forked from wonderfall/nextcloud
- Based on Alpine Linux.
- Bundled with nginx and PHP 7.1 (wonderfall/nginx-php image).
- Automatic installation using environment variables.
- Package integrity (SHA512) and authenticity (PGP) checked during building process.
- Data and apps persistence.
- OPCache (opcocde), APCu (local) installed and configured.
- system cron task running.
- MySQL, PostgreSQL (server not built-in) and sqlite3 support.
- Redis, FTP, SMB, LDAP, IMAP support.
- GNU Libiconv for php iconv extension (avoiding errors with some apps).
- No root processes. Never.
- Environment variables provided (see below).
- latest : latest stable version. (17)
- 17 : latest 17.0.x version (stable)
- 16 : latest 16.0.x version (NC stable, this container image no longer updated)
- 15 : latest 15.0.x version (NC stable, this container image no longer updated)
For security reasons, you should occasionally update the container, even if you have the latest version of Nextcloud. Images are built on a regular schedule, to keep underlying dependencies up to date.
- NEXTCLOUD_VERSION : version of nextcloud
- GNU_LIBICONV_VERSION : version of GNU Libiconv
- GPG_nextcloud : signing key fingerprint
- UID : nextcloud user id (default : 991)
- GID : nextcloud group id (default : 991)
- UPLOAD_MAX_SIZE : maximum upload size (default : 10G)
- APC_SHM_SIZE : apc memory size (default : 128M)
- OPCACHE_MEM_SIZE : opcache memory size in megabytes (default : 128)
- MEMORY_LIMIT : php memory limit (default : 512M)
- CRON_PERIOD : time interval between two cron tasks (default : 15m)
- CRON_MEMORY_LIMIT : memory limit for PHP when executing cronjobs (default : 1024m)
- TZ : the system/log timezone (default : Etc/UTC)
- ADMIN_USER : username of the admin account (default : none, web configuration)
- ADMIN_PASSWORD : password of the admin account (default : none, web configuration)
- DOMAIN : domain to use during the setup (default : localhost)
- DB_TYPE : database type (sqlite3, mysql or pgsql) (default : sqlite3)
- DB_NAME : name of database (default : none)
- DB_USER : username for database (default : none)
- DB_PASSWORD : password for database user (default : none)
- DB_HOST : database host (default : none)
- PERMISSION_RESET : Set to 0 to disable permission fixing on container boot - can be useful if you have a large install and wish to handle permissions manually (default : 1)
- APP_AUTO_UPDATE : Set to 1 to enable app auto update on container restart (default : 0)
Don't forget to use a strong password for the admin account!
- 8888 : HTTP Nextcloud port.
- /data : Nextcloud data.
- /config : config.php location.
- /apps2 : Nextcloud downloaded apps.
- /nextcloud/themes : Nextcloud themes location.
- /php/session : php session files.
Basically, you can use a database instance running on the host or any other machine. An easier solution is to use an external database container. I suggest you to use MariaDB, which is a reliable database server. You can use the official mariadb image available on Docker Hub to create a database container, which must be linked to the Nextcloud container. PostgreSQL can also be used as well. Additionally, sqlite3 is supported, but not reccomended outside of testing and very small instances.
Pull the image and create a container. /docker can be anywhere on your host, this is just an example. Change MYSQL_ROOT_PASSWORD and MYSQL_PASSWORD values (mariadb). You may also want to change UID and GID for Nextcloud, as well as other variables (see Environment Variables).
docker pull benyanke/nextcloud:10.0 && docker pull mariadb:10
docker run -d --name db_nextcloud \
-v /docker/nextcloud/db:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=supersecretpassword \
-e MYSQL_DATABASE=nextcloud -e MYSQL_USER=nextcloud \
-e MYSQL_PASSWORD=supersecretpassword \
mariadb:10
docker run -d --name nextcloud \
--link db_nextcloud:db_nextcloud \
-v /docker/nextcloud/data:/data \
-v /docker/nextcloud/config:/config \
-v /docker/nextcloud/apps:/apps2 \
-v /docker/nextcloud/themes:/nextcloud/themes \
-e UID=1000 -e GID=1000 \
-e UPLOAD_MAX_SIZE=10G \
-e APC_SHM_SIZE=128M \
-e OPCACHE_MEM_SIZE=128 \
-e CRON_PERIOD=15m \
-e TZ=Etc/UTC \
-e ADMIN_USER=mrrobot \
-e ADMIN_PASSWORD=supercomplicatedpassword \
-e DOMAIN=cloud.example.com \
-e DB_TYPE=mysql \
-e DB_NAME=nextcloud \
-e DB_USER=nextcloud \
-e DB_PASSWORD=supersecretpassword \
-e DB_HOST=db_nextcloud \
benyanke/nextcloud:10.0
You are not obliged to use ADMIN_USER and ADMIN_PASSWORD. If these variables are not provided, you'll be able to configure your admin acccount from your browser.
Below you can find a docker-compose file, which is very useful!
