Nextcloud

• Installation
• Calendar

Installation

Pre-Installation

Choose a place to store your user files (e.g. documents, photos, etc.). You can mount a different disk for example.

1. Find out the name of the drive

   lsblk
   

2. Create the mount path and change ownership

   sudo mkdir /mnt/data
   sudo chown -R $USER:$USER /mnt/data
   

3. Create an fstab entry to mount the drive on startup

   sudo nano /etc/fstab
   

   and add the the following to the bottom (replace /dev/sda1 accordingly)

   /dev/sda1 /mnt/data ext4 defaults 0 0
   

docker-compose.yml

version: "3"
services:
  nextcloud_db:
    image: mariadb
    container_name: nextcloud_db
    restart: unless-stopped
    command: --transaction-isolation=READ-COMMITTED --log-bin=ROW
    volumes:
      - ./data/db:/var/lib/mysql
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
    environment:
      - MYSQL_HOST=nextcloud_db
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD}
      - MYSQL_ROOT_PASSWORD=${NEXTCLOUD_MYSQL_ROOT_PASSWORD}

  nextcloud_redis:
    image: redis:alpine
    container_name: nextcloud_redis
    command: redis-server --requirepass ${NEXTCLOUD_REDIS_HOST_PASSWORD}
    restart: unless-stopped
    environment:
      - REDIS_HOST=nextcloud_redis
      - REDIS_HOST_PASSWORD=${NEXTCLOUD_REDIS_HOST_PASSWORD}

  nextcloud:
    image: nextcloud
    container_name: nextcloud
    restart: unless-stopped
    depends_on:
      - nextcloud_db
      - nextcloud_redis
    volumes:
      - ./data/app:/var/www/html
      - ./config:/var/www/html/config
      - /mnt/data/nextcloud:/var/www/html/data
    hostname: cloud.${SITE}
    environment:
      - MYSQL_HOST=nextcloud_db
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD}
      - REDIS_HOST=nextcloud_redis
      - REDIS_HOST_PASSWORD=${NEXTCLOUD_REDIS_HOST_PASSWORD}
      - OVERWRITEHOST=cloud.${SITE}
      - OVERWRITEPROTOCOL=https
      - overwrite.cli.url=https://cloud.${SITE}
      - PHP_MEMORY_LIMIT=768M
      - PHP_UPLOAD_LIMIT=1G
      - TRUSTED_PROXIES=${LOCAL_IP}

    labels:
      traefik.enable: true
      # https://docs.nextcloud.com/server/22/admin_manual/installation/harden_server.html
      # https://doc.traefik.io/traefik/v2.6/middlewares/http/headers/
      traefik.http.middlewares.header-nextcloud.headers.browserXssFilter: true
      traefik.http.middlewares.header-nextcloud.headers.contentTypeNosniff: true
      traefik.http.middlewares.header-nextcloud.headers.customFrameOptionsValue: 'SAMEORIGIN'
      traefik.http.middlewares.header-nextcloud.headers.referrerPolicy: 'no-referrer'
      traefik.http.middlewares.header-nextcloud.headers.stsincludesubdomains: true
      traefik.http.middlewares.header-nextcloud.headers.stspreload: true
      traefik.http.middlewares.header-nextcloud.headers.stsseconds: 15552000
      # https://docs.nextcloud.com/server/21/admin_manual/issues/general_troubleshooting.html#service-discovery
      # https://docs.nextcloud.com/server/23/admin_manual/configuration_server/reverse_proxy_configuration.html#traefik-2
      # https://doc.traefik.io/traefik/v2.6/middlewares/http/redirectregex/
      traefik.http.middlewares.redirect-dav-nextcloud.redirectRegex.permanent: true
      traefik.http.middlewares.redirect-dav-nextcloud.redirectRegex.regex: 'https://cloud.${SITE}/.well-known/(card|cal)dav'
      traefik.http.middlewares.redirect-dav-nextcloud.redirectRegex.replacement: 'https://cloud.${SITE}/remote.php/dav/'
      traefik.http.routers.nextcloud.entrypoints: websecure
      traefik.http.routers.nextcloud.middlewares: 'header-nextcloud,redirect-dav-nextcloud,secured@file'
      traefik.http.routers.nextcloud.rule: 'Host(`cloud.${SITE}`)'
      traefik.http.services.nextcloud.loadbalancer.server.port: 80

Post-Installation

• Set the default phone region

  Edit config/config.php and add 'default_phone_region' => 'DE', down at the bottom.

• Create a sudo cronjob for the nextcloud background tasks

  Edit

  sudo crontab -e
  

  and add the following line

  */5 * * * * docker exec -u www-data nextcloud php /var/www/html/cron.php
  

• Setup 2FA and everything else in the GUI

See also

• https://help.nextcloud.com/t/docker-nextcloud-oder-linuxserver-nextcloud/168668/6
• https://goneuland.de/nextcloud-server-mit-docker-compose-und-traefik-installieren/

Calendar

To use the calendar, an admin first needs to activate the app in the admin settings. If that is done, you can log into your user account.

If you have set up 2FA, you will first need to create a new app password:

1. Go to User>Settings>Security and scroll down to Devices & session.
2. Choose a name for yout app (e.g. Thunderbird) and click on Create new app password.
3. Save Username and Password for later and click Done.
4. Go to your calendar of choice and follow their instructions to set up the calendar.
5. In the setup, use the Username and Password from above.

For Thunderbird see here.