Getting Nextcloud to work under IOTstack
This is a
docker-compose.yml that works on my Raspberry Pi 4B. Either use it as-is or copy everything except the first four and last 13 lines to the clipboard, then paste them into your existing
docker-compose.yml, replacing any previous definitions for "nextcloud" and "nextcloud_db".
version: '3.6' services: nextcloud: container_name: nextcloud image: nextcloud restart: unless-stopped environment: - MYSQL_HOST=nextcloud_db - MYSQL_PASSWORD=highfive - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud ports: - "9321:80" volumes: - ./volumes/nextcloud/html:/var/www/html depends_on: - nextcloud_db networks: - iotstack_nw - nextcloud_internal nextcloud_db: container_name: nextcloud_db image: ghcr.io/linuxserver/mariadb restart: unless-stopped environment: - TZ=Etc/UTC - PUID=1000 - PGID=1000 - MYSQL_ROOT_PASSWORD=wingman - MYSQL_PASSWORD=highfive - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud volumes: - ./volumes/nextcloud/db:/config networks: - nextcloud_internal networks: iotstack_nw: name: IOTstack_Net driver: bridge ipam: driver: default config: - subnet: 10.77.60.0/24 nextcloud_internal: name: IOTstack_NextCloud driver: bridge internal: true
If you are a Windows user, please do not make the mistake of copying anything from this gist and pasting it into a text editor on your Windows machine, and then moving the file to your Raspberry Pi. Unless you take precautions, Windows will add its CR+LF line endings and those will stop things from working properly on your Raspberry Pi.
It is common to see docker-compose examples on the web where the database image is referenced as:
That does not work on IOTstack! There is no image for the ARMv7 architecture.
It is common to see examples where a
command:directive is added to the database fragment:
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
That does not work on IOTstack! The database aborts after the admin account is set up and the database container then goes into a restart loop.
If you are running IOTstack "old menu", either remove or comment-out the lines to do with
networks:. If you don't understand this, you are probably running "new menu", in which case you should leave everything alone.
You should change the passwords:
- The two which are currently set to "highfive" must be the same.
- The one which is currently set to "wingman" should be different from the other two.
- Do not waste time futzing about with randomly-generated passwords or other nonsense. Once you are sure it is all working, you can start again and get more serious about security.
When Nextcloud is the container you want to talk to, your choices for accessing it from a client device (ie something other than the Raspberry Pi running Nextcloud) are:
a host name – eg "myrpi"
you are responsible for setting up a name-to-IP mapping in /etc/hosts on each client
a fully-qualified domain name – eg "myrpi.mydomain.com"
you are responsible for setting up a DNS server
an IP address – eg "192.168.203.200"
Notice that a multicast domain name (eg
raspberrypi.local) is not one of your options. Don't waste time trying to use an mDNS name. An mDNS name will not work until Nextcloud has been initialised!
Once you have picked a connection method, STICK TO IT. Don't be a host name person today, a domain name person tomorrow, and an IP address person next Tuesday. Be consistent!
- This only affects how you talk to Nextcloud. Everything else on your RPi and running in your IOTstack is still reachable using a full range of addressing options. Why is Nextcloud so restrictive? Beats me!
- This is only a problem until Nextcloud is initialised. You can fix it later. See "Access through untrusted domain".
Be in the correct directory:
$ cd ~/IOTstack
If the stack is running, take it down:
$ docker-compose down
Erase the persistent storage area for Nextcloud (double-check the command before you hit return):
$ sudo rm -rf ./volumes/nextcloud
This is done to force re-initialisation.
Bring up the stack
$ docker-compose up -d
Check for errors
Repeat the following command two or three times at 10-second intervals
$ docker ps
You are looking for evidence that the
nextcloud_dbcontainers are up and stable, and are not restarting.
On a computer that is not the Raspberry Pi running Nextcloud, launch a browser and point to the Raspberry Pi running Nextcloud. Remember what I said about picking one method and sticking to it. Examples:
If you are using a host name in
If you are using a domain name:
If you are using an IP address:
Create an admin account and then click "Finish Setup".
There is a long delay, then you get a 404 error:
Not Found The requested URL /index.php/core/apps/recommended was not found on this server.
If you examine the contents of your browser's URL bar, you will find:
That is clearly wrong and it must be a bug. Someone should probably report it. That someone is not me.
Edit the URL to replace
localhostwith what it should be, which will be one of the following patterns, depending on which method you chose to access Nextcloud:
As far as I can tell, this is the only time Nextcloud misbehaves and sticks
localhostin a URL.
You will see the "Recommended apps" screen where the process is running down the list of apps as it loads them.
Eventually, you will see the dashboard appear.
Then, in a wonderful example of user-friendly UI design, the dashboard will be obscured by the "Nextcloud Hub" floating window. Keep clicking on the right-arrow button until you reach the last screen, then click "Start using Nextcloud".
Congratulations. Nextcloud is ready to roll.
Back at pick a connection method I told you to pick one method and stick to it. If you are now staring at an "access through untrusted domain" message then you probably did not heed that earlier advice.
Let's suppose the following:
- You used
raspi-configto give your Raspberry Pi the name "myrpi"
- Your Raspberry Pi has the fixed IP address "192.168.203.200". By "fixed" I mean it is a static binding in your DHCP server or you have configured the Pi with a static IP address.
Out of the box, the Raspberry Pi participates in multicast DNS so it will also have the mDNS name:
Let's also assume you have a local Domain Name System server where your Raspberry Pi:
- has the canonical name (A record) "myrpi.mydomain.com"; plus
- an alias (CNAME record) of "nextcloud.mydomain.com".
Rolling all that together, you would normally expect your Nextcloud service to be reachable at one or more of the following URLs:
To tell Nextcloud that all of those URLs are valid, you need to use
sudo and your favourite text editor to edit this file:
Search for "trusted_domains". Then, to tell Nextcloud to trust all of the URLs above, edit the array structure like this:
'trusted_domains' => array ( 0 => '192.168.203.200:9321', 1 => 'myrpi.local:9321', 2 => 'myrpi.mydomain.com:9321', 3 => 'nextcloud.mydomain.com:9321', ),
Once you have finished editing the file, you need to restart Nextcloud:
$ cd ~/IOTstack $ docker-compose restart nextcloud