Nextcloud with Letsencrypt using OMV and docker-compose - Q&A

Zitat von Konsti

Bu this also means that this tip/post on the previous page to just run certbot renew in a Docker installation, will most likely fail for some people

Maybe. I never had trouble with the automated renewal, so I never bothered to try it out.

Zitat von Konsti

So this means that cron runs each day.

Yes at 2:08 am.

Im glad it worked for you now!

Zitat von Tiste7

Hi,

I am trying to use Redis to speed-up my Nextcloud on OMV5 using docker.

I have followed the nextcloud documentation to update my config.php file, I have also edited my redis.conf file. My Redis Server is up but synchronisation failed and I have an error : RedisException: No such file or Directory

Config.php

  'memcache.local' => '\OC\Memcache\APCu',

  'memcache.locking' => '\OC\Memcache\Redis',

  'filelocking.enabled' => true,

  'redis' =>

  array (

    'host' => '/var/run/redis/redis.sock',

'port' => 0,

'timeout' => 0.0,

),

I have checked my nextcloud log file and I can not identified where the problem is.

Does anyone have successfully switched to Redis for memory caching ?

Thanks for you help

Alles anzeigen

Hi Tiste7,

Have you found the solution to work problem ?

Thank you in advance.

I am a little stuck with setting up my proxy. I use no subfoder or subdomain, but instead my domain directly.

Docker:

letsencrypt:

80:80

443:443

mariadb

3306:3306

nextcloud

no port

letsencrypt docker is working, but without redirection to my nextcloud-root ; nextcloud itself, if i assign it a port, works as well.

config.php

  'trusted_proxies' =>
  array (
    0 => 'letsencrypt',
  ),
  'overwritewebroot' => '/',
  'overwritehost' => 'mydomain.com',
  'overwriteprotocol' => 'https',
  'overwrite.cli.url' => 'https://mydomain.com',


  'trusted_domains' =>
  array (
    0 => 'mydomain.com',
  ),

nextcloud.subdomain.conf

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name *;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app nextcloud;
        set $upstream_port 443;
        set $upstream_proto https;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;

        proxy_max_temp_file_size 2048m;
    }
}

Does anyone have a litte hint for me?

Zitat von riff-raff

letsencrypt:

80:80

443:443

I am a n00b but in macom guide the ports are

81:80
444:443

I think I have more a folder- and/or redirection problem, since I do not use nextcloud.mydomain.com or mydomain.com/nextcloud, but instead mydomain.com directly.

Using internal port 81 and 444 enables another container (for example nextcloud) to have 443 or 80 to bypass the proxy. But I do not need this.

Besides ... does the linuxserver.nextcould support redis through php-fpm-module?

Tried setting up a redis-docker and use

  'memcache.local' => '\\OC\\Memcache\\APCu',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => 'my-ip',
    'port' => 6379,
  ),

Edit: redis is running with this code, just takes a couple minutes to see first connections with

redis-cli monitor

For testing I tried using subdomain and subfolder-method. On both I get

502 Bad Gateway

  'trusted_proxies' =>
    array (
      0 => 'letsencrypt',
     ),
  'overwritewebroot' => '/nextcloud',
  'overwrite.cli.url' => 'https://mydomain.com/nextcloud',
  'trusted_domains' =>
    array (
      0 => 'mydomain.com',
      1 => '192.168.1.2',
     ),

Docker:

letsencrypt:

81:80

444:443

mariadb

3306:3306

nextcloud

80

443

nextcloud by itself with just

  'trusted_domains' =>
    array (
      0 => 'mydomain.com',
      1 => '192.168.1.2',
     ),

works, but without CERT.

For tests with subdomain i stick exactly to the howto and I setup a CNAME nextcloud.mydomain.com pointing to mydomain.com

Letsencrypt Logs:

Zitat

2020/05/21 00:27:56 [error] 404#404: *1 nextcloud could not be resolved (110: Operation timed out), client: 91.40.253.106, server: _, request: "GET /nextcloud/ HTTP/2.0", host: "mydomain.com"

Despite all container are bridged and member of net 172.17.0.0/16

Edit:

nextcloud letsencrypt

Edit:

setting

nextcloud.subfolders.conf at

proxy_pass $upstream_proto://172.17.0.8:$upstream_port;

and the

config.php to

  'trusted_domains' =>
    array (
      0 => 'mydomain.com',
      1 => '172.17.0.4',
     ),

solved the 502 Bad Gateway problem, but still, its subdirectory and not the domain itself.

Is it possible to mount Samba shares from the host within nextcloud docker through the external storage plugin?

I have an share, lets call it 'example' on my host with 192.168.0.2, shared folder 'example' and all its subfolders is owned by user 'nextcloud', who has all privileges on it. Do I mount this share within nextcloud (host ip, shared folder 'example' global access with user 'nextcloud') the setup indicates that data is correct and share is reachable, but on opening I can not access any data within this share. At first I thought it was an permission issue or a connection, but both seem to be right. I do not want to run the container in privileged mode; which Capability Key is required?

Any suggestions?

So to mount the corresponding share as volume within the container? To bad, I liked the SMB, even there was this nasty 4 GB bug, cause it was quick & dirty to add grant access to folders for nextcloud users or even through a direct link.

Moving data to SSD seems intersting, I have one with 1 TB lying around unused ...

I did exactly the same thing, even the greenish symbol with the check appeares, but within external sites, I can see the share, but I have no access to its content. Do I access the share from Windows or Linux Desktops using the user provided everything works ...

exactly the same, architecture is amd64 as well. OMV 5.X

linuxserver/nextcloud

linuxserver/mariadb

linuxserver/letsencrypt

I configured it in admin site ... in user site i can see it, but says I have no rights to access the content.

i use user 'nextcloud' configured as system user through OMV GUI, the share is present through samba, the user is owner of the shared folder and has full rights. Do I access the share with Nautilus or Windows Explorer using the user, everything works. There is no difference in specifying 192.168.0.2 (OMV IP) or Docker IP, same thing.

I tried both, no positive results. user(groups) is the group 'user'.

Edit:

Okay, Samba seems to work since I created a custom bridged network instead of the docker system bridged one.

Hi folks,

thanks for the tutorial setting up NextCloud with Letsencrypt in Docker... I had to hassle around a bit, but finally get it working. I followed the route with DuckDNS but now I cannot get the subdomain.duckdns.org be accessed with 'https'. However I can access it with sub.subdomain.duckdns.org. On docker-compose.yml I had one entry that said

SUBDOMAINS=wildcard

which I was getting from one of the links referred bei macom which was the nginx, letsencrypt, reverse proxy tutorial. Anyhow: I'd like to get rid of the "sub.subdomain" thing and only access it with "subdomain.duckdns.org". I suppose I have to change nextcloud's config.php and the letsencrypt "nextcloud.subdomain.conf" but did not find the right parameters.

Beyond that: Is there any guide to set up a self-hosted nextcloud installation with a subdomain that I already have? I am with provider where I also can provide https via letsencrypt to that domain directly but it's not clear to me how I make my server connecting to that subdomain.

Zitat von WastlJ

This is the Q&A Thread for that HOWTO: [How-To] Nextcloud with Letsencrypt using OMV and docker-compose

Hi, I set up system according to your instruction. everything looks fine, only when I tried to access from local network (try to access https://10.1.1.196:4553/nextcloud directly). the page shows "nextcloud access is not from a trust domain".

I have defined trust domain in file appdata/nextcloud/config/www/nextcloud/config/config.php like below:

<?php

$CONFIG = array (

'memcache.local' => '\\OC\\Memcache\\APCu',

'datadirectory' => '/data',

'trusted_proxies' =>

array (

0 => 'letsencrypt',

),

'overwritewebroot' => '/nextcloud',

'overwrite.cli.url' =>

array(

0 => 'https://10.1.1.196:4553/nextcloud',

1 => 'https://xxxxx.duckdns.org:4553/nextcloud',

),

'overwriteprotocol' => 'https',

'trusted_domains' =>

array (

0 => 'https://10.1.1.196:4553',

1=> 'https://xxxxx.duckdns.org:4553',

),

......removed database setting content.

);

Does anyone met this kind of issue before?

Could someone help to give some advice about it?

Thanks!

I set up everything as described in https://forum.openmediavault.o…g-OMV-and-docker-compose/

All containers boot but up with no errors in the logs. But my nextcloud does not seem to be able to connect to the MariaDB.

I set up all containers in bridge mode as i thought this is the intended way.

I tried to connect from my client to MariaDB to fix permission issues for nextcloud but the root user is only allowed to connect from localhost (so i guess this is the root cause):

Host 'xxx.xx.xxx.xxx' is not allowed to connect to this MySQL server

As every container has an own IP in the bridge network and the MariaDB docker has no shell acccess, how should i fix this?

Nevermind i got it, Here is how:

First of all login to the docker containers shell with:

docker exec -it <container_id> /bin/bash

then use

 mysqladmin -u root password <password>

to set the root password.

Then login to MariaDB with

mysql -h 127.0.0.1 -P 3306 -u root -p

From here on user rights and allowed hosts can be edited.