In the clouds with nextcloud over SSL--the easy way
Posted: Tue Dec 24, 2019 4:14 pm
Nextcloud https://nextcloud.com/ is a nice enough platform for file sharing and more.
There are also many many plugins that enable video conferencing,calling and many many more.
It is a private cloud storage server like google drive but it is hosted in your machine.
Having installed next cloud you can access your files locally from your local network or globally through the internet(if you configure SSL encryption).
Installing a next cloud server on a web server and then configuring SSL etc is a rather involved process which will take a lot of time and effort to make it work properly.
FORTUNATELY there is the easy way of achieving precisely this with no sweat.
Things you will need:
1)Yor own FREE DynamicDNS Domain from Dynu Dns https://www.dynu.com/
2)Capability to port forward 80:80 and 443:443 in your router.
3)A running Docker instance.
Lets start.
Step 1
Navigate to Dynu Dns and register a domain or two.(You can register up to 4 domains freely).
Dynu is a fantastic solution,very reliable and packed with features.
Next install the Dynu Dns Google Chrome extension that will keep your domains tuned to your external IP(Most home external IPs change on a frequent basis).
https://www.dynu.com/DynamicDNS/IPUpdat ... -Extension
Configure it and then press the Dynu button on the Chrome interface to update your domains.
NOTE:When you first register a domain it might take from a few hours to a day or two for the new dns records to propagate.
So from time to time keep pinging your new dynu domain until it finally answers.
After that you can move on.
Step 2
VERY IMPORTANT!!!!
Navigate to your routers home page(192.168.1.1,192.168.2.1 or etc--consult your router manual)
and allow port-forwarding these ports
80:80
443:443
TO YOUR COMPUTER IP ADDRESS(INTERNAL IP)
Consult your router manual how to achieve this
NOTE You might need to also open port 80 and 443 in your firewall.I think MX uses ufw.Ckeck out please how to open these two ports.
Step 3
run su -
run mkdir -p /root/docker/nextcloud && cd /root/docker/nextcloud
run apt update && apt install docker.io git docker-compose
run git clone https://github.com/nextcloud/docker
run cd /root/docker/nextcloud/docker/.examples/docker-compose/with-nginx-proxy/mariadb/apache
run mv docker-compose.yml docker-compose.yml.bak
run nano docker-compose.yml
VERY IMPORTANT Please fill the fields I indicated with your entries being veeeeeryyyyy careful about NOT NEVER using tabs only spaces. .yml files are very particular about this.
Actually they are a bit disgusting about how temperamental they can be.
When finished save the file and run:
Now you migh wish to to turn off port forwarding 80:80 on your router.This was only necessary for issuing the Letsencrypt SSL certificates but not needed now.
However please keep the 443:443 open.
That's It!!!
Please wait until docker does its magic and then open a browser and navigate to
If all went smoothly you will see the login page of nextcloud.
Do NOT use the default sqlite db BUT rather press the mysql-mariadb button and
Keeping the db "host" as "db" enter the rest of details according to your choices in the "docker-compose.yml file"
When finished, at the top op the page give an admin user and a password for him and LOGIN
Thats it really.
Enjoy your own personal cloud over SSL accesible from EVERYWHERE to upload/download files +++++many many more things.
NOTE: If fore some reason you get some crazy error just run "docker system prune --all" and repeat the process.It is bound to work flawlessly eventually.
There are also many many plugins that enable video conferencing,calling and many many more.
It is a private cloud storage server like google drive but it is hosted in your machine.
Having installed next cloud you can access your files locally from your local network or globally through the internet(if you configure SSL encryption).
Installing a next cloud server on a web server and then configuring SSL etc is a rather involved process which will take a lot of time and effort to make it work properly.
FORTUNATELY there is the easy way of achieving precisely this with no sweat.
Things you will need:
1)Yor own FREE DynamicDNS Domain from Dynu Dns https://www.dynu.com/
2)Capability to port forward 80:80 and 443:443 in your router.
3)A running Docker instance.
Lets start.
Step 1
Navigate to Dynu Dns and register a domain or two.(You can register up to 4 domains freely).
Dynu is a fantastic solution,very reliable and packed with features.
Next install the Dynu Dns Google Chrome extension that will keep your domains tuned to your external IP(Most home external IPs change on a frequent basis).
https://www.dynu.com/DynamicDNS/IPUpdat ... -Extension
Configure it and then press the Dynu button on the Chrome interface to update your domains.
NOTE:When you first register a domain it might take from a few hours to a day or two for the new dns records to propagate.
So from time to time keep pinging your new dynu domain until it finally answers.
After that you can move on.
Step 2
VERY IMPORTANT!!!!
Navigate to your routers home page(192.168.1.1,192.168.2.1 or etc--consult your router manual)
and allow port-forwarding these ports
80:80
443:443
TO YOUR COMPUTER IP ADDRESS(INTERNAL IP)
Consult your router manual how to achieve this
NOTE You might need to also open port 80 and 443 in your firewall.I think MX uses ufw.Ckeck out please how to open these two ports.
Step 3
run su -
run mkdir -p /root/docker/nextcloud && cd /root/docker/nextcloud
run apt update && apt install docker.io git docker-compose
run git clone https://github.com/nextcloud/docker
run cd /root/docker/nextcloud/docker/.examples/docker-compose/with-nginx-proxy/mariadb/apache
run mv docker-compose.yml docker-compose.yml.bak
run nano docker-compose.yml
Code: Select all
version: '3'
services:
db:
image: mariadb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: always
volumes:
- db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=<pick-a-root-password>
- MYSQL_DATABASE=<name-your-db>
- MYSQL_PASSWORD=<pick-a-user-passwd>
- MYSQL_USER=<pick-a-user>
env_file:
- db.env
app:
image: nextcloud:apache
restart: always
volumes:
- nextcloud:/var/www/html
environment:
- VIRTUAL_HOST=<your-dynu-domain>
- LETSENCRYPT_HOST=<your-dynu-domain>
- LETSENCRYPT_EMAIL=<your-email>
- MYSQL_HOST=db
env_file:
- db.env
depends_on:
- db
networks:
- proxy-tier
- default
proxy:
build: ./proxy
restart: always
ports:
- 80:80
- 443:443
labels:
com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
volumes:
- certs:/etc/nginx/certs:ro
- vhost.d:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
networks:
- proxy-tier
letsencrypt-companion:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
volumes:
- certs:/etc/nginx/certs
- vhost.d:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- proxy-tier
depends_on:
- proxy
volumes:
db:
nextcloud:
certs:
vhost.d:
html:
networks:
proxy-tier:
VERY IMPORTANT Please fill the fields I indicated with your entries being veeeeeryyyyy careful about NOT NEVER using tabs only spaces. .yml files are very particular about this.
Actually they are a bit disgusting about how temperamental they can be.
When finished save the file and run:
Code: Select all
docker-compose up -d
However please keep the 443:443 open.
That's It!!!
Please wait until docker does its magic and then open a browser and navigate to
Code: Select all
https://<your-dynu-domain>
If all went smoothly you will see the login page of nextcloud.
Do NOT use the default sqlite db BUT rather press the mysql-mariadb button and
Keeping the db "host" as "db" enter the rest of details according to your choices in the "docker-compose.yml file"
When finished, at the top op the page give an admin user and a password for him and LOGIN
Thats it really.
Enjoy your own personal cloud over SSL accesible from EVERYWHERE to upload/download files +++++many many more things.
NOTE: If fore some reason you get some crazy error just run "docker system prune --all" and repeat the process.It is bound to work flawlessly eventually.