This tutorial shows you how to easily set-up Nextcloud and protect it with Nginx Proxy Manager and real SSL certs on a Linux Server. I make it fast and easy for you, so we can deploy it in about 10 Minutes.
You can use this tutorial for Cloud Environments and On-Premises. Or if you want to deploy it on a small server or raspberry pi at home. The only important requirement is that you need a DNS record pointing to the public IP address. If you’re running the server at home behind a router, you need to forward the ports 80, 81, and 443.
version: '3' volumes: nextcloud-data: nextcloud-db: npm-data: npm-ssl: npm-db: networks: frontend: # add this if the network is already existing! # external: true backend: services: nextcloud-app: image: nextcloud restart: always volumes: - nextcloud-data:/var/www/html environment: - MYSQL_PASSWORD=replace-with-secure-password - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=nextcloud-db networks: - frontend - backend nextcloud-db: image: mariadb restart: always command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW volumes: - nextcloud-db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=replace-with-secure-password - MYSQL_PASSWORD=replace-with-secure-password - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud networks: - backend npm-app: image: jc21/nginx-proxy-manager:latest restart: always ports: - "80:80" - "81:81" - "443:443" environment: - DB_MYSQL_HOST=npm-db - DB_MYSQL_PORT=3306 - DB_MYSQL_USER=npm - DB_MYSQL_PASSWORD=replace-with-secure-password - DB_MYSQL_NAME=npm volumes: - npm-data:/data - npm-ssl:/etc/letsencrypt networks: - frontend - backend npm-db: image: jc21/mariadb-aria:latest restart: always environment: - MYSQL_ROOT_PASSWORD=replace-with-secure-password - MYSQL_DATABASE=npm - MYSQL_USER=npm - MYSQL_PASSWORD=replace-with-secure-password volumes: - npm-db:/var/lib/mysql networks: - backend
Deployment of Nextcloud with Nginx Proxy Manager on a fresh Server
Install Docker and Docker-Compose
You can easily install Docker and Docker-Compose by following the official instructions.
Deployment with Docker-Compose
First, let’s create a new project folder in the /opt directory.
mkdir /opt/nextcloud cd /opt/nextcloud
Copy the Docker-Compose Template to your remote server. Execute the Docker-Compose file.
docker-compose up -d
Check if all Containers are running properly.
(Optional) Deployment of Nextcloud in existing Portainer and Nginx Proxy Manager Installation
Note, if you already have an existing Nginx Proxy Manager installation running, follow this: Remove the Nginx Proxy Manager Parts from the Compose file. Then, uncomment the line “#external: True” in the networks section, to connect the containers to your existing Docker Network. Because this should be the same name as the network, where your Nginx Proxy Manager is connected to!
Configure Nginx Proxy Manager
When all containers are up and running, you can open the Nginx Proxy Manager on port 81. Make sure you’re using HTTP and the public IP address of your server to connect. When you login the first time with the username “firstname.lastname@example.org” and password “changeme”, you need to change the credentials.
Create a new Proxy Host, and fill in the domain name and connect it to the “Nextcloud-app” on port 80.
Obtain a new SSL certificate with letsencrypt.
Now you should be able to access your Nextcloud Installation in the Browser.
Performance Issues with Nextcloud
On most servers, you probably can just continue with the “Install recommended apps” checkbox enabled. But I had very bad performance issues with this setting. Because, this was caused by the Collabora Built-In CODE Server, which was automatically installed. But, what you can do about this is, uncheck the checkbox “Install recommended apps”. Then install the Collabora Online Apps manually and use the Collabora Demo Servers.
Desktop Client Sync
I also had problems with setting up the Nextcloud Desktop Client Synchronization. We need to make a change in the config/config.php file. Make sure you add this line here in the configuration file.
'overwriteprotocol' => 'https'