I’ve tried NextCloud before and didn’t really love it and I’m now happy with a combination of syncthing and LibreOffice. But my wife wants the full google drive, with sheets, docs etc. without the google, and I think NextCloud is my best option for that.
I’m and experienced *nix admin and already have a Linux server running with both VMs and docker containers and also have a working OpenVPN setup for remote access. But I found the NextCloud setup frustrating. We had a discussion about it (here I think) and determined that this was because NextCloud would rather sell their hosted service, so they don’t go out of their way to make the self hosted option easy. I get that and don’t hold it against them at all.
But, now that I’m wanting to try it again, I’m looking for pointers to guides for setting up self hosted NextCloud. I’ve searched, but nothing I found seemed like “the one”.
You must log in or # to comment.
I found Nextcloud all in one pretty easy to install, and it’s been very stable and simple to keep running. Been up for about a year now.
It’s the nextcloud ux that I find kinda frustrating for a family use case. It’s got a hundred features you don’t want, and the ones you want don’t work as well as you’d expect them to. For example, calendar cannot subscribe to external calendars, which is oddly limiting. I don’t uses photos, I don’t use talk, and I don’t use it for mail, presence, messaging, or or most of the other stuff bundled into it. I use files, Collabora office, and notes. And while collabora is reasonably functional on desktop, it’s pretty bad on mobile. if she’s used to gdocs, and expects something similar, she’s probably not gonna like it.
J love next cloud with onlyoffice but man, onlyoffice is a huge pain in the ass to get it working stable with next cloud.
It was a pain in the ass when I set that up 10 or so years ago, and it still is today. I just set it up a few weeks ago, took me days with all the problems I had and a single reboot later again it’s broken
I think only office is probably the best web based office suite out there but they seriously need to look into fixing this connection crap
From what I’ve gathered about Nextcloud, they seem to be a fast paced rolling release model, which breaks often due to their pace.
Since I didn’t want to handhold it constantly, their forks drew my attention, OwnCloud and OpenCloud — fork from OwnCloud infinitescale — I went with OpenCloud, due to the smaller footprint required.
I’m currently using systemd container services built from the “full” docker compose version. The services I’m hosting are: OpenCloud server, Caddy as a reverse proxy and automatic cert renew, Keycloak for IDM, Collabora office, Apache Tika full version for text search and extraction and Radicale for contacts and calendar. They also recently updated to support EuroOffice.
While it has less features than NextCloud, it runs fine on a 4-core 8GB VPS, though it needs swap when starting for the first time or updating.
IIRC, next cloud is a fork from own cloud who went closed source or something. This is almost a decade ago, so take that with a grain of salt, but I remember own cloud back then pulling some corporate crap, and then next cloud came into existence
I use Docker Compose to run my Nextcloud server using the community image, which in turn lives inside an unprivileged LXC container.
compose.yaml
volumes: db: services: db: image: mariadb:lts container_name: mariadb restart: always command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW volumes: - db:/var/lib/mysql secrets: - mysql_root_password - mysql_nextcloud_password environment: - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password - MYSQL_PASSWORD_FILE=/run/secrets/mysql_nextcloud_password - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud nextcloud: image: nextcloud:latest container_name: nextcloud restart: always ports: - 8080:80 depends_on: - db volumes: - /var/www/html:/var/www/html - /srv/nextcloud:/srv environment: - MYSQL_PASSWORD_FILE=/run/secrets/mysql_nextcloud_password - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=db secrets: mysql_root_password: file: ./secrets/mysql_root_password.txt mysql_nextcloud_password: file: ./secrets/mysql_nextcloud_password.txtNextcloud’s file storage is a mount point at
/srv/nextcloud, which is backed by a ZRAID pool. The secrets are stored in files with600permissions. The web server is initially exposed on port 8080.When you run the container for the first time, it will show a first time setup dialog. You’ll have to fill it out manually, using mariadb for the database type and
dbfor the database hostname.If Nextcloud works through HTTP, you can then set up a proxy for HTTPS. I used Nginx running on the same LXC. I can’t guarantee that my config is adequately secure, use it at your own risk.
