Create a new self signed certifcate:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout nginx/ssl/nginx-selfsigned.key -out nginx/ssl/nginx-selfsigned.crt
Use your server IP address as Common Name e.g. 192.168.1.19
We should also create a strong Diffie-Hellman group, which is used in negotiating Perfect Forward Secrecy with clients. We can do this by typing:
sudo openssl dhparam -out /opt/docker-ingress/configuration/ssl/dhparam.pem 4096
Se the ngnix configurations for how to use they generated files
Accessing site insecurely via HTTP. You are strongly advised to set up your server to require HTTPS instead. Without it some important web functionality like "copy to clipboard" or "service workers" will not work! For more details see the documentation ↗.
Set 'overwriteprotocol' => 'https' in config/config.php or run the command:
docker exec -u 33 nextcloud /var/www/html/occ config:system:set overwriteprotocol --type=string --value=https
Source: https://help.nextcloud.com/t/cannot-grant-access/64566/12
It can be set running the command:
docker exec -u 33 nextcloud /var/www/html/occ config:system:set maintenance_window_start --type=integer --value=1
Run the command
docker exec -u 33 nextcloud /var/www/html/occ db:add-missing-indices
to add the fs_storage_path_prefix index to the oc_filecache table
To customize or add cron entries executed by the nextcloud-cron container,
edit the file /var/spool/cron/crontabs/www-data.
E.g.
0 * * * * php /var/www/nextcloud/occ preview:pre-generate
The /cron.sh invoked as entry point by the container, starts the busybox crond for the user www-data, which executes the jobs defined in the above
file.
Source
Original documentation
- Latest QNAP Firmware Installed.
- Container Station Installed & Updated.
- Understand how to access your QNAP via SSH. Access my QNAP NAS using SSH
Create a new user which will be used for docker containers, so that they are not running as root (primarily for security reasons). Go to "Users" from the main screen QTS, select "Create User" and create a user called "dockeruser"
Create a new shared folder that we will keep all docker appdata in. Load up "File Station" and create a new share by clicking on the + next to the Data Volume.
Call the folder Docker and give full read/write access to this folder to the newly created dockeruser. Everything else can be left as default.
Once the Docker folder is created, create another folder called nextcloud within the Docker folder.
Now the UID/GID of the user dockeruser need to be figured out. Use your favourite method to ssh into the QNAP NAS and run the following command:
id <username>Replace with the user you created earlier (dockeruser). The result of the command should look like this:
Result:
[~] # id dockeruser
uid=500(dockeruser) gid=100(everyone) groups=100(everyone)
[~] #Note the UID and the GID and replace the ID's in the docker-compose.yml file (see comments in the docker-compose file).
Create a new container based on the docker-compose.yml file.
Open the Container Station and select Applications from the management menu. Click on the Create button.
Download the docker-compose.yml from the repository and replace the passwords and the dockeruser id/group (see comments in the docker-compose file).
Choose a name for the Container and paste the content of the docker-compose.yml into the YAML section and click on the create button.
After the container is created, open the Nextcloud web interface on https://NAS-IP:9443/
Fill in the credentials for the administrator account.
Select MySQL/MariaDB as database and use the database credentials defined in the docker-compose.yml file. (MYSQL_USER, MYSQL_PASSWORD, MYSQL_DATABASE, container_name)
Click Install to finish the Nextcloud setup.
To keep everything up to date the containers need to be updated frequently.
Select Images from the management menu and pull the latest images for mariadb and nextcloud.
Select Applications from the management menu and recreate the application.
Select Images from the management menu and remove the unused images linuxserver/nextcloud and linuxserver/mariadb.
To update Nextcloud, it is not possible to do so directly from the web interface. Instead, the update process involves pulling the new image and recreating the container with it. When the container starts up, it automatically detects if an update is required and performs it accordingly.
It's important to note that Nextcloud can only be upgraded one major version at a time. For example, if you want to upgrade from version 26 to 28, you will first need to upgrade from version 26 to 27, and then from 27 to 28. In such cases, you will need to recreate the container with a specific version tag instead of using the latest tag. Once you have reached the latest major version, you can switch back to using the latest tag for updates.
Occasionally, you may encounter missing database (DB) indices in your Nextcloud setup. These missing indices can be identified within the Nextcloud web interface, specifically in the administrative settings section.
To simplify the process of addressing missing DB indices, it is recommended to run the commands within Container Station. Container Station provides a convenient environment for executing commands related to a container. By utilizing Container Station, you can easily run the 'occ db:add-missing-indices' command and ensure that any missing indices are added promptly.
Select Container from the management menu and select the nextcloud container.
Select Execute from the upper menu of the nextcloud container.
Select Add and insert the command you wish to execute. For example, you can use the command occ db:add-missing-indices. This command will ensure that any missing indices in the database are added.
Once you have inserted the command, click on the Save button to save it. Now, you can execute the command.
If you need to re-execute the command in the future, don't worry! The command is now saved and can be easily accessed. Simply navigate to the saved commands section and select the desired command. It will be executed again, allowing you to perform the necessary actions whenever required.
Starting from Container Station 3, it is no longer possible to set resource limits directly within the docker-compose file. As a result, it is important to remove all deploy sections from the docker-compose file to ensure that the containers start successfully.
# remove this section
deploy:
resources:
limits:
cpus: 1.20
memory: 4096MResource limits can be manually configured in the advanced settings. This allows you to define specific limits for CPU usage and memory allocation.