Now you have to use a reverse proxy in order to access to your container through Internet, steps and details are available at the end of the README.md. And that's it! Since you already configured Nextcloud through setting environment variables, there's no setup page.
You will have to build yourself using an Alpine-ARM image, like orax/alpine-armhf:edge.
In the admin panel, you should switch from AJAX cron to cron (system cron).
Pull a newer image, then recreate the container as you did before (Setup step). None of your data will be lost since you're using external volumes. If Nextcloud performed a full upgrade, your apps could be disabled, enable them again (starting with 12.0.x, your apps are automatically enabled after an upgrade).
I advise you to use docker-compose, which is a great tool for managing containers. You can create a docker-compose.yml with the following content (which must be adapted to your needs) and then run docker-compose up -d nextcloud-db, wait some 15 seconds for the database to come up, then run everything with docker-compose up -d, that's it! On subsequent runs, a single docker-compose up -d is sufficient!
Don't copy/paste without thinking! It is a model so you can see how to do it correctly.
version: '2'
networks:
default:
driver: bridge
services:
nextcloud:
image: benyanke/nextcloud
depends_on:
- nextcloud-db # If using MySQL
- solr # If using Nextant
- redis # If using Redis
environment:
- UID=1000
- GID=1000
- UPLOAD_MAX_SIZE=10G
- APC_SHM_SIZE=128M
- OPCACHE_MEM_SIZE=128
- CRON_PERIOD=15m
- TZ=Europe/Berlin
- ADMIN_USER=admin # Don't set to configure through browser
- ADMIN_PASSWORD=admin # Don't set to configure through browser
- DOMAIN=localhost
- DB_TYPE=mysql
- DB_NAME=nextcloud
- DB_USER=nextcloud
- DB_PASSWORD=supersecretpassword
- DB_HOST=nextcloud-db
- APP_AUTO_UPDATE=1
volumes:
- /docker/nextcloud/data:/data
- /docker/nextcloud/config:/config
- /docker/nextcloud/apps:/apps2
- /docker/nextcloud/themes:/nextcloud/themes
# If using MySQL
nextcloud-db:
image: mariadb:10
volumes:
- /docker/nextcloud/db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=supersecretpassword
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_PASSWORD=supersecretpassword
# If using Nextant
solr:
image: solr:6-alpine
container_name: solr
volumes:
- /docker/nextcloud/solr:/opt/solr/server/solr/mycores
entrypoint:
- docker-entrypoint.sh
- solr-precreate
- nextant
# If using Redis
redis:
image: redis:alpine
container_name: redis
volumes:
- /docker/nextcloud/redis:/data
You can update everything with docker-compose pull followed by docker-compose up -d.
Redis can be used for distributed and file locking cache, alongside with APCu (local cache), thus making Nextcloud even more faster. As PHP redis extension is already included, all you have to is to deploy a redis server (you can do as above with docker-compose) and bind it to nextcloud in your config.php file :
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'memcache.local' => '\OC\Memcache\APCu',
'redis' => array(
'host' => 'redis',
'port' => 6379,
),
You will have to deploy a Solr server, I've shown an example above with docker-compose. Once Nextant app is installed, go to "additional settings" in your admin pannel and use http://solr:8983/solr as "Adress of your Solr Servlet". There you go!
There is a script for that, so you shouldn't bother to log into the container, set the right permissions, and so on. Just use docker exec -ti nexcloud occ command.
Of course you can use your own solution! nginx, Haproxy, Caddy, h2o, Traefik...
Whatever your choice is, you have to know that headers are already sent by the container, including HSTS, so there's no need to add them again. It is strongly recommended (I'd like to say : MANDATORY) to use Nextcloud through an encrypted connection (HTTPS). Let's Encrypt provides free SSL/TLS certificates, so you have no excuses.
You can take a look at xataz/reverse-nginx. It was made with security and ease-of-use in mind, using the latest versions of nginx and OpenSSL. It also provides SSL/TLS automation with lego, a Let's Encrypt client. Also, no need to bother about configuration files! This image does litterally everything for you.
Look at how simple it is. First, you have to add labels to your Nextcloud container, like this:
nextcloud:
...
labels:
- reverse.frontend.domain=cloud.domain.tld
- reverse.backend.port=8888
- reverse.frontend.ssl=true
- reverse.frontend.ssltype=ec384
- reverse.frontend.hsts=false
- reverse.frontend.headers=false
These labels can tell the reverse container what settings should be set when generating files/certificates for Nextcloud. Now you can add the reverse container in your docker-compose file, and you need to provide it your EMAIL (for Let's Encrypt), and bind it to the nextcloud container :
reverse:
image: xataz/reverse-nginx
container_name: reverse
ports:
- "80:8080"
- "443:8443"
environment:
- [email protected]
volumes:
- /docker/reverse/ssl:/nginx/ssl
- /var/run/docker.sock:/var/run/docker.sock
depends_on:
- nextcloud
That's it! Enjoy.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent