Hi OMV forum, still working on getting my new NAS with OMV 7 going to replace my old hardware running OMV 5. I am trying to get nextcloud up and running but having some issues, I believe all of them stem from using bind-mounts and permission issues around this.
Has anyone gotten the official nextcloud image working (not linuxserver.io) using bind-mounts per the OMV-extras guide?
Setup Notes:
- OMV 7
- using compose plugin from omv-extras
- drives for docker mapped via omv-extras guide section 2.2 (https://wiki.omv-extras.org/doku.php?id=omv7:docker_in_omv)
- my setup is pretty much the exact same, with a HDD being used for docker containers data and an SSD being used for the containers & configs
- created a separate user in OMV to run the docker containers and has permissions per OMV for these Shared Folders set in web gui (per the previous guide)
- Directories created for nextcloud appdata and data prior to spinning up the compose file
Issue: cannot get the official nextcloud image running, believe it is due to permissions issues when using bind mounts as opposed to letting the container create the volumes. I am trying to use the "user: uid:gid" flag in the nextcloud .yaml with it set to my OMV user created to run the docker containers.
Nextcloud .yaml file:
services:
db:
image: mariadb:10.11
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
restart: unless-stopped
container_name: ncdb
volumes:
- ${PATH_TO_DATA}/ncdb:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
environment:
- MYSQL_ROOT_PASSWORD=rootpassword
- MYSQL_PASSWORD=password
- MYSQL_DATABASE=nextclouddb
- MYSQL_USER=user
networks:
- nextcloud-net
redis:
image: redis:alpine
container_name: ncredis
restart: unless-stopped
command: redis-server --requirepass password
networks:
- nextcloud-net
app:
build: ./
restart: unless-stopped
user: uid:gid
container_name: nextcloud
volumes:
- ${PATH_TO_APPDATA}/nextcloud:/var/www/html
- ${PATH_TO_APPDATA}/nextcloud/config:/var/www/html/config
- ${PATH_TO_DATA}/nextcloud:/var/www/html/data
- ${PATH_TO_APPDATA}/nextcloud/apps:/var/www/html/custom_apps
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- ${PATH_TO_APPDATA}/nextcloud/php.ini:/usr/local/etc/php/conf.d/big_upload.ini
- ${PATH_TO_DATA}/nextcloud/big_temp_file:/var/big_temp_file
- ${PATH_TO_APPDATA}/nextcloud/redis-session.ini:/usr/local/etc/php/conf.d/redis-session.ini
environment:
- MYSQL_HOST=db
- MYSQL_DATABASE=nextclouddb
- MYSQL_USER=user
- MYSQL_PASSWORD=password
- REDIS_HOST=redis
- REDIS_HOST_PASSWORD=password
- NEXTCLOUD_TRUSTED_DOMAINS=myapp.local, 192.168.1.1/24
- APACHE_DISABLE_REWRITE_IP=1
- TRUSTED_PROXIES=172.1.0.0/16
- OVERWRITEHOST=nextcloud.myapp.local
- OVERWRITEPROTOCOL=https
- TEMP_DIRECTORY=/var/big_temp_file/
depends_on:
- db
- redis
ports:
- 8081:80
networks:
- caddy-net
- nextcloud-net
networks:
caddy-net:
external: true
nextcloud-net:
external: true
Display More
Dockerfile:
FROM nextcloud:apache
RUN set -ex; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
ffmpeg \
ghostscript \
libmagickcore-6.q16-6-extra \
procps \
smbclient \
supervisor \
# libreoffice \
; \
rm -rf /var/lib/apt/lists/*
RUN set -ex; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
libbz2-dev \
libc-client-dev \
libkrb5-dev \
libsmbclient-dev \
; \
\
docker-php-ext-configure imap --with-kerberos --with-imap-ssl; \
docker-php-ext-install \
bz2 \
imap \
; \
pecl install smbclient; \
docker-php-ext-enable smbclient; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
| sort -u \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
| xargs -rt apt-mark manual; \
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
RUN mkdir -p \
/var/log/supervisord \
/var/run/supervisord \
;
RUN mkdir -p \
/var/big_temp_file/ \
;
#changed the line below from www-data:root
RUN chown -R www-data:www-data /var/big_temp_file/ \
;
RUN chmod 755 /var/big_temp_file/ \
;
COPY supervisord.conf /
#ENV NEXTCLOUD_UPDATE=1
CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
Display More
php.ini: (note I created this file prior to spinning up the container in the appropriate location on ${PATH_TO_APPDATA} per the compose file above. This file is used to change nextclouds php config to allow for larger files to be uploaded.
upload_max_filesize = 10G
post_max_size = 10G
max_input_time = 7200
max_execution_time = 7200
memory_limit = 1024M
upload_tmp_dir = /var/big_temp_file/
output_buffering = 0
supervisord.conf: same as php.ini file above pretty much
[supervisord]
nodaemon=true
logfile=/var/log/supervisord/supervisord.log
pidfile=/var/run/supervisord/supervisord.pid
childlogdir=/var/log/supervisord/
logfile_maxbytes=50MB ; maximum size of logfile before rotation
logfile_backups=10 ; number of backed up logfiles
loglevel=error
[program:apache2]
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=apache2-foreground
[program:cron]
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=/cron.sh
Display More
redis-session.ini: blank file created that the container should write to on entrypoint
I am using the compose plugin as mentioned and have the Dockerfile in the "Dockerfiles" section of the plugin and the compose file in the "Files" section. I first pull and build the dockerfile, then pull up the compose file, all via the plugin.
On my old NAS running OMV5 this pretty much worked out of the box as I did not use bind-mounts and instead let docker create the volumes for everything, which I believe does not create any permissions issues. On my new NAS running OMV7 using bind-mounts, I believe permissions issues are whats causing the container to fail. All that said - I have tried chown -ing the ${PATH_TO_APPDATA}/nextcloud and ${PATH_TO_DATA}/nextcloud directories to match my OMV host user:group and also have changed the directories permissions to 755, with it still throwing permissions errors.
Anyone else get this running (or something similar) using the official nextcloud image that can share some advice?
Thank you.