Nextcloud Container
Nextcloud publishes their own Docker container of Nextcloud. The Nextcloud image on Docker hub is maintained by the Nextcloud community, and is not officially supported by Nextcloud! Linuxserver.io, as well as some others also have Nextcloud containers on Docker Hub.
Nextcloud needs a number of services to run; the main Nextcloud server, a database and Redis. In addition, there needs to be a proxy server or similar to forward on common domain requests to sub-domains as well as handling certificates, however this is required for all the various services and can be considered separately.
Refer to Nextcloud's Maintenace section on instructions to backup, restore and migrate Nextcloud. Also as I am using the official Nextcloud container it has additional instructions to https://github.com/docker-library/docs/blob/master/nextcloud/README.md#migrating-an-existing-installation:migrate Nextcloud to Docker.
- uid: www-data / 33, gid: www-data / 33. This seems to be Debian standard. Alpine linux seems to use 82 for www-data. Just stick with uid/gid as per the image supplied, 82 for Alpine and ignore the names.
docker exec -u www-data nextcloud-app-1 php /var/www/html/cron.php
runs the cron.phpdocker exec -u www-data nextcloud-app-1 php occ maintenance:mode --off|on
to turn maintenance mode off or on from the containers host shell
Nextcloud with supervisord
The base Nextcloud image does not directly support cron. So it needs to be added, for the nextcloud-fpm.alpine version see github nextcloud docker fpm-apline cron dockerfile examples
As docker adminstartion warns about missing php imagemagick-svg support I also added the Apline package to the updated image to rectify this warning.
RedirectRegex
I get a redirect error in Nextcloud that I have not been able to track down to date. Does not seem much info in this on the net, and the little there is also indicates a problem without and easy solution. Nextcloud main support looks Apache web server based with little Nginx support and even less Traefik support. Some resources related to this:
- Traefik:
mysql
Installing and Using MariaDB via Docker
logging
The db logs seem to redirected to be handled by Docker container and can be access using: docker container logs nextcloud-db-1
backup
The Nextcloud Backup instruction are reasonably comprehensive. There are 2 backup that need to be made, both the Nextcloud data and configuration and the related mysql/mariadb data(base).
Step 0 is to gain shell access to relevant container
- Confirm required user, default login is as
root
, for next cloud easier to usewww-data
- Confirm shell type, bash is more comprehensive, whereas sh or ash are better supported across different container types
- Using portainer or similar just select the container and use the terminal login,
>
- From terminal on host running docker container use
docker exec -it --user www-data nextcloud-app-1 ash
, where:--user www-data
would login as userwww-data
. If omitted will default login toroot
nextcloud-app-1
is the container name. This can be found using thedocker ps
command. Should also be able to use the container ID.ash
is the shell to use when accessing the container.
Step 1 is to place Nextcloud into mainteance mode sudo -u www-data php occ maintenance:mode --on
\
- In Portainer I usually log into shell using “sh” or ash“ shells as “Bash” shell is not setup in the Alpine Nextcloud image I use.
- I also set user to
www-data
which is what Nextcloud has been set as user. - I then use the command
php occ maintenance:mode --on
- From CLI
docker exec -it --user www-data <container id> /bin/ash
will provide a shell with user set as nominated into the container
- Some pointers:
- The shell enters into the directory
/var/html/www
, where theocc
executable is located. - The command
whoami
confirms current logged in user. - The user list can be seen with
cat /etc/passwd
where the user various users and their ids can be seen
Step 2 is to backup the Nextcloud data and configuration.
- Nextcloud recommends
rsync -Aavx nextcloud/ nextcloud-dirbkp_`date +"%Y%m%d"`/
- I backup the entire docker directory weekly. The main concern is the dynamic nature of the back-up when running and alignment with database.
Step 3 is to back up the Nextcloud database:
- Nextcloud recommends the following for Mysql/MAriadb:
mysqldump --single-transaction -h [server] -u [username] -p[password] [db_name] > nextcloud-sqlbkp_`date +"%Y%m%d"`.bak
mysqldump --single-transaction --default-character-set=utf8mb4 -h [server] -u [username] -p[password] [db_name] > nextcloud-sqlbkp_`date +"%Y%m%d"`.bak
The simplest solution for me is to shutdown the Docker-compose for the Nextcloud instance, including all containers that make the stack and then run my Restic back up with a tag to keep this snapshot.
NGINX configuration
Nextcloud documentation (stable) on NGINX configuration
Nextcloud documentation (stable) on general installation installation index.
Reverse Proxy
Nextcloud documentation (stable) for reverse proxies, such as traefik.
cron
docker-compose exec -u www-data nextcloud php cron.php
to run cron in Nextcloud Docker
CLI Use of Nextcloud
Sometime it is necessary to get direct CLI (command line interface) access to Nextcloud for updating, turning of maintenance mode and similar.
docker exec -it --user www-data nextcloud-app-1 ash
gain terminal access to Nextcloud- Nextcloud is running in the nextcloud-fpm Docker container, to access the cli in Portainer need to select
/bin/sh
shell and userwww-data
. The working directory is/var/www/html
- Manually upgrade command:
php occ upgrade
- To check maintenance mode status:
php occ maintenance:mode
- To turn off maintenance mode:
php occ maintenance:mode --off
If all goes well Nextcloud web interface should be functional - To turn on maintenance mode:
php occ maintenance:mode --on
Nextcloud web interface should show that it is in maintenance mode
Listing of:
File Integrity Check
This error is a bit painful. In the nextcloud instance (container)”
- Basically check the files that are called up as failing integrity.
- Judiciously delete files where they are not needed.
- Then run command:
php occ integrity:check-core
.
Nextcloud runs integrety:check-core
when starting. So if manually cleaning-up Nextcloud to remove errors Nextcloud needs to have command manually run or restarted.
Nextcloud Client and CLI client configuration
The basic Nextcloud client is a program installed for GUI use. You basically just install the gui program/app and use it, see Nextcloud Install. OPtions to install include sudo apt install nextcloud-desktop
or install via AppImage the release can be found here: https://download.nextcloud.com/desktop/releases/Linux/
There is also a CLI program included called nextcloudcmd
there seems to be a method to use the AppImage package to access the command, see here: Where to download just nextcloudcmd? In debian sudo apt install nextcloud-desktop-cmd
will down load nextcloudcmd, however it will also download the bulk of the dependencies for nextcloud desktop too.
Another possible option is to use webdav to access the Nextcloud repository and rsync latest files between these. See: davfs2. The Nextcloud directory can be mounted locally and then use rsync to copy latest common files between local and Nextcloud. This can be used to sync two local computers.
References
- Matthias Schoettle Notes on traefik v2, Nextcloud, etc.
- Nextcloud Docs:
- The Maintenance section covers migrating to another server as well as backup, restore and upgrading.
- smarthome beginner's Nextcloud Docker with Traefik Reverse Proxy for Beginners
- linuxserver.io Install Nextcloud (LinuxServer.io)
- Christain Lempa boilerplates/docker-compose/nextcloud/nextcloud.yaml
Nextcloud Office / Collabora
Nextcloud can run an internal server for Collabora, a LibraOffice based online type office server, or a separate Collobora server. I never got the internal server working. I got a Collobora server operating in a Docker container and then managed to get Nextcloud to operate with the server. I have placed the Collabora server behind my Traefik server and given it a local address only. The local address means that the Nextcloud server can not access the Collabora server unless it is operating on the LAN. It is not difficult for me to setup the Collabora server for external access, but I need to think and investigate the potential security issued with this as a public facing server.
Collabora References
Other Possible Apps/Images
- Diun is a tool to notify if docker images have been updated. (Reportedly better than automatic updates such as watchtower.)
- heindall a dashboard application. Low priority…..