[How-To] Nextcloud with swag (Letsencrypt) using OMV and docker-compose

  • Docker Container set up by this method can be managed by Portainer or from CLI.

    In order to be able to reach nextcloud from the internet you need an external IPv4 address and a hostname.
    Regarding external IPv4 address check you router or ask your internet service provider.
    To register a hostname you can use services like duckdns, selfhost.eu, strato.de or many others.
    Make sure to use strong passwords!!!


    • Install and fully update OMV (a restart might be needed if the kernel has been updated)
    • install omv-extras
    • in OMV-extras | settings
      • select suitable "Docker Storage" path (by default it is placed on the OS drive; in case of limited space on the OS drive it should be placed on a data drive)
      • install Docker and Portainer (you can install Cockpit instead of Portainer or also additionally)
    • create a user dedicated for docker in the GUI of OMV, let's call him "docker1"
    • in the CLI determine UID (user ID) and GID (group ID) of user "docker1" id docker1

    Installation of Nextcloud and SWAG (Letsencrypt) in Docker

    • forward ports in your router (check user manual of your router how to to this)
      • port extern 443 to port 444 intern (IP of your NAS)
      • port extern 80 to port 81 intern (IP of your NAS)
    • in CLI:
      • mkdir /home/docker1 create a folder for user docker1 in home directory
      • mkdir /home/docker1/nextcloud create a folder where we will put the docker-compose.yml file to setup nextcloud
      • cd /home/docker1/nextcloud change in that directory
      • nano docker-compose.yml create an empty file and start the editor
      • copy the content of the Source Code box below in the editor, edit the relevant entries and save the file with Ctrl+X and y; name must be "docker-compose.yml"
        • to copy the content of the Source Code box use the small icon in the top right corner of the box ("Copy Contents")
        • text after "#" are comments and indicate where you need to make adjustments to the file
        • PUID is the UID of your docker1 user; PGID is the GID of you docker1 user
        • it is not required that the folders ("appdata", "appdata/nextcloud" etc) in "volumes:" exist; they will be created when we run docker-compose
        • do not place the config folders on a mergerfs mount point

      As alternative you can also deploy the stack in Portainer: [How-To] Use docker-compose files in Portainer

    • after you saved the file, run docker-compose up -d in the directory where the docker-compose.yml file is located; this will download the needed images and start the container
    • when finished, run docker logs -f swag and check for errors

    Configuration of proxy

    • cd /srv/dev-disk-by-label-disk1/appdata/swag/nginx/proxy-confs /srv/dev-disk-by-label-disk1 has to be adjusted
    • cp nextcloud.subfolder.conf.sample nextcloud.subfolder.conf this will copy the sample configuration file for nextcloud and removes the .sample so that the file will become active
    • nano /srv/dev-disk-by-label-disk1/appdata/nextcloud/config/www/nextcloud/config/config.php and insert the text from the box below at the end, but befor the ");" - change "your.url" to your domain
    'trusted_proxies' => 
      array (
        0 => 'swag',
      'overwritewebroot' => '/nextcloud',
      'overwrite.cli.url' => 'https://your.url/nextcloud',
      'trusted_domains' => 
      array (
        0 => 'your.url:443',
    • docker restart swag to restart the swag container
    • docker logs -f swag to check for errors
    • docker restart nextcloud

    Nextcloud can now be reached with https://your.url/nextcloud

    • on the welcome screen of nextcloud (see picture below) we need to configure the database
    • click on "Storage&Database"
    • select MySQL/MariaDB
      • Database user --> "root"
      • Database password --> password which has been specified in the docker-compose file with MYSQL_ROOT_PASSWORD
      • Database name --> "nextcloud"
      • localhost host --> "nextclouddb"

      then click "finish setup"

    • Selection_044.jpg

    Please note: the configuration of the proxy is highly dependent on how you set up your domain. For further details check the available documentation for letsencrypt. E.g.

    Trouble shooting letsencrypt image and port forwarding:


    SWAG as replacement of letsencrypt



    Q&A for my HOWTO: forum.openmediavault.org/index…V-and-docker-compose-Q-A/

    Here is a specific guide for the implementation with duckDNS:

    RE: Nextcloud Bad Gateway

    Odroid HC2 - armbian - OMV6.x | Asrock Q1900DC-ITX - OMV6.x
    :!:  Backup - FAQ - Solutions to common problems - OMV6 Documentation - New User Guide :!:

    NOTE: OMV5 is End Of Life, please upgrade to OMV6

    Edited 22 times, last by macom: corrected "depends on" (mariadb); put the correct names of the fields on the Welcome page of Nextcloud to specify the MySQL/MariaDB added Q&A link removed exposed ports of nextcloud as not needed added SWAG replaced letsencrypt by swag ().

  • If you want to use duckdns:


    Nextcloud with Letsencrypt using errorOMV and docker-compose - Q&A

    you do not need the duckdns container, if you choose validation = duckdns

    Thanks to @Morlan also for this.

  • If you get a warning in Nextcloud regarding "Strict Transport-Security" do the following:

    in "yourconfigfolder/swag/nginx" open ssl.conf and remove the "#" in front of

    #add_headerStrict-Transport-Security "max-age=63072000; includeSubDomains;preload" always;

    docker restart swag

  • In case your certificate is not renewed automatically by swag:

    • open a ssh connection to OMV
    • docker exec -it swag /bin/bash to be able to execute commands within the container
    • certbot renew to renew the certificate
    • exit to leave the container

    Thanks to @emerenel

  • Some further comments and hints from wiegell

    1) If people are having trouble with HDD spinups, it turns out, that the cronjob file in the linuxserver/nextcloud image has only recently been made editable. It's required to recreate the container from a newer image, if one want's to edit this file and change nextcloud settings to AJAX.

    2) If anyone should have webdav issues (airplay in my case), HTTP2 might be the problem.

    3) I got "server reached pm.max_children" errors from the php log, which were solved by increasing the max_children in a similar fashion to what's being explained here. I would add, that it can be good to check with "top" (while doing demanding work), that the increase in threads doesn't start using memory cache, which in my case is on a slow SD card. In general this has sped up cpu/memory intensive tasks e.g. creation of thumbnails.

    Thanks to wiegell

  • If you want to speed up Nextcloud as suggested by monsen in this post: nextcloud fast video feedback


    Furthermore i would suggest to add redis to the installation to speed up nextcloud.

    This can be done by adding the following to the stack script:


        image: redis
        container_name: redis
        hostname: redis
          - /srv/dev-disk-by-label-SSD_Data/appdata/redisDocker:/data    #--> needs to be changed to your config
        restart: unless-stopped

    The nextcloud config (.../www/nextcloud/config/config.php) must be adapted to use redis as described here: https://docs.nextcloud.com/ser…aching_configuration.html

    add this:

      'memcache.local' => '\\OC\\Memcache\\APCu',
      'memcache.distributed' => '\\OC\\Memcache\\Redis',
      'redis' =>
      array (
         'host'     => 'redis',
         'port'     => 6379,

    Don't forget to restart the nextcloud container after the change of config-php has been saved.;)

    Thanks to monsen and riff-raff

  • macom

    Changed the title of the thread from “[How-To] Nextcloud with Letsencrypt using OMV and docker-compose” to “[How-To] Nextcloud with swag (Letsencrypt) using OMV and docker-compose”.
  • Tip from vcdwelt:

    If Nextcloud shows an error Message "ERROR 413 REQUEST ENTITY TOO LARGE". Try adding a line to


    after the timezone:

    upload_max_filesize=16384M #sets the limit to 16GB e.g.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!