Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Getting Nextcloud to work under IOTstack

Getting Nextcloud to work under IOTstack

docker-compose.yml fragment

This is a docker-compose.yml that works on my Raspberry Pi 4B. Either use it as-is or copy everything except the first four and last 13 lines to the clipboard, then paste them into your existing docker-compose.yml, replacing any previous definitions for "nextcloud" and "nextcloud_db".

version: '3.6'


    container_name: nextcloud
    image: nextcloud
    restart: unless-stopped
      - MYSQL_HOST=nextcloud_db
      - MYSQL_PASSWORD=highfive
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - "9321:80"
      - ./volumes/nextcloud/html:/var/www/html
      - nextcloud_db
       - iotstack_nw
       - nextcloud_internal

    container_name: nextcloud_db
    restart: unless-stopped
      - TZ=Etc/UTC
      - PUID=1000
      - PGID=1000
      - MYSQL_ROOT_PASSWORD=wingman
      - MYSQL_PASSWORD=highfive
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - ./volumes/nextcloud/db:/config
       - nextcloud_internal

     name: IOTstack_Net
     driver: bridge
       driver: default
         - subnet:
     name: IOTstack_NextCloud
     driver: bridge
     internal: true


  1. If you are a Windows user, please do not make the mistake of copying anything from this gist and pasting it into a text editor on your Windows machine, and then moving the file to your Raspberry Pi. Unless you take precautions, Windows will add its CR+LF line endings and those will stop things from working properly on your Raspberry Pi.

  2. It is common to see docker-compose examples on the web where the database image is referenced as:

    image: mariadb

    That does not work on IOTstack! There is no image for the ARMv7 architecture.

  3. It is common to see examples where a command: directive is added to the database fragment:

    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW

    That does not work on IOTstack! The database aborts after the admin account is set up and the database container then goes into a restart loop.

  4. If you are running IOTstack "old menu", either remove or comment-out the lines to do with networks:. If you don't understand this, you are probably running "new menu", in which case you should leave everything alone.

  5. You should change the passwords:

    • The two which are currently set to "highfive" must be the same.
    • The one which is currently set to "wingman" should be different from the other two.
    • Do not waste time futzing about with randomly-generated passwords or other nonsense. Once you are sure it is all working, you can start again and get more serious about security.

pick a connection method

When Nextcloud is the container you want to talk to, your choices for accessing it from a client device (ie something other than the Raspberry Pi running Nextcloud) are:

  • a host name – eg "myrpi"

    you are responsible for setting up a name-to-IP mapping in /etc/hosts on each client

  • a fully-qualified domain name – eg ""

    you are responsible for setting up a DNS server

  • an IP address – eg ""

Notice that a multicast domain name (eg myrpi.local or raspberrypi.local) is not one of your options. Don't waste time trying to use an mDNS name. An mDNS name will not work until Nextcloud has been initialised!

Once you have picked a connection method, STICK TO IT. Don't be a host name person today, a domain name person tomorrow, and an IP address person next Tuesday. Be consistent!

Key points:

  • This only affects how you talk to Nextcloud. Everything else on your RPi and running in your IOTstack is still reachable using a full range of addressing options. Why is Nextcloud so restrictive? Beats me!
  • This is only a problem until Nextcloud is initialised. You can fix it later. See "Access through untrusted domain".


  1. Be in the correct directory:

    $ cd ~/IOTstack
  2. If the stack is running, take it down:

    $ docker-compose down
  3. Erase the persistent storage area for Nextcloud (double-check the command before you hit return):

    $ sudo rm -rf ./volumes/nextcloud

    This is done to force re-initialisation.

  4. Bring up the stack

    $ docker-compose up -d
  5. Check for errors

    Repeat the following command two or three times at 10-second intervals

    $ docker ps

    You are looking for evidence that the nextcloud and nextcloud_db containers are up and stable, and are not restarting.

  6. On a computer that is not the Raspberry Pi running Nextcloud, launch a browser and point to the Raspberry Pi running Nextcloud. Remember what I said about picking one method and sticking to it. Examples:

    • If you are using a host name in /etc/hosts:

    • If you are using a domain name:
    • If you are using an IP address:
  7. Create an admin account and then click "Finish Setup".

  8. There is a long delay, then you get a 404 error:

    Not Found
    The requested URL /index.php/core/apps/recommended was not found on this server.

    If you examine the contents of your browser's URL bar, you will find:


    That is clearly wrong and it must be a bug. Someone should probably report it. That someone is not me.

  9. Edit the URL to replace localhost with what it should be, which will be one of the following patterns, depending on which method you chose to access Nextcloud:

    • http://myrpi:9321/index.php/core/apps/recommended

    As far as I can tell, this is the only time Nextcloud misbehaves and sticks localhost in a URL.

  10. You will see the "Recommended apps" screen where the process is running down the list of apps as it loads them.

  11. Eventually, you will see the dashboard appear.

  12. Then, in a wonderful example of user-friendly UI design, the dashboard will be obscured by the "Nextcloud Hub" floating window. Keep clicking on the right-arrow button until you reach the last screen, then click "Start using Nextcloud".

Congratulations. Nextcloud is ready to roll.

"Access through untrusted domain"

Back at pick a connection method I told you to pick one method and stick to it. If you are now staring at an "access through untrusted domain" message then you probably did not heed that earlier advice.

Let's suppose the following:

  • You used raspi-config to give your Raspberry Pi the name "myrpi"
  • Your Raspberry Pi has the fixed IP address "". By "fixed" I mean it is a static binding in your DHCP server or you have configured the Pi with a static IP address.

Out of the box, the Raspberry Pi participates in multicast DNS so it will also have the mDNS name:

  • "myrpi.local"

Let's also assume you have a local Domain Name System server where your Raspberry Pi:

  • has the canonical name (A record) ""; plus
  • an alias (CNAME record) of "".

Rolling all that together, you would normally expect your Nextcloud service to be reachable at one or more of the following URLs:

  • http://myrpi.local:9321

To tell Nextcloud that all of those URLs are valid, you need to use sudo and your favourite text editor to edit this file:


Search for "trusted_domains". Then, to tell Nextcloud to trust all of the URLs above, edit the array structure like this:

  'trusted_domains' =>
  array (
    0 => '',
    1 => 'myrpi.local:9321',
    2 => '',
    3 => '',

Once you have finished editing the file, you need to restart Nextcloud:

$ cd ~/IOTstack
$ docker-compose restart nextcloud

See also Nextcloud documentation - trusted domains.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment