Nextcloud Docker image with advanced features.
Tip
Want to be notified of new releases? Check out 🔔 Diun (Docker Image Update Notifier) project!
- Features
- Build locally
- Image
- Environment variables
- Volumes
- Ports
- Usage
- Upgrade
- Notes
- Contributing
- License
- Run as non-root user
- Multi-platform image
- Tarball authenticity checked during building process
- Data, config, user apps and themes persistence in the same folder
- Automatic installation
- Cron task for Nextcloud background jobs as a sidecar cron container
- Execute pre-generation of previews through Preview Generator plugin
- Handle Nextcloud News Updater for News plugin through a sidecar news updater container
- OPCache enabled to store precompiled script bytecode in shared memory
- APCu installed and configured
- Memcached and Redis also enabled to enhance server performance
- Database connectors MySQL/MariaDB, PostgreSQL and SQLite3 enabled
- Exif, IMAP, LDAP, FTP, GMP, SMB enabled (required for specific apps)
- FFmpeg, iconv, Imagick installed for preview generation
- s6-overlay as process supervisor
- Traefik as reverse proxy and creation/renewal of Let's Encrypt certificates (see this template)
- msmtpd SMTP relay image to send emails
- Redis for caching
- MariaDB as database instance
git clone https://github.com/crazy-max/docker-nextcloud.git
cd docker-nextcloud
# Build image and output to docker (default)
docker buildx bake
# Build multi-platform image
docker buildx bake image-all
Registry | Image |
---|---|
Docker Hub | crazymax/nextcloud |
GitHub Container Registry | ghcr.io/crazy-max/nextcloud |
Following platforms for this image are available:
$ docker run --rm mplatform/mquery crazymax/nextcloud:latest
Image: crazymax/nextcloud:latest
* Manifest List: Yes
* Supported platforms:
- linux/amd64
- linux/arm/v6
- linux/arm/v7
- linux/arm64
- linux/ppc64le
- linux/s390x
TZ
: The timezone assigned to the container (defaultUTC
)PUID
: Nextcloud user id (default1000
)PGID
: Nextcloud group id (default1000
)MEMORY_LIMIT
: PHP memory limit (default512M
)UPLOAD_MAX_SIZE
: Upload max size (default512M
)PM_MAX_CHILDREN
: Maximum number of child processes to be created for PHP-FPM (default20
)BODY_TIMEOUT
: Defines a timeout for reading client request body (default300s
)CLEAR_ENV
: Clear environment in FPM workers (defaultyes
)OPCACHE_MEM_SIZE
: PHP OpCache memory consumption (default128
)LISTEN_IPV6
: Enable IPv6 for Nginx (defaulttrue
)APC_SHM_SIZE
: APCu memory size (default128M
)REAL_IP_FROM
: Trusted addresses that are known to send correct replacement addresses (default0.0.0.0/32
)REAL_IP_HEADER
: Request header field whose value will be used to replace the client address (defaultX-Forwarded-For
)LOG_IP_VAR
: Use another variable to retrieve the remote IP address for access log_format on Nginx. (defaultremote_addr
)
HSTS_HEADER
: HTTP Strict Transport Security header value (defaultmax-age=15768000; includeSubDomains
)XFRAME_OPTS_HEADER
: X-Frame-Options header value (defaultSAMEORIGIN
)RP_HEADER
: Referrer Policy header value (defaultstrict-origin
)SUBDIR
: Subdir to use. Read this section for more info.DB_TYPE
: Database type (mysql, pgsql or sqlite) (defaultsqlite
)DB_NAME
: Database name (defaultnextcloud
)DB_USER
: Username for database (defaultnextcloud
)DB_PASSWORD
: Password for database userDB_HOST
: Database host (defaultdb
)DB_TIMEOUT
: Time in seconds after which we stop trying to reach the database server. Only used formysql
andpgsql
db type (default60
)
Note
DB_PASSWORD_FILE
can be used to fill in the value from a file, especially
for Docker's secrets feature.
