nextcloud

Deploy Nextcloud 18.0.1 in Docker Swarm

Nextcloud is an open-source industry-leading on-premises collaboration platform. It’s a safe home for all your data.

Today I am going to deploy Nextcloud to our Docker Swarm Cluster using the Docker Compose tool.

Nextcloud is an open-source industry-leading on-premises collaboration platform. It’s a safe home for all your data. User files are encrypted during transit.

Today I am going to deploy Nextcloud 18.0.1 to our Docker Swarm Cluster using the docker-compose tool.

The original ownCloud developer Frank Karlitschek forked ownCloud and created Nextcloud, which continues to be actively developed by Karlitschek and other members of the original ownCloud team.

Let’s start with actual deployment…

Please make sure you should fulfill the below requirements before proceeding to the actual deployment.

  1. Docker Swarm Cluster with GlusterFS as persistent tool.
  2. Traefik as reverse proxy to expose micro-services to external.
  3. Database stack to host application databases.

Introduction

Nextcloud is an open-source industry-leading on-premises collaboration platform. It’s a safe home for all your data. Secure, under your control, and developed in an open, transparent and trustworthy.

Nextcloud – A safe home for all your data, is a suite of client-server software for creating and using file hosting services. Nextcloud application functionally is similar to Dropbox. Unlike Dropbox, Nextcloud does not offer off-premises file storage hosting.

Nextcloud combines the convenience and ease of use of consumer-grade solutions like Dropbox and Google Drive with the security, privacy and control business needs.

Nextcloud can synchronize with local clients running Windows (Windows XP, Vista, 7, 8, and 10), macOS (10.6 or later), or various Linux distributions.

Nextcloud permits user and group administration (via OpenID or LDAP). Content can be shared by defining granular read/write permissions between users and groups.

Why is Nextcloud

Nextcloud is free and open-source, which means that anyone is allowed to install and operate it on their own private server devices.

In contrast to proprietary services like Dropbox, Office 365, or Google Drive, the open architecture enables users to have full control of their data.

User files are encrypted during transit and optionally at rest.

Nextcloud Features

Alternatively, Nextcloud users can create public URLs when sharing files. Logging of file-related actions, as well as disallowing access based on file access rules is also available.

Nextcloud files are stored in conventional directory structures, accessible via WebDAV if necessary.

Nextcloud is introducing new features such as monitoring capabilities, full-text search, and Kerberos authentication, as well as audio/video conferencing, expanded federation, and smaller user interface improvements.

Since Nextcloud is modular, it can be extended with plugins to implement extra functionality. This platform communicates with the Nextcloud instances via an open protocol. The App Store already contains over 200 extensions. With the help of these extensions, many functionalities can be added, including:

  • Calendar and Contacts
  • Secure audio and video calls
  • View and edit documents with Collabora
  • Automatically upload files to replace large attachments or integrate Calendars and Contacts in your mail client
  • Integrated account management
  • Workflow management
  • External storage, securely encrypted (connection to DropboxGoogle Drive and Amazon S3)
  • Track file changes
  • Powerful search

Please go through the official link below for more features of Nextcloud.

Nextcloud Key Differentiators

Putting IT back in control Security First User Focus

Nextcloud puts the customer in control over their data in the most literal and direct sense. Your data is in your data center, on a server managed by you, rather than floating somewhere in the cloud.

Nextcloud features a host of unique, innovative security technologies from brute force protection to advanced server-side and integrated end-to-end, client-side encryption with enterprise-grade key handling and a wide range of security hardening.

Nextcloud’s development process is a transparent and clear focus on the needs of users and customers results in a better product. By working in the open within and with the wider developer- and user community, development is sped up, quality improved and alignment with the needs of users improved.

Persist Nextcloud Data

Containers are fast to deploy and make efficient use of system resources. Developers get application portability and programmable image management and the operations team gets standard run time units of deployment and management.

With all the known benefits of containers, there is one common misperception that the containers are ephemeral, which means if we restart the container or in case of any issues with it, we lose all the data for that particular container. They are only good for stateless micro-service applications and that it’s not possible to containerize stateful applications.

I am going to use GlusterFS to overcome the ephemeral behavior of Containers.

I already set up a replicated GlusterFS volume to have data replicated throughout the cluster if I would like to have some persistent data.

The below diagram explains how the replicated volume works.

Volume will be mounted on all the nodes, and when a file is written to the /mnt partition, data will be replicated to all the nodes in the Cluster

glusterfs
GlusterFS Replicated Volume

In case of any one of the nodes fails, the application automatically starts on other node without loosing any data and that’s the beauty of the replicated volume.

Persistent application state or data needs to survive application restarts and outages. We are storing the data or state in GlusterFS and had periodic backups performed on it.

We will use a backup of the volume to spin a new application container anywhere else in case of unexpected issues occur in the current environment.

I am going to persist /var/www/html/var/www/html/custom_apps/var/www/html/data and /var/www/html/config folders of Nextcloud for disorder recovery.

Create folders in /mnt directory to persistent Nextcloud folders.

cd /mnt
sudo mkdir -p nextcloud
sudo mkdir -p nextapps
sudo mkdir -p nextdata
sudo mkdir -p nextconfig

Please watch the below video for Glusterfs Installation

Prepare Nextcloud Environment

Create a folder in /opt directory to place configuration file, i.e, .yml file for Nextcloud.

Use the below commands to create the folder.

cd /opt
sudo mkdir -p nextcloud
cd nextcloud
sudo touch next.yml

Nextcloud Docker Compose

Open next.yml created earlier with nano editor using sudo nano next.yml

Copy and paste the below code in next.yml

Here is the docker compose file for nextcloud.

Here I am using MariaDB as a back-end storage system for Nextcloud which was deployed earlier to our Docker Swarm environment.


version: "3.7"
 
services:
  nextcloud:
    image: nextcloud:latest
    depends_on:
      - maindb
    secrets:
      - mysql_root_password
    environment:
      - MYSQL_HOST=maindb:3306
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=root
      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password
    volumes:
      - /mnt/nextcloud:/var/www/html:cached
      - /mnt/nextapps:/var/www/html/custom_apps:cached
      - /mnt/nextdata:/var/www/html/data:cached
      - /mnt/nextconfig:/var/www/html/config:cached
    networks:
      - proxy
    deploy:
      placement:
        constraints: [node.role == worker]
      replicas: 1
      update_config:
        parallelism: 2
        delay: 10s
      restart_policy:
        condition: on-failure
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=proxy"
        - "traefik.http.routers.nextcloud.rule=Host(`next.example.com`)"
        - "traefik.http.routers.nextcloud.tls=true"
        - "traefik.http.routers.nextcloud.tls.certresolver=default"
        - "traefik.http.routers.nextcloud.entrypoints=websecure"
        - "traefik.http.services.nextcloud.loadbalancer.server.port=80"
secrets:
  mysql_root_password:
    external: true 
volumes:
  nextcloud:
    driver: "local"
  nextapps:
    driver: "local"
  nextdata:
    driver: "local"
  nextconfig:
    driver: "local"
networks:
  proxy:
    external: true

Deploy Nextcloud using Docker Compose

Now it’s time to deploy our docker-compose file above next.yml using the below command

docker stack deploy --compose-file next.yml next

You can give it any name for the stack. I just named it as next

Check the status of the stack by using docker stack ps next

Nextcloud Stack PS

Now open any browser and type next.example.com (whatever host URL used in the Nextcloud configuration in the docker-compose file) to complete Nextcloud installation.

Make sure that you have DNS entry for your application (next.example.com) in your DNS Management Application.

You will be greeted with the below screen to configure Nextcloud.

Nextcloud Admin Account

Create an Admin account by entering the user name and password. Click on Storage & database to provide database details for it.

We can use SQLLite for minimal or development purposes. Please see the below image for reference.

Nextcloud Storage Selection

I am going to select MySQL/MariaDB option because I will be using this Nextcloud instance to store my photo albums.

Provide database user name, password, database name, and database instance with the port number. Refer below screenshot for details.

Check the ‘Install recommended apps’ check box to go with default apps and click on the Finish button to complete the setup.

Nextcloud DB Selection
Nextcloud Finalize Installation
Nextcloud Recommended Apps

The installation will take 10 mins to complete. After successful installation, we will be greeted below the Nextcloud welcome screen.

Nextcloud Home Screen

If you want to have random background images, download and enable ‘Splash’ apps. Below screenshot for reference.

Nextcloud Random Background using Splash App
Nextcloud Home Page After Splash App Enable

Stay tuned for other deployments in coming posts… 🙄

One comment

Leave a Reply

Your email address will not be published.