Nextcloud
Installation
Pre-Installation
Choose a place to store your user files (e.g. documents, photos, etc.). You can mount a different disk for example.
- Find out the name of the drive
lsblk
- Create the mount path and change ownership
sudo mkdir /mnt/data sudo chown -R $USER:$USER /mnt/data
- Create an fstab entry to mount the drive on startup
and add the the following to the bottom (replacesudo nano /etc/fstab
/dev/sda1
accordingly)/dev/sda1 /mnt/data ext4 defaults 0 0
docker-compose.yml
version: "3"
services:
nextcloud_db:
image: mariadb
container_name: nextcloud_db
restart: unless-stopped
command: --transaction-isolation=READ-COMMITTED --log-bin=ROW
volumes:
- ./data/db:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
environment:
- MYSQL_HOST=nextcloud_db
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD}
- MYSQL_ROOT_PASSWORD=${NEXTCLOUD_MYSQL_ROOT_PASSWORD}
nextcloud_redis:
image: redis:alpine
container_name: nextcloud_redis
command: redis-server --requirepass ${NEXTCLOUD_REDIS_HOST_PASSWORD}
restart: unless-stopped
environment:
- REDIS_HOST=nextcloud_redis
- REDIS_HOST_PASSWORD=${NEXTCLOUD_REDIS_HOST_PASSWORD}
nextcloud:
image: nextcloud
container_name: nextcloud
restart: unless-stopped
depends_on:
- nextcloud_db
- nextcloud_redis
volumes:
- ./data/app:/var/www/html
- ./config:/var/www/html/config
- /mnt/data/nextcloud:/var/www/html/data
hostname: cloud.${SITE}
environment:
- MYSQL_HOST=nextcloud_db
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD}
- REDIS_HOST=nextcloud_redis
- REDIS_HOST_PASSWORD=${NEXTCLOUD_REDIS_HOST_PASSWORD}
- OVERWRITEHOST=cloud.${SITE}
- OVERWRITEPROTOCOL=https
- overwrite.cli.url=https://cloud.${SITE}
- PHP_MEMORY_LIMIT=768M
- PHP_UPLOAD_LIMIT=1G
- TRUSTED_PROXIES=${LOCAL_IP}
labels:
traefik.enable: true
# https://docs.nextcloud.com/server/22/admin_manual/installation/harden_server.html
# https://doc.traefik.io/traefik/v2.6/middlewares/http/headers/
traefik.http.middlewares.header-nextcloud.headers.browserXssFilter: true
traefik.http.middlewares.header-nextcloud.headers.contentTypeNosniff: true
traefik.http.middlewares.header-nextcloud.headers.customFrameOptionsValue: 'SAMEORIGIN'
traefik.http.middlewares.header-nextcloud.headers.referrerPolicy: 'no-referrer'
traefik.http.middlewares.header-nextcloud.headers.stsincludesubdomains: true
traefik.http.middlewares.header-nextcloud.headers.stspreload: true
traefik.http.middlewares.header-nextcloud.headers.stsseconds: 15552000
# https://docs.nextcloud.com/server/21/admin_manual/issues/general_troubleshooting.html#service-discovery
# https://docs.nextcloud.com/server/23/admin_manual/configuration_server/reverse_proxy_configuration.html#traefik-2
# https://doc.traefik.io/traefik/v2.6/middlewares/http/redirectregex/
traefik.http.middlewares.redirect-dav-nextcloud.redirectRegex.permanent: true
traefik.http.middlewares.redirect-dav-nextcloud.redirectRegex.regex: 'https://cloud.${SITE}/.well-known/(card|cal)dav'
traefik.http.middlewares.redirect-dav-nextcloud.redirectRegex.replacement: 'https://cloud.${SITE}/remote.php/dav/'
traefik.http.routers.nextcloud.entrypoints: websecure
traefik.http.routers.nextcloud.middlewares: 'header-nextcloud,redirect-dav-nextcloud,secured@file'
traefik.http.routers.nextcloud.rule: 'Host(`cloud.${SITE}`)'
traefik.http.services.nextcloud.loadbalancer.server.port: 80
Post-Installation
-
Set the default phone region
Edit
config/config.php
and add'default_phone_region' => 'DE',
down at the bottom. -
Create a sudo cronjob for the nextcloud background tasks
Edit
sudo crontab -e
and add the following line
*/5 * * * * docker exec -u www-data nextcloud php /var/www/html/cron.php
-
Setup 2FA and everything else in the GUI
See also
- https://help.nextcloud.com/t/docker-nextcloud-oder-linuxserver-nextcloud/168668/6
- https://goneuland.de/nextcloud-server-mit-docker-compose-und-traefik-installieren/
Calendar
To use the calendar, an admin first needs to activate the app in the admin settings. If that is done, you can log into your user account.
If you have set up 2FA, you will first need to create a new app password:
- Go to
User
>Settings
>Security
and scroll down toDevices & session
. - Choose a name for yout app (e.g.
Thunderbird
) and click onCreate new app password
. - Save
Username
andPassword
for later and clickDone
. - Go to your calendar of choice and follow their instructions to set up the calendar.
- In the setup, use the
Username
andPassword
from above.
For Thunderbird see here.