Jump to content
linuxserver.io

[Support] Linuxserver.io - Nextcloud

2044 posts in this topic Last Reply

Recommended Posts

Ok, have added sudo to the container.  So update your container.

 

So this should work to enable you to run occ..

 

docker exec -it nextcloud bash
sudo -u abc php /config/www/nextcloud/occ

 

Just remember as stated on the first post, we're not supporting migrations from Owncloud, so you're on your own...  ;)

 

Thanks CHBMB!

 

This is how I updated my container (correct me if there's a better way)

 

Remove nextcloud container. (nc $ = nextcloud container terminal)

nc $ docker rm nextcloud

Then 'Add Container' from unraid's Docker interface, selected my-nextcloud template and then 'Create'.

Share this post


Link to post

You can just check for updates in the webui and do it all via the webui....

 

Sent from my LG-H815 using Tapatalk

 

 

Share this post


Link to post

So next2wire's post is good but here is a rough guide on how I modified mine using what he wrote. For reference I bought a 3 year SSL certificiate off ssls.com for the below. This is a rough guide on how to setup SSL for the Nextcloud Docker and get a A+ rating on ssllabs.com Commands/directories are bolded below.

 

Stop the nextcloud docker.

Navigate to the nextcloud keys folder, in my case:

/mnt/user/appdata/nextcloud/keys

Remove/rename the current cert.key and cert.crt files.

Run this command:

openssl req -nodes -newkey rsa:2048 -keyout cert.key -out cert.csr

Follow the wizard through to generate your cert.csr and cert.key. Use the cert.csr to activate your newly purchased SSL cert with ssls.com

Using the SSL cert information make a file called cert.crt using the SSL cert and another called inter.crt with the intermediate CA.

Run this command to concatenate the two new files:

cat cert.crt inter.crt >> cert.pem

Now run this command as well:

openssl dhparam -out dhparam.pem 2048

Now navigate to the Nginx configuration for the Nextcloud site, in my case:

/mnt/user/appdata/nextcloud/nginx/site-confs

Modify the file simply called:

default

 

Below is a copy of the first 46 lines of my Nginx file, the parts bolded are one I have added to the config file or changed. Matching yours should work:

 

upstream php-handler {

  server 127.0.0.1:9000;

# server unix:/var/run/php/php7.0-fpm.sock;

}

 

server {

  listen 80;

  server_name _;

  # enforce https

  return 301 https://$server_name$request_uri;

}

 

server {

  listen 443 ssl;

  server_name _;

 

  ssl_certificate /config/keys/cert.pem;

  ssl_certificate_key /config/keys/cert.key;

 

  ### Add Diffie–Hellman key exchange ###

  ssl_dhparam /config/keys/dhparam.pem;

 

  ### Disable SSL by enforcing TLS ###

  ssl_protocols    TLSv1 TLSv1.1 TLSv1.2;

 

  ### Add some ciphers and reject weaker ones ###

  ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";

  ssl_prefer_server_ciphers on;

  ssl_session_cache  shared:SSL:10m;

  ssl_session_timeout  10m;

  ssl_verify_depth 2;

  # Add headers to serve security related headers

  add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

  add_header X-Content-Type-Options nosniff;

  add_header X-Frame-Options "SAMEORIGIN";

  add_header X-XSS-Protection "1; mode=block";

  add_header X-Robots-Tag none;

  add_header X-Download-Options noopen;

  add_header X-Permitted-Cross-Domain-Policies none;

 

  # Path to the root of your installation

  root /config/www/nextcloud/;

  # set max upload size

  client_max_body_size 10G;

  fastcgi_buffers 64 4K;

 

 

Now start the docker and verify its working, once this is complete check your URL on https://www.ssllabs.com

Share this post


Link to post

Hi, using the NextCloud docker.  First, it's still see 9.0.51 as the latest, but NextCloud stable is 9.0.53.  Small issue, don't really care about the version.

 

My real issue is that I added the Local External Storage to one of my Mount and it doesn't allow re-sharing (the share option is disable).  I check the "administration" page, and the re-sharing option is enable...

 

I can share something that I put in the Root or in a folder I create in the nextcloud, but just not the one from any "share" from the Local External Storage.

 

Thanks !

Share this post


Link to post

I pulled the latest image and checked the version, but it is still on the .52 release....

 

Should it have updated to .53?

 

Not sure if I need to do anything to get it to update versions....any feedback would be appreciated.

 

Thanks!

Share this post


Link to post

I pulled the latest image and checked the version, but it is still on the .52 release....

 

Should it have updated to .53?

 

Not sure if I need to do anything to get it to update versions....any feedback would be appreciated.

 

Thanks!

 

no it won't update the files as they're outside the docker, as for updating itself, i don't know if the webui update feature works or not.

 

but as the title bar says

 

(Beta)

Share this post


Link to post

I pulled the latest image and checked the version, but it is still on the .52 release....

 

Should it have updated to .53?

 

Not sure if I need to do anything to get it to update versions....any feedback would be appreciated.

 

Thanks!