10-nextcloud.conf
upstream php-handler { server 127.0.0.1:9000; } server { listen 80; listen [::]:80; server_name nextcloud.your.domain; return 301 https://$host$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name nextcloud.your.domain; keepalive_timeout 70; client_max_body_size 32G; ssl_certificate /etc/nginx/ssl/ssl.crt; ssl_certificate_key /etc/nginx/ssl/ssl.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; fastcgi_hide_header X-Powered-By; location / { proxy_pass http://127.0.0.1:8080/; } }To allow the web app to work using the DNS name, you’ll have to edit
/var/www/html/config/config.phpand change/add these values:config.php (partial)
'trusted_domains' => array( 0 => '127.0.0.1:8080', 1 => 'nextcloud.your.domain', // 2 => whatever other addresses you want to use ), 'overwrite.cli.url' => 'https://nextcloud.your.domain/', 'overwriteprotocol' => 'https', 'overwritehost' => 'nextcloud.ng.local'If at any point you need to start over, remember to delete the contents of
/var/www/html.(edit) Forgot to mention: the web server will accept connections from all addresses, you’ll need to set up a strict firewall to only allow 443 (maybe 80) and 22.
I feel like I’ve never heard anything but complaints about the all-in-one image.
On the other hand, I’ve been using the community maintained docker image for a few years with minimal issues.
I ran it manually installed for years in a vm, then an LXC. It broke…a lot.
Then I ran it as docker containers with MySQL for a few years. It broke…less-ish.
Then I ran the AIO container. It was (and is) quite irritating because it’s so opinionated compared to regular docker containers. However, it hasn’t broken. It works pretty well. It’s faster than my old install and the office stuff seems to work better. However…want to do something different to the way Nextcloud AIO recommends? Nah, fuck you go kludge something together. You kinda have to do stuff their way, including things like backups.
It’s annoying to have all my other compose containers work with volumes and similar settings and Nextcloud be kinda its own thing, but I’m sticking with the AIO container. Takes a while to set up, but at least the documentation can’t be accused of being sparse.
That’s been my experience anyway. I’m sure smarter people than me have managed to bend it to their will a bit more.
I run nextcloud in a collection of vms, nginx with SSL offloading, php-fpm, mariaDB and a docker host. Its rock solid and is a full google replacment, with office and even an RSS reader.
https://homelab.horwood.biz/?nextcloud
Please let me know if you need more words
Nice blog. Bookmarked.
I currently run the official Nextcloud-AIO. No issues once I got the reverse proxy figured out. That was a bit of a pain at the time. Caddy hadn’t yet become a popular choice for reverse proxies.
I will say that Nextcloud really wants dedicated hardware, not a VM, or proformance will suffer. Still useable but it tends to to be a bit slower. Can’t vouch for the office suite as I just don’t use it.
what does your name mean ? just curious :)
It’s all good. The name came out a random name generator a while back. I liked the name enough that I started using it generally for my fediverse presence. No meaning beyond that.
Oh nice. I like it !
I currently run it in Kubernetes but I just translated my existing Docker setup to it. I recommend setting up PostgreSQL and Redis if you can for the best performance, but SQLite and no-cache-approach is also fine for the beginning (you just run a single container).
That being said, I think Nextcloud is not very cloud-native. I set up Redis just so I can do rolling updates with zero downtime (filesystem locks are kept in Redis’ memory instead of the app’s own), but I still get some server errors for a brief moment during updates (for less than 10 seconds).
Were you using the Nextcloud AIO? I’ve used every method of installing NC over the last decade+ and the AIO is painless to install and maintain.
I tried the AIO, the standalone community maintained one, and had problems with both of them. I could get them running, but the second ANYTHING changed, it would break. I kept having permissions issues, networking issues, and all sorts of random issues.
I ended up using the Linuxserver.io one and have had no issues since then.
I don’t know how much if it is a skill issue on my part, but I have had the Linuxserver.io running for a while now with no issues.
What do you mean by ‘anything changed’? I only ask because I installed the AIO and haven’t had an issue. Admittedly we’re only using it for file sharing, the defaults were pretty much left as is. Does it tend to shit the bed the more non-default stuff is enabled or installed?
I think a lot of it stems from ACL issues, cause I run it on a TrueNAS machine. If I pointed any other container even near it, it would do weird stuff with the permissions. I was also using docker volumes (because it wouldn’t let me hard mount the db mounts on the machine) and it would randomly seem to wipe them? That may have been more of a user error issue.
I tried it literally as default as possible and couldn’t get the permissions working correctly, I did also try the ultra-manual install and had slightly better results, but it still stopped working randomly. I also had some random issues with networking but I got those figured out eventually.
Can you elaborate on what you didn’t like about what you’ve seen so far? I imagine most guides advise you to spin up an AIO instance of nextcloud in docker.
I gave up on having a stable Nextcloud instance. I went with Hetzner instead and got Onlyoffice working with it: https://www.hetzner.com/storage/storage-share/
I use it in truenas with no issues. Might be worth it to spin up a vm and run it that way.
