Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
content:serverbasics:docker-nextcloud_aio [2024/05/18 22:18] – [Firewall] Danielcontent:serverbasics:docker-nextcloud_aio [2025/02/08 14:32] (aktuell) Daniel
Zeile 4: Zeile 4:
  
 As you do have Docker running as described before, you can easyly install a running Instance of Nextcloud to you PC. Heres the original doc: [[https://github.com/nextcloud/all-in-one|https://github.com/nextcloud/all-in-one]] As you do have Docker running as described before, you can easyly install a running Instance of Nextcloud to you PC. Heres the original doc: [[https://github.com/nextcloud/all-in-one|https://github.com/nextcloud/all-in-one]]
 +
 +===== Docker Network =====
 +
 +To have IPV6 support, Docker needs a local IPV6 Networkrange to use.
 +
 +So you need to edit the Dockers ~/.config/docker/daemon.json to be like this:
 +
 +Hint: If that file is missing, just create it.
 +<file>
 +
 +{
 + "ipv6": true,
 + "fixed-cidr-v6": "fdff:6785:1::/48",
 + "iptables": true,
 + "ip6tables": true,
 + "log-opts": {
 +  "max-size": "10m",
 +  "max-file": "5"
 + }
 +}
 +
 +</file>
  
 ===== Network preparations ===== ===== Network preparations =====
Zeile 11: Zeile 33:
 Per default, only ipv4 networking will be set up by nextcloud-aio. So the setup will check the adress and will fail. Per default, only ipv4 networking will be set up by nextcloud-aio. So the setup will check the adress and will fail.
  
-Further you need to have a network, that is called exactly "nextcloud-aio" with ipv6.+So you need to setup a network first, that is called exactly "nextcloud-aio" with ipv6.
  
-Set up the network in Docker first, here for example with the script ''docker-ncaio-network.sh''+To Set up the network in Docker, here for example use the script ''docker-aio-network.sh''
 <file> <file>
 #!/bin/bash #!/bin/bash
-#nextcloud must have that network-name! +#recreate network for docker with ipv6 
-docker network create --subnet="2001:db8:3::/64--driver bridge --ipv6 nextcloud-aio --gateway="2001:db8:3::1"+docker network remove nextcloud-aio 
 +#Use the fixed-cidr-v6 from dockers daemon.json for the subnet and 
 +#Adress :1 for the gateway 
 +docker network create --subnet="fdff:6785:2::/48" --gateway="fdff:6785:2::1" --driver bridge --ipv6 nextcloud-aio
  
 </file> </file>
  
-The subnet and gateway are free to choose, but make sure it does not interfere with some existing network. If you are not sure, use the given ones.+The subnet and gateway in daemon.json are free to choose, but make sure it does not interfere with some existing network. If you are not sure, use the given ones, as they are locally and should be free for docker.
  
 ===== Firewall ===== ===== Firewall =====
Zeile 35: Zeile 60:
  
 </code> </code>
 +
 ===== Docker Network driver ===== ===== Docker Network driver =====
  
 There may be other problems with networking, so use another driver for networking like described here: [[https://github.com/nextcloud/all-in-one/issues/4621|https://github.com/nextcloud/all-in-one/issues/4621]] There may be other problems with networking, so use another driver for networking like described here: [[https://github.com/nextcloud/all-in-one/issues/4621|https://github.com/nextcloud/all-in-one/issues/4621]]
 +
 +In general, the default slirp4netns- driver is: a. slow b. not able to uses ipv6 c. not able to do port forwarding, which maybe essential
 +
 +==== Pasta driver ====
 +
 +A quite new and high performance networking driver with good functionality is pasta.
 +
 +Pasta needs to be installed locally on the host ''zypper install pasta''
 +
 +After that, you need to change the systemd config für docker:
 +<file>
 +
 +docker@pcserver2023:~> systemctl --user edit docker
 +
 +</file>
 +
 +and edit the file like this:
 +
 +<file>
 +[Service]
 +Environment="DOCKERD_ROOTLESS_ROOTLESSKIT_NET=pasta"
 +Environment="DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=implicit"
 +Environment="DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS=--ipv6"
 +
 +</file>
 +
 +now do
 +
 +<file>
 +docker@pcserver2023:~> systemctl daemon-reload
 +
 +docker@pcserver2023:~> systemctl --user stop docker
 +
 +docker@pcserver2023:~> systemctl --user start docker
 +
 +</file>
 +
 +You shold now have a fast network driver with port forwarding.
 +
 +===== Dockers Yaml =====
 +
 +In your Docker- Compose- Drirectory, create a new Directory called ''nextcloud_aoi'' and put the ''docker-compose.yml'' in it. You can finde some good documented example here: [[https://github.com/nextcloud/all-in-one/blob/main/compose.yaml|https://github.com/nextcloud/all-in-one/blob/main/compose.yaml]]
 +
 +===== AIO Webinterface =====
 +
 +It is important to understand, that the Docker- Service itself is NOT a working Nextcloud- Instance!
 +
 +The Service of this YML - called ''nextcloud-aio-mastercontainer'' is only a WEB- Interface to setup and maintain the Nextcloud- Services. Therefore it uses the Docker internal API, which is accessed by the Docker- Socket internally.
 +
 +So what you gain first, is a new Webserver on a seperate Port (default: 8080), wich will be the Administration Endpoint for you.
 +
 +**To access that Server from another PC, i STRONGLY DO NOT ADVISE to open the Firewall- Port of your Host and to make that service available to the internet!**
 +
 +Instead, you should use SSH Port Forwarding to administrate the Service. To have that, you maybe use ssh like this:
 +<code>
 +
 +ssh -L 8080:IPofyoursshserver:8080 docker@NAMEofyoursshserver
 +
 +</code>
 +
 +After that, you can access the AIO- Mastercontainer WEB- GUI on [[https://localhost:8080|https://localhost:8080]]
 +
 +===== Caddy Service =====
 +
 +Now you need to add the Nextcloud- Service to you Caddyfile ( https://obel1x.de/dokuwiki/doku.php?id=content:serverbasics:docker-caddy#caddy_configuration )
 +
 +Add those lines First:
 +<file>
 +
 +https://nextcloud.domain.tld:443 {
 +       header Strict-Transport-Security max-age=31536000;
 +#       reverse_proxy nextcloud-aio-apache:11000
 +#For install Domaincheck needed:
 +       reverse_proxy nextcloud-aio-domaincheck:11000
 +}
 +
 +</file>
 +
 +Mind, that when starting Nextcloud-AIO, the service nextcloud-aio-domaincheck will be setup. After installation has succeeded, the service will be shutdown and nextcloud-aio-apache will take over. On a Host, having rootful docker, this will work with localhost:11000 as destination, but not in rootless docker.
 +
 +So we need this small quirk to work around it.
 +
 +After you have setup the Configuration in Nextcloud, when installing and starting the Services, comment out that line and uncomment the apache- line. Than restart Caddy - you won't need that line again.
 +
 +===== Final Nextcloud- Setup =====
 +
 +Now, ssh on your Host and go to [[https://localhost:8080|https://localhost:8080]]
 +
 +and finish everything on that WEB- GUI. Mind, that installing the Services will take a long time. Don't panik if nothing seems to happen. Just let it do one hour or more.
 +
 +Enjoy your fully flagged Nextcloud.
 +
 +The next step wpuld now be to integrate Nextcloud with your IPA- Domain. Checkout IPA- Docs here and come back, when its working.
  
  
  • content/serverbasics/docker-nextcloud_aio.1716070724.txt.gz
  • Zuletzt geändert: 2024/05/18 22:18
  • von Daniel