Remember Traefik?
I wrote about working with a charity, we need file sharing and collaboration work. Nextcloud is collaboration tool. It is as open source developed cloud system written in php and vue.js.
UPDATE: I added a small fix to the docker-compose file added while updating--innodb_read_only_compressed=OFF to the mariadb command.
The charity I am working with was giving me a task: we need file sharing and collaboration work tools to improve the remote work, neat this is my daily Business.
I stumbled over Nextcloud a while ago as I wanted to host my own "dropbox alternative". It is as open source developed cloud system written in PHP and the vue.js framework.
My traefik setup is still working as expected and I can extend my server environment effortless. While setting up all these environments by hand I get an Idea, why google came up with their Borg system and finally with Kubernetes. Well that is a different story.
Read the initial setup here. I extended it by hosting Nextcloud on a different server of mine.
The following is docker-compose.yml setup file.
make sure traefik is running and start this service with docker-compose up -d
version: "3.7"
networks:
db_backend:
traefik_webgateway:
external: true
volumes:
nextcloud:
db:
services:
app:
image: nextcloud
container_name: nextcloud
networks:
- traefik_webgateway
- db_backend
links:
- db
volumes:
- nextcloud:/var/www/html
restart: always
env_file:
- .env
labels:
- "traefik.enable=true"
- "traefik.http.routers.cloud.rule=Host(`${DOMAIN_NEXTCLOUD}`)"
- "traefik.http.routers.cloud.entrypoints=websecure"
- "traefik.http.routers.cloud.tls.certresolver=myresolver"
- "traefik.http.routers.cloud.tls=true"
- "traefik.http.services.cloud.loadbalancer.server.port=80"
- "traefik.docker.network=traefik_webgateway"
db:
image: mariadb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: always
volumes:
- db:/var/lib/mysql
networks:
- db_backend
env_file:
- .env
Nextcloud offers many features and has many add-ons to just download and enable, most of the run out of the box.
Files are easy to use and share. Talk gives the opportunity to chat and have rich feature video calls. The Play Store and Apples App Store offer many apps for several use cases.
Because we will need to share many documents in the charity a priority for me was to enable live editing and collaboration on single files, this might prevent too many versions. It is easier when everyone is having the same information at hand. This doesn't come out of the box.
The research showed that Nextcloud is offering some tools for this use case. I decided to use Onlyoffice, which in turn needs a server to run which Nextcloud will then connect to. Luckily my setup allows me to easily extend features.
I also tried Collabora, which provided an in built server. Unfortunately this will only allow editing of non Microsoft files, as it is based on LibreOffice.
It took me a while to get the connection working, there are still some issues with traefik used as proxy, but many documents showed me that this is a well used practice as you can see here for example.
Onlyoffice is made to provide teams collaboration tools online, we will only use the Docs part of it. If Nextcloud won't be replaced by another simpler service, I will definitely have a look at Onlyoffice Group for a comparison to our use case.
My full docker-compose.yml looks like the following
version: "3.7"
networks:
db_backend:
traefik_webgateway:
external: true
volumes:
nextcloud:
db:
# onlyoffice-document-server
document_data:
document_log:
services:
app:
image: nextcloud
container_name: nextcloud
networks:
- traefik_webgateway
- db_backend
links:
- db
volumes:
- nextcloud:/var/www/html
restart: always
env_file:
- .env
labels:
- "traefik.enable=true"
- "traefik.http.routers.cloud.rule=Host(`${DOMAIN_NEXTCLOUD}`)"
- "traefik.http.routers.cloud.entrypoints=websecure"
- "traefik.http.routers.cloud.tls.certresolver=myresolver"
- "traefik.http.routers.cloud.tls=true"
- "traefik.http.services.cloud.loadbalancer.server.port=80"
- "traefik.docker.network=traefik_webgateway"
# allow to set onlyoffice as local conainer
# command: sudo -u www-data sh -c "php occ --no-warnings config:system:set allow_local_remote_servers --value=true"
onlyoffice-document-server:
container_name: onlyoffice-document-server
image: onlyoffice/documentserver:latest
networks:
- traefik_webgateway
stdin_open: true
tty: true
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.onlyoffice.rule=Host(`${DOMAIN_ONLYOFFICE}`)"
- "traefik.http.routers.onlyoffice.entrypoints=websecure"
- "traefik.http.routers.onlyoffice.tls.certresolver=myresolver"
- "traefik.http.routers.onlyoffice.tls=true"
- "traefik.http.routers.onlyoffice.middlewares=onlyoffice-headers"
- "traefik.http.services.onlyoffice.loadbalancer.server.port=80"
- "traefik.docker.network=traefik_webgateway"
## Middleware definition
# Headers for onlyoffice, https://github.com/ONLYOFFICE/onlyoffice-nextcloud/issues/151
- "traefik.http.middlewares.onlyoffice-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.middlewares.onlyoffice-headers.headers.accesscontrolalloworiginlist=*"
volumes:
- document_data:/var/www/onlyoffice/Data
- document_log:/var/log/onlyoffice
db:
image: mariadb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: always
volumes:
- db:/var/lib/mysql
networks:
- db_backend
env_file:
- .env
To get it working there are two steps to be made, these steps are documented in the official setup repository.
docker exec -u www-data <your-nextcloud-name> php occ --no-warnings config:system:set allow_local_remote_servers --value=trueThe command will directly configure you nextcloud instance with the occ command, which will allow these internal entries to work.
In the settings you will find a section for onlyoffice. Edit the Document Editing Service address to the address you specified in theDOMAIN_ONLYOFFICE environment Variable.
Then go to Advanced server settings and enter your addresses for internal requests. You can use the container names you specified in docker-compose, which will resolve to the internal IP addresses in docker, which is a neat feature.
Let's see how resource management will work if at a time several people will access and work with the nextcloud instance.
Thanks for reading.