-
-
Save miklobit/607ea46d55e433ad8ef090c90e6e6ff1 to your computer and use it in GitHub Desktop.
Setting up Nextcloud behind Traefik in Docker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "2" | |
services: | |
# Reverse Proxy and Let's Encrypt | |
traefik: | |
container_name: traefik | |
image: traefik:alpine | |
restart: always | |
networks: | |
- srv | |
ports: | |
- 80:80 | |
- 443:443 | |
volumes: | |
- /opt/traefik/traefik.toml:/traefik.toml | |
- /var/run/docker.sock:/var/run/docker.sock | |
- /opt/traefik/acme.json:/acme.json | |
# NextCloud | |
nextcloud: | |
container_name: nextcloud | |
image: nextcloud | |
hostname: cloud.yourdomain.tld | |
restart: always | |
networks: | |
- srv | |
- dbnet | |
ports: | |
- "8081:80" | |
links: | |
- db | |
volumes: | |
- nextcloud:/var/www/html | |
labels: | |
- traefik.enable=true | |
- traefik.port=80 | |
- traefik.frontend.rule=Host:cloud.your-domain.tld | |
- traefik.docker.network=traefik_srv | |
- traefik.frontend.entryPoints=https | |
- traefik.frontend.headers.STSSeconds=315360000 | |
- traefik.frontend.headers.referrerPolicy=no-referrer | |
db: | |
container_name: nextcloud-db | |
image: mariadb | |
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW | |
restart: always | |
networks: | |
- dbnet | |
volumes: | |
- db:/var/lib/mysql | |
environment: | |
- MYSQL_ROOT_PASSWORD=[Enter a password here!!] | |
- MYSQL_PASSWORD=[Enter a password here!!] | |
- MYSQL_DATABASE=nextcloud | |
- MYSQL_USER=nextcloud | |
volumes: | |
nextcloud: | |
db: | |
networks: | |
srv: | |
dbnet: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This docker-compose setup opens a port for directly accessing your Nextcloud container, but also puts it behind Traefik to be accessed | |
from the domain. When you initially access Nextcloud, you will create your username and password, but make sure to click on the | |
little arrow below to configure an external database. You can use the sqlite database that comes stock within the Nextcloud image, | |
however Nextcloud themselves recommends running an external database as sqlite has performance limitations. | |
Finally, I ran into an issue where accessing the Nextcloud page through the Traefik proxy lead me to an error message saying | |
I was accessing it through an Untrusted Domain. To configure your URL, you must edit the config.php file inside your Nextcloud | |
named volume. | |
I used a text editor like vim or nano to alter the config.php file directly. Initially the file will look like this: | |
'trusted_domains' => | |
array ( | |
0 => 'my_ip_address:port', | |
), | |
You will simply need to add a new line to the array as such (obviously replacing the text with your specific domain): | |
'trusted_domains' => | |
array ( | |
0 => 'my_ip_address:port', | |
1 => 'subdomain.yourdomain.tld', | |
), |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ nano /var/lib/docker/volumes/[volume_name]/_data/config/config.php | |
<?php | |
$CONFIG = array ( | |
'htaccess.RewriteBase' => '/', | |
'memcache.local' => '\\OC\\Memcache\\APCu', | |
'apps_paths' => | |
array ( | |
0 => | |
array ( | |
'path' => '/var/www/html/apps', | |
'url' => '/apps', | |
'writable' => false, | |
), | |
1 => | |
array ( | |
'path' => '/var/www/html/custom_apps', | |
'url' => '/custom_apps', | |
'writable' => true, | |
), | |
), | |
'instanceid' => 'REDACTED', | |
'passwordsalt' => 'REDACTED', | |
'secret' => 'REDACTED', | |
'trusted_domains' => | |
array ( | |
0 => 'my_ip_address:port', | |
1 => 'subdomain.yourdomain.tld', | |
), | |
'datadirectory' => '/var/www/html/data', | |
'dbtype' => 'mariadb', | |
'version' => '16.0.0.9', | |
'overwrite.cli.url' => 'http://my_ip_address:port', | |
'installed' => true, | |
); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment