The charity I am working with was giving me a task: we need file sharing and collaboration work tools to improve the remote work, neat this is my daily Business.
I stumbled over Nextcloud a while a go as collaboration tool and a "dropbox alternative". It is as open source developed cloud system written in PHP and the vue.js framework.
My traefik setup is still working as expected and I can extend my server environment effortless. While setting up all these environments by hand I get an Idea, why google came up with their Borg system and finally with Kubernetes. Well that is a different story.
Read the initial setup here. I extended it by hosting Nextcloud on a different server of mine.
The following is docker-compose.yml setup file.
make sure traefik is running and start this service with docker-compose up -d
version: "3.7"
networks:
db_backend:
traefik_webgateway:
external: true
volumes:
nextcloud:
db:
services:
app:
image: nextcloud
container_name: nextcloud
networks:
- traefik_webgateway
- db_backend
links:
- db
volumes:
- nextcloud:/var/www/html
restart: always
env_file:
- .env
labels:
- "traefik.enable=true"
- "traefik.http.routers.cloud.rule=Host(`${DOMAIN_NEXTCLOUD}`)"
- "traefik.http.routers.cloud.entrypoints=websecure"
- "traefik.http.routers.cloud.tls.certresolver=myresolver"
- "traefik.http.routers.cloud.tls=true"
- "traefik.http.services.cloud.loadbalancer.server.port=80"
- "traefik.docker.network=traefik_webgateway"
db:
image: mariadb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: always
volumes:
- db:/var/lib/mysql
networks:
- db_backend
env_file:
- .env
Nextcloud offers many features and has many add-ons to just download and enable. Most of the run out of the box. Files are easy to use and easy to share. Talk even gives the opportunity to chat and have rich feature video calls. The Play Store offers many apps for several use cases
Because we will need to share many documents in the charity a priority for me was to enable live editing and collaboration on one single file, to prevent too many versions. It is easier when everyone is having the same information at hand. This doesn't come out of the box.
The research showed that Nextcloud is offering some tools for this use case. I decided to use Onlyoffice, which in turn needs a server to run which Nextcloud will then connect to. Luckily my setup allows me to easily extend features. The other one I tried was Collabora, which provided an in built server. Unfortunately this will only allow editing of non Microsoft files, as it is based on LibreOffice.
It took me a while to get the connection working, there are still some issues with traefik used as proxy, but many documents showed me that this is a well used practice as you can see here for example.
Onlyoffice is made to provide teams collaboration tools online, we will only use the Docs part of it. If Nextcloud will won't be replaced by another simpler service, I will definitely have a look at Onlyoffice Group for a comparison to our use case.
My full docker-compose.yml looks like the following
version: "3.7"
networks:
db_backend:
traefik_webgateway:
external: true
volumes:
nextcloud:
db:
# onlyoffice-document-server
document_data:
document_log:
services:
app:
image: nextcloud
container_name: nextcloud
networks:
- traefik_webgateway
- db_backend
links:
- db
volumes:
- nextcloud:/var/www/html
restart: always
env_file:
- .env
labels:
- "traefik.enable=true"
- "traefik.http.routers.cloud.rule=Host(`${DOMAIN_NEXTCLOUD}`)"
- "traefik.http.routers.cloud.entrypoints=websecure"
- "traefik.http.routers.cloud.tls.certresolver=myresolver"
- "traefik.http.routers.cloud.tls=true"
- "traefik.http.services.cloud.loadbalancer.server.port=80"
- "traefik.docker.network=traefik_webgateway"
# allow to set onlyoffice as local conainer
# command: sudo -u www-data sh -c "php occ --no-warnings config:system:set allow_local_remote_servers --value=true"
onlyoffice-document-server:
container_name: onlyoffice-document-server
image: onlyoffice/documentserver:latest
networks:
- traefik_webgateway
stdin_open: true
tty: true
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.onlyoffice.rule=Host(`${DOMAIN_ONLYOFFICE}`)"
- "traefik.http.routers.onlyoffice.entrypoints=websecure"
- "traefik.http.routers.onlyoffice.tls.certresolver=myresolver"
- "traefik.http.routers.onlyoffice.tls=true"
- "traefik.http.routers.onlyoffice.middlewares=onlyoffice-headers"
- "traefik.http.services.onlyoffice.loadbalancer.server.port=80"
- "traefik.docker.network=traefik_webgateway"
## Middleware definition
# Headers for onlyoffice, https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/151
- "traefik.http.middlewares.onlyoffice-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.middlewares.onlyoffice-headers.headers.accesscontrolalloworigin=*"
volumes:
- document_data:/var/www/onlyoffice/Data
- document_log:/var/log/onlyoffice
db:
image: mariadb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: always
volumes:
- db:/var/lib/mysql
networks:
- db_backend
env_file:
- .env
To get it working there are two steps to be made, these steps are documented in the official setup repository.
Following steps have to be made
docker exec -u www-data <your-nextcloud-name> php occ --no-warnings config:system:set allow_local_remote_servers --value=true
which will allow these internal entries to work.

As you can see the internal addresses are the container names defined in docker-compose.yml, this is a neat feature given by docker.
Let's see how resource management will work if at a time several people will access and work with the nextcloud instance.