Nextcloud is a platfrom for sharing files and folders between individuals or teams. Supposedly there are organisations using Nextcloud, but I don't know any - most, that I know, use Sharepoint. In any case, Nextcloud (NC) is really awesome for anyone who wants to have a "private DropBox", and NC even has really good native mobile apps for iOS and Android. Check out their official page here.

How to get going?

The easiest and fastest way to get going is to lease a VM (virtual machine) from a IaaS provider, for example Digital Ocean, UpCloud, Vultr etc. I don't have experience using Vultr, but a quick look at their portfolio suggest that they have a similar lineup as UpCloud has. Digital Ocean has the broadest service offering out of the three. The biggest difference (in my opinion) being, that DO also offers DNS services. You'll need to register a domain name and setup A and MX records somewhere to get your mail and NC mobile apps going. Next, ssh into your new VM and...

Install Nextcloud

You'll need Docker engine and Docker Compose to use the below YAML file. Check out official documentation on how to install Docker and Compose here. Once that's done, you can install Nextcloud, HAProxy load balancer, the backend DB and caching with Redis using this YAML

version: '2'

networks:
  front-tier:
    driver: bridge
  back-tier:
    driver: bridge

services:
  nextcloud:
    image: jatula/nextcloud:11.0.2
    restart: always
    links:
      - db_nextcloud:db_nextcloud
      - redis:redis
    networks:
      - back-tier
    environment:
      - VIRTUAL_HOST=http://yourdomain.com,https://yourdomain.com
      - BALANCE=roundrobin
      - FORCE_SSL=yes
    volumes:
      - ./nextcloud/data:/var/www/html
  db_nextcloud:
    image: mariadb:10
    restart: always
    volumes:
      - ./nextcloud/db_data:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=Password
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextclouduser
      - MYSQL_PASSWORD=Password
    networks:
      - back-tier
  redis:
    image: redis
    restart: always
    volumes:
      - ./redis/data:/data
      - ./redis:/usr/local/etc/redis
    networks:
      - back-tier
  haproxy:
    image: dockercloud/haproxy
    restart: always
    depends_on:
      - "ghost"
      - "nextcloud"
    links:
      - "ghost"
      - "nextcloud"
    environment:
      - CERT_FOLDER="/certs/"
    networks:
      - back-tier
      - front-tier
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /etc/haproxy/certs:/certs

Before you $ docker-compose up -d, acquire a certificate from Let's Encrypt

  • First, install it.
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install certbot 
  • Ask Certbot for a certificate.
certbot certonly --standalone -d example.com -d www.example.com
  • Combine fullchain.pem and privkey.pem
cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem /etc/letsencrypt/live/$DOMAIN/privkey.pem > /etc/haproxy/certs/$DOMAIN.pem

You can save the combined .pem file where ever you want. As an example, I used /etc/haproxy... Just remember to mount that folder to the HAProxy container /certs directory.

Now, $ docker-compose up -d, browse to your nextcloud host and finish the installation.

Finishing NC installation

What next?

I would write a script to renew the Let's Encrypt certificate. The certificates are valid for 90 days, so renewing every month with a cron job is sufficient I'd say.

Hopefully this got you interested in NC so that you'll give it a go. If you need assistance, or find an error in this post, send me a message in twitter @juhaniatula.