[Support] Linuxserver.io - Nextcloud


Recommended Posts

Ok, have added sudo to the container.  So update your container.

 

So this should work to enable you to run occ..

 

docker exec -it nextcloud bash
sudo -u abc php /config/www/nextcloud/occ

 

Just remember as stated on the first post, we're not supporting migrations from Owncloud, so you're on your own...  ;)

 

Thanks CHBMB!

 

This is how I updated my container (correct me if there's a better way)

 

Remove nextcloud container. (nc $ = nextcloud container terminal)

nc $ docker rm nextcloud

Then 'Add Container' from unraid's Docker interface, selected my-nextcloud template and then 'Create'.

Link to comment

So next2wire's post is good but here is a rough guide on how I modified mine using what he wrote. For reference I bought a 3 year SSL certificiate off ssls.com for the below. This is a rough guide on how to setup SSL for the Nextcloud Docker and get a A+ rating on ssllabs.com Commands/directories are bolded below.

 

Stop the nextcloud docker.

Navigate to the nextcloud keys folder, in my case:

/mnt/user/appdata/nextcloud/keys

Remove/rename the current cert.key and cert.crt files.

Run this command:

openssl req -nodes -newkey rsa:2048 -keyout cert.key -out cert.csr

Follow the wizard through to generate your cert.csr and cert.key. Use the cert.csr to activate your newly purchased SSL cert with ssls.com

Using the SSL cert information make a file called cert.crt using the SSL cert and another called inter.crt with the intermediate CA.

Run this command to concatenate the two new files:

cat cert.crt inter.crt >> cert.pem

Now run this command as well:

openssl dhparam -out dhparam.pem 2048

Now navigate to the Nginx configuration for the Nextcloud site, in my case:

/mnt/user/appdata/nextcloud/nginx/site-confs

Modify the file simply called:

default

 

Below is a copy of the first 46 lines of my Nginx file, the parts bolded are one I have added to the config file or changed. Matching yours should work:

 

upstream php-handler {

  server 127.0.0.1:9000;

# server unix:/var/run/php/php7.0-fpm.sock;

}

 

server {

  listen 80;

  server_name _;

  # enforce https

  return 301 https://$server_name$request_uri;

}

 

server {

  listen 443 ssl;

  server_name _;

 

  ssl_certificate /config/keys/cert.pem;

  ssl_certificate_key /config/keys/cert.key;

 

  ### Add Diffie–Hellman key exchange ###

  ssl_dhparam /config/keys/dhparam.pem;

 

  ### Disable SSL by enforcing TLS ###

  ssl_protocols    TLSv1 TLSv1.1 TLSv1.2;

 

  ### Add some ciphers and reject weaker ones ###

  ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";

  ssl_prefer_server_ciphers on;

  ssl_session_cache  shared:SSL:10m;

  ssl_session_timeout  10m;

  ssl_verify_depth 2;

  # Add headers to serve security related headers

  add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

  add_header X-Content-Type-Options nosniff;

  add_header X-Frame-Options "SAMEORIGIN";

  add_header X-XSS-Protection "1; mode=block";

  add_header X-Robots-Tag none;

  add_header X-Download-Options noopen;

  add_header X-Permitted-Cross-Domain-Policies none;

 

  # Path to the root of your installation

  root /config/www/nextcloud/;

  # set max upload size

  client_max_body_size 10G;

  fastcgi_buffers 64 4K;

 

 

Now start the docker and verify its working, once this is complete check your URL on https://www.ssllabs.com

Link to comment
  • 2 weeks later...

Hi, using the NextCloud docker.  First, it's still see 9.0.51 as the latest, but NextCloud stable is 9.0.53.  Small issue, don't really care about the version.

 

My real issue is that I added the Local External Storage to one of my Mount and it doesn't allow re-sharing (the share option is disable).  I check the "administration" page, and the re-sharing option is enable...

 

I can share something that I put in the Root or in a folder I create in the nextcloud, but just not the one from any "share" from the Local External Storage.

 

Thanks !

Link to comment

I pulled the latest image and checked the version, but it is still on the .52 release....