Warning
Only used if you enable and run a sidecar cron container
SIDECAR_CRON
: Set to1
to enable sidecar cron mode (default0
)CRON_PERIOD
: Periodically execute Nextcloud cron (eg.*/5 * * * *
)
Warning
Only used if you enable and run a sidecar previews generator container
SIDECAR_PREVIEWGEN
: Set to1
to enable sidecar previews generator mode (default0
)PREVIEWGEN_PERIOD
: Periodically execute pre-generation of previews (eg.0 * * * *
)
Warning
Only used if you enable and run a sidecar news updater container
SIDECAR_NEWSUPDATER
: Set to1
to enable sidecar news updater mode (default0
)NC_NEWSUPDATER_THREADS
: How many feeds should be fetched in parallel (default10
)NC_NEWSUPDATER_TIMEOUT
: Maximum number of seconds for updating a feed (default300
)NC_NEWSUPDATER_INTERVAL
: Update interval between fetching the next round of updates in seconds (default900
)NC_NEWSUPDATER_LOGLEVEL
: Log granularity,info
will log all urls and received data,error
will only log errors (defaulterror
)
/data
: Contains config, data folders, installed user apps (not core ones), session, themes, tmp folders
Warning
Note that the volume should be owned by the user/group with the specified
PUID
and PGID
. If you don't give the volume correct permissions, the
container may not start.
8000
: HTTP port
Docker compose is the recommended way to run this image. Copy the content of
folder examples/compose in /var/nextcloud/
on your host
for example. Edit the compose and env files with your preferences and run the
following commands:
docker compose up -d
docker compose logs -f
You can also use the following minimal command:
docker run -d -p 8000:8000 --name nextcloud \
-v "$(pwd)/data:/data" \
crazymax/nextcloud:latest
To upgrade to the latest version of Nextcloud, pull the newer image and launch the container. Nextcloud will upgrade automatically:
docker compose pull
docker compose up -d
If you run the container for the first time, the installation will be automatic
using the DB_*
environment variables. Then open your browser to configure
your admin account.
If you want to use the occ command to perform common server operations like manage users, encryption, passwords, LDAP setting, and more, type:
docker compose exec nextcloud occ
If you want to enable the cronjob, you have to run a "sidecar" container (see cron service in compose.yml example) or run a simple container like this:
docker run -d --name nextcloud_cron \
--env-file $(pwd)/nextcloud.env \
-e "SIDECAR_CRON=1" \
-e "CRON_PERIOD=*/5 * * * *" \
-v "$(pwd)/data:/data" \
crazymax/nextcloud:latest
And do not forget to choose Cron as background jobs:
To execute pre-generation of previews through the Preview Generator plugin, you have to run a "sidecar" container (see cron service in compose.yml example) or run a simple container like this:
docker run -d --name nextcloud_previewgen \
--env-file $(pwd)/nextcloud.env \
-e "SIDECAR_PREVIEWGEN=1" \
-e "PREVIEWGEN_PERIOD=0 * * * *" \
-v "$(pwd)/data:/data" \
crazymax/nextcloud:latest
If you want to enable the Nextcloud News Updater, you have to run a "sidecar" container (see news_updater service in compose.yml example) or run a simple container like this:
docker run -d --name nextcloud_news_updater \
--env-file $(pwd)/nextcloud.env \
-e "SIDECAR_NEWSUPDATER=1" \
-e "NC_NEWSUPDATER_THREADS=10" \
-e "NC_NEWSUPDATER_TIMEOUT=300" \
-e "NC_NEWSUPDATER_INTERVAL=900" \
-e "NC_NEWSUPDATER_LOGLEVEL=error" \
-v "$(pwd)/data:/data" \
crazymax/nextcloud:latest
And do not forget to disable Use system cron for updates in news settings:
You can use our SMTP relay msmtpd
service published on port 2500
and
declared in our compose.yml
:
Redis is recommended, alongside APCu to make Nextcloud faster. If you want to
enable Redis, deploy a redis container (see compose file)
and add this to your config.php
:
'memcache.local' => '\OC\Memcache\APCu',
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => 'redis',
'port' => 6379,
),
If you want to access your Nextcloud installation in a subdir (like
/nextcloud
), you have to set the SUBDIR
environment variable and also add
PathPrefixStrip:/nextcloud
to your frontend rule if you use Traefik. Do not
forget to remove includeSubDomains
option in HSTS_HEADER
if used.
Want to contribute? Awesome! The most basic way to show your support is to star the project, or to raise issues. You can also support this project by becoming a sponsor on GitHub or by making a PayPal donation to ensure this journey continues indefinitely!
Thanks again for your support, it is much appreciated! 🙏
MIT. See LICENSE
for more details.