Setting Up Nextcloud with Docker, Portainer, Cloudflare Tunnel, and Uptime Kuma on a Raspberry Pi (No Port Forwarding Needed)
Index
- Prerequisites
- Setting Up Docker
- Installing and Configuring Portainer
- Creating Nextcloud Data Directories
- Setting Up Nextcloud and MariaDB with Docker Compose
- Configuring MariaDB
- Setting Up Nextcloud
- Configuring Cloudflare Tunnel for HTTPS
- Update Nextcloud Configuration
- Fixing Nextcloud Errors
- Enabling Large File Uploads
- Setting Up Cron Jobs with Uptime Kuma
1. Prerequisites
- Raspberry Pi
- A domain name added to Cloudflare
- Internet connection
- Access to Raspberry Pi via SSH
2. Setting Up Docker
Update and Upgrade System
sudo apt update && sudo apt upgrade -y
Install Docker
curl -sSL https://get.docker.com | sh
Add User to Docker Group
sudo usermod -aG docker $USER && logout
Log Back In
Log back into your Raspberry Pi and verify if the docker group is added:
groups
Verify Docker Installation
docker run hello-world
3. Installing and Configuring Portainer
Install Portainer
sudo docker pull portainer/portainer-ce:latest && sudo docker run -d -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
4. Creating Nextcloud Data Directories
Create Necessary Directories
sudo mkdir -p /srv/nextcloud_data/html /srv/nextcloud_data/apps /srv/nextcloud_data/config /srv/nextcloud_data/data /srv/nextcloud_data/themes/your_custom_theme /srv/nextcloud_data/db
5. Setting Up Nextcloud and MariaDB with Docker Compose
Access Portainer
Open Portainer in your browser by navigating to http://[PI_IP_ADDRESS]:9000. Create an account and select the local Docker environment.
Create a New Stack
In Portainer, navigate to “Stacks” and click “Add stack”. Name your stack (e.g., nextcloud).
Docker Compose Configuration
Copy the following Docker Compose file into the editor:
version: "2"
services:
app:
depends_on:
- db
environment:
- MYSQL_PASSWORD=<Password Here>
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=db
image: nextcloud
links:
- db
ports:
- "8080:80"
restart: always
volumes:
- "/srv/nextcloud_data/html:/var/www/html"
- "/srv/nextcloud_data/apps:/var/www/html/custom_apps"
- "/srv/nextcloud_data/config:/var/www/html/config"
- "/srv/nextcloud_data/data:/var/www/html/data"
db:
command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW"
environment:
- MYSQL_ROOT_PASSWORD=<Password Here>
- MYSQL_PASSWORD=<Password Here>
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
image: mariadb:11.4.2
restart: always
ports:
- "3306:3306"
volumes:
- "/srv/nextcloud_data/db:/var/lib/mysql"
Change the passwords and usernames for security purposes, then click “Deploy the stack”.
6. Configuring MariaDB
Access the MariaDB Container
docker exec -it [db_container_id] /bin/bash
Update and Upgrade Packages
apt update && apt upgrade -y
Install MySQL Client
apt install mysql-client -y
Log into MySQL
mysql -u root
If that didn’t work try and enter the password for root user
mysql -u root -p
Execute SQL Commands
CREATE USER 'nextcloud'@'%' IDENTIFIED BY '<Password Here>';
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'%';
FLUSH PRIVILEGES;
SELECT User, Host FROM mysql.user;
EXIT;
Restart MariaDB Container
Restart the MariaDB Container from the Portainer
7. Setting Up Nextcloud
Access Nextcloud Setup Page
Navigate to http://[PI_IP_ADDRESS]:8080 in your browser. Follow the setup instructions to create an admin account and log in.
8. Configuring Cloudflare Tunnel for HTTPS
Log into Cloudflare
Log in to Cloudflare and select your domain.
Clean Up DNS Records
Navigate to DNS settings and clean up non-useful DNS records.
Set SSL/TLS to “Full”
Go to the SSL/TLS section and set it to “Full”.
Create a New Tunnel
Log in to the Zero Trust Dashboard, create a new tunnel, and select Docker as the method. Copy the provided command.
Run Cloudflare Command
docker run cloudflare/cloudflared:latest [command_provided_by_cloudflare]
Go to Portainer and navigate to Containers. Look for a container with an image named cloudflare/cloudflared:latest.
Confirm the container name (e.g., upbeat_tesla) and open it.
Duplicate and Edit the container:
- Go to Restart Policy and select
alwaysif it is currently set tonever. - Click on Deploy the Container and then Restart.
After deploying and restarting, you may notice that the process on your Raspberry Pi command line has stopped with the message “INF Metrics server stopped.” This is expected and indicates that the container is properly set up.
Configure Tunnel
In the Cloudflare dashboard, configure the tunnel:
- Subdomain
- Domain
- Service Type: HTTP
- URL: [PI_IP_ADDRESS]:8080
Ensure the following settings are enabled:
- Disable Chunked Encoding
- No Happy Eyeballs
Verify the Tunnel
In your browser, navigate to subdomain.domain. If you see an error page, it indicates that the tunnel is successfully working.
9. Update Nextcloud Configuration
Access the Nextcloud container using the following command:
docker exec -it <container_id> /bin/bash
Replace <container_id> with your actual Nextcloud container ID.
Run the following commands inside the container:
apt update
apt install nano
nano /var/www/html/config/config.php
Edit the config.php file as follows:
Before:
array (
0 => '[PI_IP_ADDRESS]:8080',
),
After (using your subdomain.domain, e.g., cloud.nemesis.in.net):
array (
0 => '[PI_IP_ADDRESS]:8080',
1 => 'subdomain.domain',
),
Also add the following lines after ('installed' => true,):
'overwriteprotocol' => 'https',
'default_phone_region' => 'IN',
'enable_previews' => true,
'skeletondirectory' => '',
Save the file in Nano by pressing CTRL + O, then Enter, and then CTRL + X.
Exit the container:
exit
Restart Nextcloud Container
Restart the NextCloud Container from the Portainer
After the restart, navigate to subdomain.domain in your browser. You should see the Nextcloud login page, indicating a successful setup.
10. Fixing Nextcloud Errors
Access the Nextcloud container using the following command:
docker exec -it <container_id> /bin/bash
Navigate to root directory
cd /
Fix “Strict-Transport-Security” Error
Edit Apache configuration files to set the HSTS header:
nano /etc/apache2/sites-available/000-default.conf
Add the following within the <VirtualHost> block:
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
Do the same for default-ssl.conf if it exists:
nano /etc/apache2/sites-available/default-ssl.conf
Additional Settings
Fix CalDAV and CardDAV Warnings
Edit Apache configuration files to set redirects:
nano /etc/apache2/sites-enabled/000-default.conf
Add the following lines:
Redirect 301 /.well-known/carddav https://cloud.nemesis.in.net/remote.php/dav
Redirect 301 /.well-known/caldav https://cloud.nemesis.in.net/remote.php/dav
Redirect 301 /.well-known/webdav https://cloud.nemesis.in.net/remote.php/dav
Redirect 301 /.well-known/webfinger https://cloud.nemesis.in.net/index.php
Redirect 301 /.well-known/nodeinfo https://cloud.nemesis.in.net/index.php
Restart Nextcloud Container
Restart the NextCloud Container from the Portainer
11. Enabling Large File Uploads
Edit .htaccess File
nano /var/www/html/.htaccess
Add the following lines at the top:
php_value upload_max_filesize 16G
php_value post_max_size 16G
php_value max_input_time 3600
php_value max_execution_time 3600
php_value memory_limit 2048M
Restart Nextcloud Container
Restart the NextCloud Container from the Portainer
12. Setting Up Cron Jobs with Uptime Kuma
Install Uptime Kuma
Create a new stack in Portainer named uptime and paste the following Docker Compose file:
version: '3.3'
volumes:
uptimekuma:
services:
uptime-kuma:
image: louislam/uptime-kuma
container_name: uptime-kuma
volumes:
- uptimekuma:/app/data
ports:
- 3001:3001
Deploy the stack.
Access Uptime Kuma
Navigate to http://[PI_IP_ADDRESS]:3001 and create an admin account.
Add a New Monitor
In Uptime Kuma, add a new monitor:
- Monitor Type: HTTP(s)
- Friendly Name: NextCloud
- URL:
https://subdomain.domain/cron.php - Heartbeat Interval: 60
Save and monitor the cron job.
By following these steps, you’ve successfully set up Nextcloud on your Raspberry Pi using Docker and Portainer, secured it with a Cloudflare tunnel, and ensured consistent performance monitoring with Uptime Kuma. This setup not only provides you with a robust, self-hosted cloud storage solution but also enhances security and reliability through the use of modern tools and practices. Enjoy your new, secure, and efficient Nextcloud instance!