Nextcloud is a platfrom for sharing files and folders between individuals or teams. Supposedly there are organisations using Nextcloud, but I don't know any - most, that I know, use Sharepoint. In any case, Nextcloud (NC) is really awesome for anyone who wants to have a "private DropBox", and NC even has really good native mobile apps for iOS and Android. Check out their official page here.
How to get going?
The easiest and fastest way to get going is to lease a VM (virtual machine) from a IaaS provider, for example Digital Ocean, UpCloud, Vultr etc. I don't have experience using Vultr, but a quick look at their portfolio suggest that they have a similar lineup as UpCloud has. Digital Ocean has the broadest service offering out of the three. The biggest difference (in my opinion) being, that DO also offers DNS services. You'll need to register a domain name and setup A and MX records somewhere to get your mail and NC mobile apps going. Next, ssh into your new VM and...
You'll need Docker engine and Docker Compose to use the below YAML file. Check out official documentation on how to install Docker and Compose here. Once that's done, you can install Nextcloud, HAProxy load balancer, the backend DB and caching with Redis using this YAML
version: '2' networks: front-tier: driver: bridge back-tier: driver: bridge services: nextcloud: image: jatula/nextcloud:11.0.2 restart: always links: - db_nextcloud:db_nextcloud - redis:redis networks: - back-tier environment: - VIRTUAL_HOST=http://yourdomain.com,https://yourdomain.com - BALANCE=roundrobin - FORCE_SSL=yes volumes: - ./nextcloud/data:/var/www/html db_nextcloud: image: mariadb:10 restart: always volumes: - ./nextcloud/db_data:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=Password - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextclouduser - MYSQL_PASSWORD=Password networks: - back-tier redis: image: redis restart: always volumes: - ./redis/data:/data - ./redis:/usr/local/etc/redis networks: - back-tier haproxy: image: dockercloud/haproxy restart: always depends_on: - "ghost" - "nextcloud" links: - "ghost" - "nextcloud" environment: - CERT_FOLDER="/certs/" networks: - back-tier - front-tier ports: - "80:80" - "443:443" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - /etc/haproxy/certs:/certs
$ docker-compose up -d, acquire a certificate from Let's Encrypt
- First, install it.
$ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
- Ask Certbot for a certificate.
certbot certonly --standalone -d example.com -d www.example.com
- Combine fullchain.pem and privkey.pem
cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem /etc/letsencrypt/live/$DOMAIN/privkey.pem > /etc/haproxy/certs/$DOMAIN.pem
You can save the combined .pem file where ever you want. As an example, I used /etc/haproxy... Just remember to mount that folder to the HAProxy container /certs directory.
$ docker-compose up -d, browse to your nextcloud host and finish the installation.
I would write a script to renew the Let's Encrypt certificate. The certificates are valid for 90 days, so renewing every month with a cron job is sufficient I'd say.
Hopefully this got you interested in NC so that you'll give it a go. If you need assistance, or find an error in this post, send me a message in twitter @juhaniatula.