Docker Container set up by this method can be managed by Portainer or from CLI.
Pre-requisites
In order to be able to reach nextcloud from the internet you need an external IPv4 address and a hostname.
Regarding external IPv4 address check you router or ask your internet service provider.
To register a hostname you can use services like duckdns, selfhost.eu, strato.de or many others.
Make sure to use strong passwords!!!
Preparation
- Install and fully update OMV (a restart might be needed if the kernel has been updated)
- install omv-extras
- install the omv-docker-compose plugin
- create a user dedicated for docker in the GUI of OMV, let's call him "docker1"
- in the CLI determine UID (user ID) and GID (group ID) of user "docker1" id docker1
Installation of Nextcloud and SWAG (Letsencrypt) in Docker
- forward ports in your router (check user manual of your router how to to this)
- port extern 443 to port 444 intern (IP of your NAS)
- port extern 80 to port 81 intern (IP of your NAS)
- if you prefer to deploy the stack from CLI (and not use the docker-compose-plugin):
- mkdir /home/docker1 create a folder for user docker1 in home directory
- mkdir /home/docker1/nextcloud create a folder where we will put the docker-compose.yml file to setup nextcloud
- cd /home/docker1/nextcloud change in that directory
- nano docker-compose.yml create an empty file and start the editor
- copy the content of the Source Code box below in the editor, edit the relevant entries and save the file with Ctrl+X and y; name must be "docker-compose.yml"
- to copy the content of the Source Code box use the small icon in the top right corner of the box ("Copy Contents")
- text after "#" are comments and indicate where you need to make adjustments to the file
- PUID is the UID of your docker1 user; PGID is the GID of you docker1 user
- it is not required that the folders ("appdata", "appdata/nextcloud" etc) in "volumes:" exist; they will be created when we run docker-compose
- do not place the config folders on a mergerfs mount point
As alternative you can also deploy the stack in Portainer: [How-To] Use docker-compose files in Portainer
version: "2"
services:
nextcloud:
image: ghcr.io/linuxserver/nextcloud
container_name: nextcloud
environment:
- PUID=1000 #change PUID if needed
- PGID=100 #change PGID if needed
- TZ=Europe/Berlin #change Time Zone if needed
volumes:
- /srv/dev-disk-by-label-disk1/appdata/nextcloud/config:/config #/srv/dev-disk-by-label-disk1 needs to be adjusted
- /srv/dev-disk-by-label-disk1/appdata/nextcloud/data:/data #/srv/dev-disk-by-label-disk1 needs to be adjusted
depends_on:
- mariadb
# ports: # uncomment this and the next line if you want to bypass the proxy
# - 450:443
restart: unless-stopped
mariadb:
image: ghcr.io/linuxserver/mariadb
container_name: nextclouddb
environment:
- PUID=1000 #change PUID if needed
- PGID=100 #change PGID if needed
- MYSQL_ROOT_PASSWORD=mariadbpassword #change password
- TZ=Europe/Berlin #Change Time Zone if needed
volumes:
- /srv/dev-disk-by-label-disk1/appdata/nextclouddb:/config #/srv/dev-disk-by-label-disk1 needs to be adjusted
restart: unless-stopped
swag:
image: linuxserver/swag #swag is the replacement for letsencrypt (see link below)
container_name: swag
cap_add:
- NET_ADMIN
environment:
- PUID=1000 #change PUID if needed
- PGID=100 #change PGID if needed
- TZ=Europe/Berlin # change Time Zone if needed
- URL=xxxx.de #insert your domain name - yourdomain.url
- SUBDOMAINS=www,
- VALIDATION=http
- EMAIL=xxx.yyy@provider.com # define email; required to renew certificate
volumes:
- /srv/dev-disk-by-label-disk1/appdata/swag:/config #/srv/dev-disk-by-label-disk1 needs to be adjusted
ports:
- 444:443
- 81:80
restart: unless-stopped
Display More
- after you saved the file, run docker-compose up -d in the directory where the docker-compose.yml file is located; this will download the needed images and start the container
- when finished, run docker logs -f swag and check for errors
Configuration of proxy
- cd /srv/dev-disk-by-label-disk1/appdata/swag/nginx/proxy-confs /srv/dev-disk-by-label-disk1 has to be adjusted
- cp nextcloud.subfolder.conf.sample nextcloud.subfolder.conf this will copy the sample configuration file for nextcloud and removes the .sample so that the file will become active
- nano /srv/dev-disk-by-label-disk1/appdata/nextcloud/config/www/nextcloud/config/config.php and insert the text from the box below at the end, but befor the ");" - change "your.url" to your domain
'trusted_proxies' =>
array (
0 => 'swag',
),
'overwritewebroot' => '/nextcloud',
'overwrite.cli.url' => 'https://your.url/nextcloud',
'trusted_domains' =>
array (
0 => 'your.url:443',
),
- docker restart swag to restart the swag container
- docker logs -f swag to check for errors
- docker restart nextcloud
Nextcloud can now be reached with https://your.url/nextcloud
- on the welcome screen of nextcloud (see picture below) we need to configure the database
- click on "Storage&Database"
- select MySQL/MariaDB
- Database user --> "root"
- Database password --> password which has been specified in the docker-compose file with MYSQL_ROOT_PASSWORD
- Database name --> "nextcloud"
- localhost host --> "nextclouddb"
then click "finish setup"
- Selection_044.jpg
Please note: the configuration of the proxy is highly dependent on how you set up your domain. For further details check the available documentation for letsencrypt. E.g.
https://blog.linuxserver.io/20…domainreverseproxyexample
https://hub.docker.com/r/linuxserver/letsencrypt
Trouble shooting letsencrypt image and port forwarding:
Troubleshooting Letsencrypt Image Port Mapping and Forwarding | LinuxServer.io
SWAG as replacement of letsencrypt
Introducing SWAG - Secure Web Application Gateway | LinuxServer.io
https://docs.linuxserver.io/general/swag
Q&A for my HOWTO: forum.openmediavault.org/index…V-and-docker-compose-Q-A/
Here is a specific guide for the implementation with duckDNS: