id mariadb-prepare-db-dir[2150]: Consider joining MariaDB's strong and vibrant community:
Des 15 12:05:06 kulgram.hamim.web.id mariadb-prepare-db-dir[2150]: https://mariadb.org/get-involved/
Des 15 12:05:06 kulgram.hamim.web.id mysqld_safe[2230]: 181215 12:05:06 mysqld_safe Logging to '/var/log/mariadb/mari...og'.
Des 15 12:05:06 kulgram.hamim.web.id mysqld_safe[2230]: 181215 12:05:06 mysqld_safe Starting mysqld daemon with datab...ysql
Des 15 12:05:13 kulgram.hamim.web.id systemd[1]: Started MariaDB database server.
Hint: Some lines were ellipsized, use -l to show in full.
[root@kulgram-klim ~]#
[root@kulgram-klim ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] Y
New password: (Isikan Password Database Mariadb)
Re-enter new password: (Konfirmasi Password diatas)
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
[root@kulgram-klim ~]#
Membuat Database NextCloud
[root@kulgram-klim ~]#
[root@kulgram-klim ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 5.5.60-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database nextcloud;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create user 'usernextcloud'@'localhost' identified by 'passwordnya-nextcloud';
Query OK, 0 rows affected (0.04 sec)
MariaDB [(none)]> grant all privileges on nextcloud.* to 'usernextcloud';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Bye
[root@kulgram-klim ~]#
- Semua kebutuhan mulai dari webserver, database, dan modul php telah terinstall dengan baik, selanjutnya silakan download nextcloud melakukan konfigurasi nextcloud, seperti berikut ini :
Mengunduh NextCloud terlebih dahulu dengan menggunakan service wget [isikan URL] seperti berikut
[root@kulgram-klim ~]# wget https://download.nextcloud.com/server/releases/nextcloud-14.0.4.zip
--2018-12-15 12:17:27-- https://download.nextcloud.com/server/releases/nextcloud-14.0.4.zip
Resolving download.nextcloud.com (download.nextcloud.com)... 88.198.160.133
Connecting to download.nextcloud.com (download.nextcloud.com)|88.198.160.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 66680842 (64M) [application/zip]
Saving to: ‘nextcloud-14.0.4.zip’
100%[==================================================================================================================>] 66.680.842 31,0KB/s in 7m 12s
2018-12-15 12:24:42 (151 KB/s) - ‘nextcloud-14.0.4.zip’ saved [66680842/66680842]
[root@kulgram-klim ~]#
Secara default extensi file nextcloud yang baru saja kita unduh berekstensi .zip, dengan demikian silakan extrack file tersebut menggunakan perintah unzip, berikut contohnya
[root@kulgram-klim ~]#
[root@kulgram-klim ~]# unzip nextcloud-14.0.4.zip
Archive: nextcloud-14.0.4.zip
creating: nextcloud/
creating: nextcloud/ocs/
inflating: nextcloud/ocs/v2.php
inflating: nextcloud/ocs/v1.php
inflating: nextcloud/ocs/providers.php
inflating: nextcloud/console.php
creating: nextcloud/ocs-provider/
inflating: nextcloud/ocs-provider/index.php
inflating: nextcloud/version.php
creating: nextcloud/core/
creating: nextcloud/core/js/
Jika sudah selanjutnya Anda dapat memindahkan file nextcloud ke direktori /var/www/html/ dengan menggunakan command cp -R, selain itu silakan membuat folder data di dalam direktori /var/www/html/nextcloud . Berikut contohnya
[root@kulgram-klim ~]# cp -R nextcloud /var/www/html/
[root@kulgram-klim ~]# mkdir /var/www/html/nextcloud/data
[root@kulgram-klim ~]#
- Jika sudah berikutnya silakan berikan hak akses dan hak owner pada direktori
nextcloudseperti berikut ini
[root@kulgram-klim ~]#
[root@kulgram-klim ~]# chown -R apache:apache /var/www/html/nextcloud/
[root@kulgram-klim ~]# chmod -R 755 /var/www/html/nextcloud/
Silakan restart kembali dan pastikan webserver apache Anda telah running dengan menggunakan perintah berikut :
[root@kulgram-klim ~]# systemctl restart httpd
[root@kulgram-klim ~]# systemctl status httpd
Berikutnya silakan akses IP server atau domain yang telah Anda daftarkan pada VirtualHost nextcloud yang sebelumnya Anda buat, contohnya http://IP_Server Anda atau http://namadomain-anda.com . Jika diakses maka akan tampil halaman konfigurasi nextcloud seperti berikut
Silakan tunggu proses konfigurasi selesai, jika sudah Anda akan diarahkan ke about nextcloud silakan di next saja dan berikut tampilan default Nextcloud
Oke sampai disini Nextcloud telah berhasil diinstal dengan sempurna.
Sebagai tambahan saat ini protokol yang digunakan masih http agar penyimpanan data kita tampak secure dapat menggunakan protokol https dengan cara membeli License SSL, sangat banyak penyedia provider SSL contohnya CloudKilat .
Jika Anda ingin menggunakan yang Free Anda dapat menggunakan Let's Encrypt dari Certbot berikut tahapan instalasinya
[root@kulgram-klim ~]# yum -y install yum-utils
[root@kulgram-klim ~]# yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional
Loaded plugins: fastestmirror
[root@kulgram-klim ~]#
Selanjutnya jalankan perintah berikut
[root@kulgram-klim ~]# yum install python2-certbot-apache
Silakan tunggu proses installasinya selesai apabila telah selesai Anda dapat menggunakan perintah certbot --apache untuk menjadikan domain Anda menggunakan SSL Free . Berikut contohnya
[root@kulgram-klim ~]#
[root@kulgram-klim ~]# certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Starting new HTTPS connection (1): supporters.eff.org
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: kulgram.hamim.web.id
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for kulgram.hamim.web.id
Waiting for verification...
Cleaning up challenges
Resetting dropped connection: acme-v02.api.letsencrypt.org
Created an SSL vhost at /etc/httpd/conf.d/nextcloud-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/nextcloud-le-ssl.conf
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting vhost in /etc/httpd/conf.d/nextcloud.conf to ssl vhost in /etc/httpd/conf.d/nextcloud-le-ssl.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://kulgram.hamim.web.id
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=kulgram.hamim.web.id
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/kulgram.hamim.web.id/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/kulgram.hamim.web.id/privkey.pem
Your cert will expire on 2019-03-15. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
[root@kulgram-klim ~]#
[root@kulgram-klim ~]#
Oke selanjutnya coba mengakses domain Anda hasilnya domain Anda akan menggunakan protokol HTTPS seperti berikut
Oke sampai disini nextcloud telah berhasil diinstal dengan baik. Berikut ini tautan untuk penggunaan SSL Free : https://certbot.eff.org/
Untuk integrasi NextCloud Dengan S3 silakan melihatnya di Group KLiM yakk :)
Selamat Mencoba, Semoga bermanfaat
Salam
Nur Hamim
15 Desember 2018