diff --git a/active/podman_nextcloud/nextcloud-aio-mastercontainer.container b/active/podman_nextcloud/nextcloud-aio-mastercontainer.container index 2fb0cae..85b1235 100644 --- a/active/podman_nextcloud/nextcloud-aio-mastercontainer.container +++ b/active/podman_nextcloud/nextcloud-aio-mastercontainer.container @@ -9,13 +9,13 @@ ContainerName=nextcloud-aio-mastercontainer Image=docker.io/nextcloud/all-in-one:latest PublishPort=0.0.0.0:11001:8080 Volume=nextcloud_aio_mastercontainer:/mnt/docker-aio-config -Volume=/run/user/1001/podman/podman.sock:/var/run/docker.sock:Z +Volume=/run/user/1002/podman/podman.sock:/var/run/docker.sock:Z Network=bridge SecurityLabelDisable=true Environment=APACHE_PORT=11000 Environment=APACHE_IP_BINDING=0.0.0.0 -Environment=WATCHTOWER_DOCKER_SOCKET_PATH=/run/user/1001/podman/podman.sock +Environment=WATCHTOWER_DOCKER_SOCKET_PATH=/run/user/1002/podman/podman.sock Environment=NEXTCLOUD_DATADIR="/home/nextcloud/nextcloud_data" Environment=SKIP_DOMAIN_VALIDATION=true diff --git a/active/podman_nextcloud/nextcloud-aio.md b/active/podman_nextcloud/nextcloud-aio.md index 41de595..31479b4 100644 --- a/active/podman_nextcloud/nextcloud-aio.md +++ b/active/podman_nextcloud/nextcloud-aio.md @@ -3,13 +3,13 @@ - [Nextcloud AIO](#nextcloud-aio) - [Install with Rootless Podman](#install-with-rootless-podman) - [Create the nextcloud user](#create-the-nextcloud-user) - - [Install Podman](#install-podman) - [Create the container autostart service](#create-the-container-autostart-service) - [Install Nextcloud](#install-nextcloud) - [Install Caddy](#install-caddy) - [Firewall](#firewall) - [Backups](#backups) - - [Maintenace Mode](#maintenace-mode) + - [Manual Backups](#manual-backups) + - [Maintenance Mode](#maintenance-mode) - [Trusted Proxy](#trusted-proxy) - [Default phone region](#default-phone-region) - [Adding existing files](#adding-existing-files) @@ -17,10 +17,13 @@ - [Changing the domain](#changing-the-domain) - [Uninstall](#uninstall) - [Edit QCOW](#edit-qcow) - - [Stuck in login screen](#stuck-in-login-screen) - - [Freezing after working for a bit](#freezing-after-working-for-a-bit) - - [Out of disk space](#out-of-disk-space) - - [Redis can't dump its DB](#redis-cant-dump-its-db) + - [Exclude Lists](#exclude-lists) + - [Troubleshooting](#troubleshooting) + - [Stuck in login screen](#stuck-in-login-screen) + - [Freezing after working for a bit](#freezing-after-working-for-a-bit) + - [Out of disk space](#out-of-disk-space) + - [Redis can't dump its DB](#redis-cant-dump-its-db) + - [Error connecting to server](#error-connecting-to-server) @@ -34,32 +37,22 @@ This has been tested working on Fedora 41 with selinux and firewalld enabled. ```bash useradd nextcloud -su - nextcloud -ssh-keygen -exit -cp ~/.ssh/authorized_keys /home/nextcloud/.ssh/authorized_keys -chown nextcloud:nextcloud /home/nextcloud/.ssh/authorized_keys loginctl enable-linger $(id -u nextcloud) -``` - -### Install Podman - -```bash -# As root user -dnf install podman - -# Now SSH into the server as the nextcloud user -systemctl --user enable podman-restart -systemctl --user enable --now podman.socket +systemctl --user --machine=nextcloud@.host enable podman-restart +systemctl --user --machine=nextcloud@.host enable --now podman.socket +su -l nextcloud +mkdir -p /home/nextcloud/.config/containers/systemd +exit ``` ### Create the container autostart service Edit the autostart service to include "unless-stopped" containers. -As the nextcloud user: - -`systemctl --user edit podman-restart.service` +```bash +machinectl shell nextcloud@ +systemctl --user edit podman-restart.service +``` ```conf [Service] @@ -74,21 +67,35 @@ systemctl --user daemon-reload ### Install Nextcloud +On the operator + +1. Edit `nextcloud-aio-mastercontainer.container` to include the correct username and UID where relevant. +2. Copy the files to the server: + ```bash -# Make the container systemd directory (if needed) -ssh nextcloud mkdir -p ~/.config/containers/systemd - -# Create the nextcloud network with ipv6 -ssh nextcloud podman network create --ipv6 nextcloud-aio - # Copy the quadlet files scp \ active/podman_nextcloud/nextcloud-aio-mastercontainer.container \ -nextcloud:.config/containers/systemd/ +3dserver:/home/nextcloud/.config/containers/systemd/ + +ssh chown -R nextcloud:nextcloud /home/nextcloud/.config/containers/systemd/ +``` + +On the server + +```bash +machinectl shell nextcloud@ + +# Create volumes +mkdir nextcloud_data +mkdir nextcloud_aio_mastercontainer + +# Create the nextcloud network with ipv6 +podman network create --ipv6 nextcloud-aio # Reload and restart the service -ssh nextcloud systemctl --user daemon-reload -ssh nextcloud systemctl --user restart nextcloud-aio-mastercontainer +systemctl --user daemon-reload +systemctl --user restart nextcloud-aio-mastercontainer ``` ### Install Caddy @@ -168,7 +175,15 @@ If you need to reset the borg backup repo: docker exec nextcloud-aio-borgbackup rm /mnt/docker-aio-config/data/borg.config ``` -## Maintenace Mode +### Manual Backups + +1. Backup `nextcloud_data` +2. Backup all nextcloud volumes at `/home/nextcloud/.local/share/containers/storage/volumes/` +3. Backup `.config/containers/systemd/` + +Copy these back to where they came to restore + +## Maintenance Mode ```bash docker stop nextcloud-aio-apache @@ -230,7 +245,127 @@ sudo qemu-nbd -c /dev/nbd0 --read-only /path/to/image.qcow2 udisksctl mount -b /dev/nbd0p1 ``` -## Stuck in login screen +## Exclude Lists + +Exclude lists take effect only if the folders/files haven't been synced yet. Here's a basic one +I stole that works well for development resources. + +Put this in `~/.config/Nextcloud/sync-exclude.list` + +```text +]*~ +]~$* +].~lock.* +]~*.tmp +]*.~* +]Icon\r* +].DS_Store +].ds_store +]*.textClipping +]._* +]Thumbs.db +]photothumb.db +]System Volume Information +].*.sw? +].*.*sw? +].TemporaryItems +].Trashes +].DocumentRevisions-V100 +].Trash-* +].fseventd +].apdisk +].Spotlight-V100 +].directory +]*.part +]*.filepart +]*.crdownload +]*.kate-swp +]*.gnucash.tmp-* +].synkron.* +].sync.ffs_db +].symform +].symform-store +].fuse_hidden* +]*.unison +].nfs* +]My Saved Places. +]*.sb-* +]*.dll +]*.exe +].git/ +].lock +]*.bin +].bin +]bin/ +]*.lock +]node_modules/ +].cache/ +].vscode/ +].pytest_cache/ +].github/ +].ipynb_checkpoints/ +]*.exe +]*.dll +]*.class +]*.com +]*.so +]*.o +]@*/ +]__pycache__/ +].Python/ +]build/ +]dist/ +]eggs/ +].eggs/ +]wheels/ +]sdist/ +]var/ +]*.egg/ +]*.egg-info/ +]lib64/ +]lib/ +].tox/ +].nox/ +]env/ +]venv/ +]ENV/ +]env.bak/ +]venv.bak/ +]site/ +]cython_debug/ +]vendor/ +]tmp/ +].libs/ +].debs/ +]src/ +]Debug/ +]debug/ +]*.pdb +]*.enc +].enc +].sass-cache/ +]_site/ +].info +]*.info +].jekyll-cache +].jekyll-cache/ +].zotero-ft-cache +].zotero-ft-info +]*.idlk +]zotero.sqlite.bak +]*.dwl +]*.dwl2 +]*.bkp +]*.dtmp +].$* +]*.tmp +]_build/ +].venv/ +``` + +## Troubleshooting + +### Stuck in login screen Check logs at `/var/www/html/data/nextcloud.log` in `nextcloud-aio-nextcloud` container. @@ -247,9 +382,9 @@ Sometimes this is caused by a broken app or twofactor. try: ./occ app:disable integration_openai ``` -## Freezing after working for a bit +### Freezing after working for a bit -### Out of disk space +#### Out of disk space This can happen when nextcloud tries to write logs to its volume and doesn't have enough space @@ -258,7 +393,7 @@ podman exec -it nextcloud-aio-nextcloud bash df -h . ``` -### Redis can't dump its DB +#### Redis can't dump its DB This can happen when the redis volume doesn't have the correct permissions @@ -267,3 +402,9 @@ podman exec -it --user root nextcloud-aio-redis bash ls -lah /data chown redis:redis /data ``` + +#### Error connecting to server + +Your nextcloud instance won't be able to use host loopback with rootless containers. If you have +a local DNS record pointing to your server's IP address you'll need to delete that until this is +fixed.