Nextcloud Nginx Proxy Manager in 10 Minutes!

This tutorial shows you how to easily set up Nextcloud and protect it with Nginx Proxy Manager and real SSL certs on a Linux Server. I make it fast and easy for you, so we can deploy it in about 10 Minutes.

You can use this tutorial for Cloud Environments and On-Premises. Or if you want to deploy it on a small server or raspberry pi at home. The only important requirement is that you need a DNS record pointing to the public IP address. If you’re running the server at home behind a router, you need to forward the ports 80, 81, and 443.

Docker-Compose Template

version: '3'

volumes:
  nextcloud-data:
  nextcloud-db:
  npm-data:
  npm-ssl:
  npm-db:

networks:
  frontend:
    # add this if the network is already existing!
    # external: true
  backend:

services:

  nextcloud-app:
    image: nextcloud
    restart: always
    volumes:
      - nextcloud-data:/var/www/html
    environment:
      - MYSQL_PASSWORD=replace-with-secure-password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
      - MYSQL_HOST=nextcloud-db
    networks:
      - frontend
      - backend

  nextcloud-db:
    image: mariadb
    restart: always
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    volumes:
      - nextcloud-db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=replace-with-secure-password
      - MYSQL_PASSWORD=replace-with-secure-password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
    networks:
      - backend

  npm-app:
    image: jc21/nginx-proxy-manager:latest
    restart: always
    ports:
      - "80:80"
      - "81:81"
      - "443:443"
    environment:
      - DB_MYSQL_HOST=npm-db
      - DB_MYSQL_PORT=3306
      - DB_MYSQL_USER=npm
      - DB_MYSQL_PASSWORD=replace-with-secure-password
      - DB_MYSQL_NAME=npm
    volumes:
      - npm-data:/data
      - npm-ssl:/etc/letsencrypt
    networks:
      - frontend
      - backend

  npm-db:
    image: jc21/mariadb-aria:latest
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=replace-with-secure-password
      - MYSQL_DATABASE=npm
      - MYSQL_USER=npm
      - MYSQL_PASSWORD=replace-with-secure-password
    volumes:
      - npm-db:/var/lib/mysql
    networks:
      - backend

Deployment of Nextcloud with Nginx Proxy Manager on a fresh Server

If you don’t know about Docker and Docker-Compose, make sure you check out my tutorials on YouTube. We can easily deploy the full stack with this template with Docker-Compose or Portainer Stacks.

Install Docker and Docker-Compose

You can easily install Docker and Docker-Compose by following the official instructions.

Deployment with Docker-Compose

First, let’s create a new project folder in the /opt directory.

 mkdir /opt/nextcloud
 cd /opt/nextcloud 

Copy the Docker-Compose Template to your remote server. Execute the Docker-Compose file.

docker-compose up -d

Check if all Containers are running properly.

docker-compose ps
Output of “docker-compose ps” should look like this

(Optional) Deployment of Nextcloud in existing Portainer and Nginx Proxy Manager Installation

Note, if you already have an existing Nginx Proxy Manager installation running, follow this: Remove the Nginx Proxy Manager Parts from the Compose file. Then, uncomment the line “#external: True” in the networks section, to connect the containers to your existing Docker Network. Because this should be the same name as the network, where your Nginx Proxy Manager is connected to!

Configure Nginx Proxy Manager

When all containers are up and running, you can open the Nginx Proxy Manager on port 81. Make sure you’re using HTTP and the public IP address of your server to connect. When you login the first time with the username “admin@example.com” and password “changeme”, you need to change the credentials.

Create a new Proxy Host, and fill in the domain name and connect it to the “Nextcloud-app” on port 80.

Obtain a new SSL certificate with letsencrypt.

Now you should be able to access your Nextcloud Installation in the Browser.

Performance Issues with Nextcloud

On most servers, you probably can just continue with the “Install recommended apps” checkbox enabled. But I had very bad performance issues with this setting. Because, this was caused by the Collabora Built-In CODE Server, which was automatically installed. But, what you can do about this is, uncheck the checkbox “Install recommended apps”. Then install the Collabora Online Apps manually and use the Collabora Demo Servers.

Desktop Client Sync

I also had problems with setting up the Nextcloud Desktop Client Synchronization. We need to make a change in the config/config.php file. Make sure you add this line here in the configuration file.

'overwriteprotocol' => 'https'

15 thoughts on “Nextcloud Nginx Proxy Manager in 10 Minutes!”

  1. Hi Christian

    First of all, thanks for a lot of very good content!

    I have on suggestion and one questions I hope you can help me with:

    Suggestion: In the nextcloud container you have the possibility to mount a volume for the nextcloud config (/var/www/html/config), which is described in the readme on github under persistent data.

    Question: I simply can’t understand how the NPM and NC container can communicate when you don’t bind any ports for the NC container. Can you explain how this happens?

    Thanks in advance.

    Reply
  2. This looked good but sadly just left me with a Bad Gateway 502 error from the Nextcloud and container.
    There is no way to complete setup as there is no access to the container?

    Reply
    • Bad Gateway means there is something wrong with the connection to the container. Usually you should check the IP address, DNS name or if the container is in a different network than the npm.

      Reply
  3. Thanks for providing such good content.

    I’m working with the following scenario:
    Host (Ubuntu 20.04 LTS) managed by ispconfig (with Apache) with several main domains. Works fine so far. I would like to add several apps e.g. nextcloud, suitecrm, gitlab, youtrack running in docker containers and would like to make them available for all domains. I can do that by using dedicated ports for every app and configure proxy Apache directives for each app in each domain.

    I believe a scenario based on Nginx proxy manager would be more elegant. Because of ispconfig I cannot use the ports 80, 81 and 443 for Nginx proxy manager. But when I change the ports I see “internal error” while trying to create a subdomain with ssl.

    I would appreciate any ideas how to setup my scenario without “internal error”. Thanks in advance.

    Reply
  4. Is it also possible to use port 443 for Let’s Encrypt? I can’t open port 80 on my ISP’s garbage.

    And what about using CloudFlare? What’s the most secure solution?

    Arnold

    Reply
  5. Hi Christian. Danke für die tolle Anleitung. Mein Container nextcloud_nextcloud-app_1 bekommt leider keine Internetverbindung für Updates und die Editor Installation. Wie kann diese für den Container hergestellt werden?

    Reply
  6. This is the best tutorial I’ve seen for nginx+nextcloud setup ever.
    I’ve been struggling with setting up nextcloud for several months now using nextclouds official images and examples. But your setup takes it up several notches, and makes proxy + ssl administration super easy and beautiful.

    I greatly appreciate the instructions and the code! Thank you!

    Reply

Leave a Comment

I accept the Privacy Policy