# Nextcloud AIO - [Nextcloud AIO](#nextcloud-aio) - [Install with Rootless Podman](#install-with-rootless-podman) - [Create the nextcloud user](#create-the-nextcloud-user) - [Install Podman](#install-podman) - [Install Caddy](#install-caddy) - [Create the container autostart service](#create-the-container-autostart-service) - [Install Nextcloud](#install-nextcloud) - [Backups](#backups) - [Maintenace Mode](#maintenace-mode) - [Trusted Proxy](#trusted-proxy) - [Default phone region](#default-phone-region) - [Adding existing files](#adding-existing-files) - [Theming](#theming) - [Changing the domain](#changing-the-domain) - [Uninstall](#uninstall) - [Edit QCOW](#edit-qcow) - [Stuck in login screen](#stuck-in-login-screen) - [Freezing after working for a bit](#freezing-after-working-for-a-bit) - [Out of disk space](#out-of-disk-space) - [Redis can't dump its DB](#redis-cant-dump-its-db) ## Install with Rootless Podman Roughly taken from This has been tested working on Fedora 41 with selinux and firewalld enabled. ### Create the nextcloud user ```bash sudo useradd nextcloud sudo loginctl enable-linger nextcloud ``` ### Install Podman ```bash # As admin user sudo dnf install podman sudo loginctl enable-linger 1001 # Or whatever user nextcloud is # Now SSH into the server as the nextcloud user systemctl --user enable podman-restart systemctl --user enable --now podman.socket ``` ### Install Caddy As root ```bash mkdir /etc/caddy vim /etc/caddy/Caddyfile ``` Caddy will automatically provision certificates if the server DNS points to the correct IP and is accessible on the ports specifified. All you need to do is put `https` in the caddy conf. ```conf https://nextcloud.reeseapps.com:443 { reverse_proxy 127.0.0.1:11000 } https://nextcloud.reeseapps.com:8443 { reverse_proxy 127.0.0.1:11001 { transport http { tls_insecure_skip_verify } } } ``` ```bash vim /etc/containers/systemd/caddy.container ``` ```conf [Unit] Description=Caddy [Container] AddCapability=NET_ADMIN ContainerName=caddy Image=caddy Network=host SecurityLabelDisable=true Volume=/etc/caddy:/etc/caddy Volume=caddy_data:/data Volume=caddy_config:/config [Service] Restart=always [Install] WantedBy=default.target ``` ```bash systemctl daemon-reload systemctl start caddy ``` ### Create the container autostart service As the nextcloud user. `systemctl --user edit podman-restart.service` ```conf [Service] ExecStart= ExecStart=/usr/bin/podman $LOGGING start --all --filter restart-policy=always --filter restart-policy=unless-stopped ExecStop= ExecStop=/bin/sh -c '/usr/bin/podman $LOGGING stop $(/usr/bin/podman container ls --filter restart-policy=always --filter restart-policy=unless-stopped -q)' ``` ```bash systemctl --user daemon-reload systemctl --user enable podman-restart ``` ### Install Nextcloud `vim ~/.config/containers/systemd/nextcloud-aio-mastercontainer.container` ```conf [Unit] Description=Nextcloud AIO Master Container Documentation=https://github.com/nextcloud/all-in-one/blob/main/docker-rootless.md After=local-fs.target Requires=podman.socket [Container] ContainerName=nextcloud-aio-mastercontainer Image=docker.io/nextcloud/all-in-one:latest PublishPort=127.0.0.1:11001:8080 Volume=nextcloud_aio_mastercontainer:/mnt/docker-aio-config Volume=/run/user/1001/podman/podman.sock:/var/run/docker.sock:Z Network=bridge SecurityLabelDisable=true Environment=APACHE_PORT=11000 Environment=APACHE_IP_BINDING=127.0.0.1 Environment=WATCHTOWER_DOCKER_SOCKET_PATH=/run/user/1001/podman/podman.sock Environment=NEXTCLOUD_DATADIR="/home/nextcloud/nextcloud_data" Environment=SKIP_DOMAIN_VALIDATION=true [Service] Restart=always [Install] WantedBy=multi-user.target default.target ``` ```bash systemctl --user daemon-reload systemctl --user start nextcloud-aio-mastercontainer ``` ## Backups IMPORTANT: you will need both KEY AND PASSPHRASE to access this repo! If you used a repokey mode, the key is stored in the repo, but you should back it up separately. Use "borg key export" to export the key, optionally in printable format. Write down the passphrase. Store both at safe place(s). ```bash docker exec nextcloud-aio-borgbackup borg key export /mnt/borgbackup/borg/ ``` ## Maintenace Mode ```bash docker stop nextcloud-aio-apache docker exec -it -u www-data nextcloud-aio-nextcloud ./occ maintenance:mode --on docker start nextcloud-aio-apache docker exec -it -u www-data nextcloud-aio-nextcloud ./occ maintenance:mode --off ``` ## Trusted Proxy If running with a reverse proxy. ```bash docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set trusted_proxies 2 --value="10.1.0.0/16" docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set trusted_proxies 3 --value="fd00:fd41:d0f1:1010::/64" ``` ## Default phone region ```bash docker exec --user www-data -it nextcloud-aio-nextcloud php occ config:system:set default_phone_region --value="US" ``` ## Adding existing files ```bash docker exec --user www-data -it nextcloud-aio-nextcloud php occ files:scan --path=ducoterra/files ``` ## Theming Red: `#B30000` ## Changing the domain ```bash docker run -it --rm --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config:rw alpine sh -c "apk add --no-cache nano && nano /mnt/docker-aio-config/data/configuration.json" ``` ## Uninstall ```bash docker stop $(docker ps -a -q) docker container prune # DANGER ZONE # This deletes all your data docker volume prune -a -f ``` defaults,_netdev,x-systemd.requires=iscsid.service 0 1 ## Edit QCOW ```bash sudo modprobe nbd sudo qemu-nbd -c /dev/nbd0 --read-only /path/to/image.qcow2 udisksctl mount -b /dev/nbd0p1 ``` ## Stuck in login screen Check logs at `/var/www/html/data/nextcloud.log` in `nextcloud-aio-nextcloud` container. Sometimes this is caused by a broken app or twofactor. try: ```bash # Disable two factor ./occ twofactorauth:state ./occ twofactorauth:disable totp ``` ```bash # Disable problem app ./occ app:disable integration_openai ``` ## Freezing after working for a bit ### Out of disk space This can happen when nextcloud tries to write logs to its volume and doesn't have enough space ```bash podman exec -it nextcloud-aio-nextcloud bash df -h . ``` ### Redis can't dump its DB This can happen when the redis volume doesn't have the correct permissions ```bash podman exec -it --user root nextcloud-aio-redis bash ls -lah /data chown redis:redis /data ```