 

 

no it won't update the files as they're outside the docker, as for updating itself, i don't know if the webui update feature works or not.

 

but as the title bar says

 

(Beta)

 

 

OK..thank you for the info....

 

Doesn't seem like the webui update feature works yet.

Share this post


Link to post

What sparklyballs means to say is

 

"We will be staying on the stable path if this container makes it past the beta stage"

 

I've put him back in his cage now, it's safe, everyone can come back out....  ;D

Share this post


Link to post

Do you guys have an internal criteria for what needs to happen to have a beta docker be made into a full time docker?

Share this post


Link to post

Do you guys have an internal criteria for what needs to happen to have a beta docker be made into a full time docker?

 

It needs to be stable, something that isn't going to break every five minutes (either for the end-user or with every little update from upstream), that is robust enough that end-users can't break it every five minutes otherwise support becomes an even bigger headache...

Share this post


Link to post

Do you guys have an internal criteria for what needs to happen to have a beta docker be made into a full time docker?

 

It needs to be stable, something that isn't going to break every five minutes (either for the end-user or with every little update from upstream), that is robust enough that end-users can't break it every five minutes otherwise support becomes an even bigger headache...

 

Makes sense. From my side this Docker has been very stable, any problems I've had can be put down to me or load on the server at the time. Just my two cents, thanks for everyones work on this.

Share this post


Link to post

Does anybody have this running behind the lsio apache docker with ssl reverse proxy? I'm poking around trying to at least get the webroot overwrite working inside my network, but I can't even get that far.

Share this post


Link to post

I do Jonathan, I'll try and post my config later when I get home from work.  But it's identical to how Owncloud is set up.

 

Sent from my LG-H815 using Tapatalk

 

 

Share this post


Link to post

Does anybody have this running behind the lsio apache docker with ssl reverse proxy? I'm poking around trying to at least get the webroot overwrite working inside my network, but I can't even get that far.

 

This shows my config.

Share this post


Link to post

Does anybody have this running behind the lsio apache docker with ssl reverse proxy? I'm poking around trying to at least get the webroot overwrite working inside my network, but I can't even get that far.

 

This shows my config.

Got it, thanks! The pieces that were missing was the SSL redirect stuff. I ASSumed since all my other proxied websites were fine, that I didn't need the other SSL lines.

 

In hindsight, I probably wouldn't need them if I had inserted my SSL stuff into the nextcloud config instead of leaving the self signed lsio certificates in place.

 

I'm still learning. When I quit learning, I hope it's because I'm dead.  ;D

Share this post


Link to post

Does anybody have this running behind the lsio apache docker with ssl reverse proxy? I'm poking around trying to at least get the webroot overwrite working inside my network, but I can't even get that far.

 

This shows my config.

 

Awesome write up

Share this post


Link to post

Anybody played with this yet?

 

https://nextcloud.com/collaboraonline/

 

 

i personally wouldn't touch it with a barge pole. it seems to need access to the underlying file system.....

 

"This docker image does not work on Ubuntu 14.04 LTS, because Ubuntu 14.04 LTS has missing kernel compile option CONFIG_AUFS_XATTR=y, which is leading to setcap not working on docker’s aufs storage. Upstream bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1557776"

 

i really don't like images that do things like that......

Share this post


Link to post

Anybody played with this yet?

 

https://nextcloud.com/collaboraonline/

 

 

i personally wouldn't touch it with a barge pole. it seems to need access to the underlying file system.....

 

"This docker image does not work on Ubuntu 14.04 LTS, because Ubuntu 14.04 LTS has missing kernel compile option CONFIG_AUFS_XATTR=y, which is leading to setcap not working on docker’s aufs storage. Upstream bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1557776"

 

i really don't like images that do things like that......

 

Barge pole...hmm never head that one

 

Share this post


Link to post

It's a British phrase.

 

Sent from my LG-H815 using Tapatalk

 

 

Share this post


Link to post

Hi CHBMB,

 

Thanks for the easy to follow write-up. I'm having an issue. I followed your guide exactly, this is my first time installing either mariaDB or Nextcloud. I didn't previously have an Owncloud install. When I'm at the Next Cloud setup screen and enter all my data, i get the following error (attached). I also attached the custom.cnf screenshot. I'm using Ubuntu, so I don't think there is any issues with how i edited the file (I used Gpedit, and confirmed it looks fine under VIM). I restarted MariaDB after changing the custom.cnf.

 

Any thoughts?

 

Edit: I'm getting this in the maraidb logs: "Warning: World-writable config file '/etc/mysql/conf.d/custom.cnf' is ignored"

 

Edit2: Got it working. Had to chmod 664 the custom.cnf file and restart mariadb.

nextcloud.png.b8904942c8b91d3bde7f3fab735aacdf.png

customcnf.png.2fc2fa9502b84346197f23dd0dcef70e.png

Share this post


Link to post

When I installed MariaDB (which until today I have had no experience), it did not ask me to select a password.  I followed the guide, which is awesome BTW, I just appear to dumb to follow it.

 

Also, do I need to set up the Apache server, or is that an optional step?

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now