# NextCloud Deployment - World Downloads Portal **Date:** February 9, 2026 **Server:** Ghost VPS (64.50.188.14) **Status:** ✅ OPERATIONAL **Service:** 7 of 7 (Phase 0.5: 100% complete) --- ## Deployment Summary **Duration:** ~2.5 hours (including troubleshooting) **URL:** https://downloads.firefrostgaming.com **Components:** - NextCloud 32.0.5 - PostgreSQL database - PHP 8.3-FPM - Nginx reverse proxy - SSL certificate (Let's Encrypt) --- ## Installation Steps ### 1. PHP Stack Installation ```bash apt install -y php8.3-fpm php8.3-mysql php8.3-curl php8.3-gd \ php8.3-intl php8.3-mbstring php8.3-xml php8.3-zip \ php8.3-imagick php8.3-bcmath php8.3-gmp php8.3-pgsql unzip curl ``` ### 2. PostgreSQL Database ```bash sudo -u postgres psql << 'SQL' CREATE USER nextcloud WITH PASSWORD 'FrostFire2026Cloud'; CREATE DATABASE nextcloud OWNER nextcloud; \c nextcloud GRANT ALL ON SCHEMA public TO nextcloud; GRANT ALL ON DATABASE nextcloud TO nextcloud; \q SQL ``` **CRITICAL:** ALTER DATABASE OWNER required for proper permissions ### 3. NextCloud Download ```bash cd /var/www wget https://download.nextcloud.com/server/releases/latest.tar.bz2 tar -xjf latest.tar.bz2 rm latest.tar.bz2 chown -R www-data:www-data /var/www/nextcloud ``` ### 4. Nginx Configuration **Key points:** - Remove `$uri/` from try_files to prevent directory listing - Add rewrite for index.php routing - Proper FastCGI parameters for HTTPS **Final working config:** ```nginx location / { try_files $uri /index.php$request_uri; } ``` **NOT:** ```nginx location / { try_files $uri $uri/ /index.php$request_uri; # WRONG - causes 403 } ``` ### 5. SSL Certificate ```bash certbot --nginx -d downloads.firefrostgaming.com \ --non-interactive --agree-tos \ --email mkrause612@gmail.com --redirect ``` ### 6. Web Installation - Navigate to https://downloads.firefrostgaming.com - Admin: mkrause612 / FireFrost2026Admin - Database: PostgreSQL (NOT MySQL/MariaDB by default) - Database details: - User: nextcloud - Password: FrostFire2026Cloud - Database: nextcloud - Host: localhost:5432 ### 7. Permissions ```bash chown -R www-data:www-data /var/www/nextcloud find /var/www/nextcloud -type d -exec chmod 750 {} \; find /var/www/nextcloud -type f -exec chmod 640 {} \; chmod 770 /var/www/nextcloud/data chmod -R 770 /var/www/nextcloud/apps ``` --- ## Challenges Encountered ### 1. PostgreSQL Not Supported (Initial) **Error:** "Database is not supported" **Solution:** Install php8.3-pgsql module **Command:** `apt install -y php8.3-pgsql` ### 2. Directory Index Forbidden (403) **Error:** "directory index of /var/www/nextcloud/apps/dashboard/ is forbidden" **Root Cause:** Nginx `try_files $uri $uri/` attempted directory listing **Solution:** Remove `$uri/` from location blocks ### 3. Redirect Loops **Error:** "ERR_TOO_MANY_REDIRECTS" **Root Cause:** Dashboard app + custom redirects **Solution:** Temporarily disable dashboard, fix Nginx routing ### 4. Browser Cache Issues **Error:** Stuck on /apps/dashboard even after fixes **Solution:** Clear browser cookies/cache, use incognito mode --- ## Verification ```bash # Test HTTPS curl -I https://downloads.firefrostgaming.com # Check permissions ls -la /var/www/nextcloud # Verify PostgreSQL connection sudo -u www-data php /var/www/nextcloud/occ config:system:get dbtype # Check trusted domains sudo -u www-data php /var/www/nextcloud/occ config:system:get trusted_domains ``` **Expected Results:** - HTTP/2 200 response - All files owned by www-data - dbtype: pgsql - trusted_domains includes downloads.firefrostgaming.com --- ## Post-Installation Configuration ### Trusted Domains ```bash sudo -u www-data php occ config:system:set trusted_domains 0 \ --value="downloads.firefrostgaming.com" sudo -u www-data php occ config:system:set overwrite.cli.url \ --value="https://downloads.firefrostgaming.com" sudo -u www-data php occ config:system:set overwriteprotocol \ --value="https" ``` ### Disable Dashboard (if needed) ```bash sudo -u www-data php occ app:disable dashboard ``` ### Maintenance Mode ```bash sudo -u www-data php occ maintenance:mode --off ``` --- ## Integration with Subscriber System **Purpose:** World download access for $5+ subscribers **Workflow (Manual Phase 1):** 1. Subscriber pays via Paymenter 2. Manual NextCloud account creation 3. Email credentials to subscriber 4. Grant access to world backup folders **Future (Phase 2):** - Paymenter webhook triggers automatic account creation - Automated credential emails - Automated folder permission grants **Future (Phase 3):** - SSO/OAuth integration across all services - Real-time subscription validation --- ## Maintenance **Updates:** ```bash sudo -u www-data php /var/www/nextcloud/updater/updater.phar ``` **Backups:** - Database: pg_dump nextcloud - Files: /var/www/nextcloud/data/ **Monitoring:** - Added to Uptime Kuma (pending) - Check via https://downloads.firefrostgaming.com/login --- ## Key Learnings 1. **PostgreSQL requires php-pgsql module** - not installed by default 2. **Nginx directory listing must be disabled** for NextCloud routing 3. **ALTER DATABASE OWNER critical** for proper permissions 4. **Browser cache can persist** after server fixes 5. **Dashboard app can conflict** with initial setup 6. **Web installation easier** than CLI for complex configs --- ## Files Modified **Nginx:** - `/etc/nginx/sites-available/downloads.firefrostgaming.com` **NextCloud:** - `/var/www/nextcloud/config/config.php` (auto-generated) **SSL:** - `/etc/letsencrypt/live/downloads.firefrostgaming.com/` --- ## Success Criteria - ✅ HTTPS working (HTTP/2 200) - ✅ Web interface accessible - ✅ PostgreSQL connection stable - ✅ File upload/download functional - ✅ SSL certificate valid (expires May 11, 2026) - ✅ Permissions locked down - ✅ No 403 or redirect errors --- **Fire + Frost = Where Passion Meets Precision** 🔥❄️ **Phase 0.5: 100% COMPLETE**