 

Should it have updated to .53?

 

Not sure if I need to do anything to get it to update versions....any feedback would be appreciated.

 

Thanks!

 

no it won't update the files as they're outside the docker, as for updating itself, i don't know if the webui update feature works or not.

 

but as the title bar says

 

(Beta)
Link to comment

I pulled the latest image and checked the version, but it is still on the .52 release....

 

Should it have updated to .53?

 

Not sure if I need to do anything to get it to update versions....any feedback would be appreciated.

 

Thanks!

 

 

no it won't update the files as they're outside the docker, as for updating itself, i don't know if the webui update feature works or not.

 

but as the title bar says

 

(Beta)

 

 

OK..thank you for the info....

 

Doesn't seem like the webui update feature works yet.

Link to comment

Do you guys have an internal criteria for what needs to happen to have a beta docker be made into a full time docker?

 

It needs to be stable, something that isn't going to break every five minutes (either for the end-user or with every little update from upstream), that is robust enough that end-users can't break it every five minutes otherwise support becomes an even bigger headache...

Link to comment

Do you guys have an internal criteria for what needs to happen to have a beta docker be made into a full time docker?

 

It needs to be stable, something that isn't going to break every five minutes (either for the end-user or with every little update from upstream), that is robust enough that end-users can't break it every five minutes otherwise support becomes an even bigger headache...

 

Makes sense. From my side this Docker has been very stable, any problems I've had can be put down to me or load on the server at the time. Just my two cents, thanks for everyones work on this.

Link to comment

Does anybody have this running behind the lsio apache docker with ssl reverse proxy? I'm poking around trying to at least get the webroot overwrite working inside my network, but I can't even get that far.

 

This shows my config.

Got it, thanks! The pieces that were missing was the SSL redirect stuff. I ASSumed since all my other proxied websites were fine, that I didn't need the other SSL lines.

 

In hindsight, I probably wouldn't need them if I had inserted my SSL stuff into the nextcloud config instead of leaving the self signed lsio certificates in place.

 

I'm still learning. When I quit learning, I hope it's because I'm dead.  ;D

Link to comment

Anybody played with this yet?

 

https://nextcloud.com/collaboraonline/

 

 

i personally wouldn't touch it with a barge pole. it seems to need access to the underlying file system.....

 

"This docker image does not work on Ubuntu 14.04 LTS, because Ubuntu 14.04 LTS has missing kernel compile option CONFIG_AUFS_XATTR=y, which is leading to setcap not working on docker’s aufs storage. Upstream bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1557776"

 

i really don't like images that do things like that......

Link to comment

Anybody played with this yet?

 

https://nextcloud.com/collaboraonline/

 

 

i personally wouldn't touch it with a barge pole. it seems to need access to the underlying file system.....

 

"This docker image does not work on Ubuntu 14.04 LTS, because Ubuntu 14.04 LTS has missing kernel compile option CONFIG_AUFS_XATTR=y, which is leading to setcap not working on docker’s aufs storage. Upstream bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1557776"

 

i really don't like images that do things like that......

 

Barge pole...hmm never head that one

 

Link to comment

Hi CHBMB,

 

Thanks for the easy to follow write-up. I'm having an issue. I followed your guide exactly, this is my first time installing either mariaDB or Nextcloud. I didn't previously have an Owncloud install. When I'm at the Next Cloud setup screen and enter all my data, i get the following error (attached). I also attached the custom.cnf screenshot. I'm using Ubuntu, so I don't think there is any issues with how i edited the file (I used Gpedit, and confirmed it looks fine under VIM). I restarted MariaDB after changing the custom.cnf.

 

Any thoughts?

 

Edit: I'm getting this in the maraidb logs: "Warning: World-writable config file '/etc/mysql/conf.d/custom.cnf' is ignored"

 

Edit2: Got it working. Had to chmod 664 the custom.cnf file and restart mariadb.

nextcloud.png.b8904942c8b91d3bde7f3fab735aacdf.png

customcnf.png.2fc2fa9502b84346197f23dd0dcef70e.png

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.