{"id":773,"date":"2018-11-06T18:59:23","date_gmt":"2018-11-06T16:59:23","guid":{"rendered":"https:\/\/lisas.de\/~adrian\/posts\/2018-Nov-06-nextcloud-in-a-container.html"},"modified":"2026-03-30T22:41:24","modified_gmt":"2026-03-30T20:41:24","slug":"nextcloud-in-a-container","status":"publish","type":"post","link":"https:\/\/lisas.de\/luges\/index.php\/2018\/11\/06\/nextcloud-in-a-container\/","title":{"rendered":"Nextcloud in a Container"},"content":{"rendered":"

After using Podman a lot during the last weeks while adding checkpoint\/restore support to Podman<\/a> I was finally ready to use containers in production on our mirror server<\/a>. We were still running the ownCloud version that came via RPMs in Fedora 27 and it seems like many people have moved on to Nextcloud from tarballs.<\/p>\n

One of the main reason to finally use containers is Podman’s daemonless approach.<\/p>\n

The first challenge while moving from ownCloud 9.1.5 to Nextcloud 14 is the actual upgrade. To make sure it works I first made a copy of all the uploaded files and of the database and did a test upgrade yesterday using a CentOS 7 VM. With PHP 7 from Software Collections it was not a real problem. It took some time, but it worked. I used the included upgrade utility to upgrade from ownCloud 9 to Nextcloud 10, to Nextcloud 11, to Nextcloud 12, to Nextcloud 13, to Nextcloud 14. Lots of upgrades. Once I verified that everything was still functional I did it once more, but this time I used the real data and disabled access to our ownCloud instance.<\/p>\n

The next step was to start the container. I decided to use the nextcloud:fpm<\/tt> container as I was planning to use the existing web server to proxy the requests. The one thing which makes using containers on our mirror server a bit difficult, is that it is not possible to use any iptables<\/tt> NAT rules. At some point there are just too many network connections in the NAT table from all the clients connecting to our mirror server that it used to drop network connections. This is a problem which is probably fixed since a long time, but it used to be a problem and I try to avoid it. That is why my Nextcloud container is using the host network namespace:<\/p>\n

\n
<\/span>podman <\/span>run <\/span>--name <\/span>nextcloud-fpm <\/span>-d <\/span>--net <\/span>host <\/span><\/span>  <\/span>-v <\/span>\/home\/containers\/nextcloud\/html:\/var\/www\/html <\/span><\/span>  <\/span>-v <\/span>\/home\/containers\/nextcloud\/apps:\/var\/www\/html\/custom_apps <\/span><\/span>  <\/span>-v <\/span>\/home\/containers\/nextcloud\/config:\/var\/www\/html\/config <\/span><\/span>  <\/span>-v <\/span>\/home\/containers\/nextcloud\/data:\/var\/www\/html\/data <\/span><\/span>  <\/span>nextcloud:fpm <\/pre>\n<\/div>\n
I was reusing my existing config.php<\/tt> in which the connection to PostgreSQL on 127.0.0.1<\/tt> was still configured.<\/p>\n
Once the container was running I just<\/em> had to add the proxy rules to the Apache HTTP Server and it should have been ready. Unfortunately this was not as easy as I hoped it to be. All the documentation I found is about using the Nextcloud FPM container<\/a> with NGINX. I found nothing about Apache’s HTTPD. The following lines required most of the time of the whole upgrade to Nextcloud project:<\/p>\n
\n
<\/span><FilesMatch<\/span> <\/span>.php.*<\/span>><\/span>  <\/span>SetHandler<\/span> <\/span>proxy:fcgi:\/\/127.0.0.1:9000\/  <\/span>ProxyFCGISetEnvIf<\/span> <\/span>"reqenv('REQUEST_URI') =~ m|(\/owncloud\/)(.*)$|"<\/span> <\/span>SCRIPT_FILENAME <\/span>"\/var\/www\/html\/$2"<\/span>  <\/span>ProxyFCGISetEnvIf<\/span> <\/span>"reqenv('REQUEST_URI') =~ m|^(.+.php)(.*)$|"<\/span> <\/span>PATH_INFO <\/span>"$2"<\/span> <\/FilesMatch><\/span> <\/pre>\n<\/div>\n
I hope these lines are actually correct, but so far all clients connecting to it seem to be happy. To have the Nextcloud container automatically start on system startup I based my systemd podman service file on the one from the Intro to Podman article<\/a>.<\/p>\n
\n
<\/span>[Unit]<\/span> Description<\/span>=<\/span>Custom Nextcloud Podman Container<\/span> After<\/span>=<\/span>network.target<\/span> [Service]<\/span> Type<\/span>=<\/span>simple<\/span> TimeoutStartSec<\/span>=<\/span>5m<\/span> ExecStartPre<\/span>=<\/span>-\/usr\/bin\/podman rm nextcloud-fpm<\/span> ExecStart<\/span>=<\/span>\/usr\/bin\/podman run --name nextcloud-fpm --net host <\/span>  <\/span>-v \/home\/containers\/nextcloud\/html:\/var\/www\/html <\/span>  <\/span>-v \/home\/containers\/nextcloud\/apps:\/var\/www\/html\/custom_apps <\/span>  <\/span>-v \/home\/containers\/nextcloud\/config:\/var\/www\/html\/config <\/span>  <\/span>-v \/home\/containers\/nextcloud\/data:\/var\/www\/html\/data <\/span>  <\/span>nextcloud:fpm<\/span> ExecReload<\/span>=<\/span>\/usr\/bin\/podman stop nextcloud-fpm<\/span> ExecReload<\/span>=<\/span>\/usr\/bin\/podman rm nextcloud-fpm<\/span> ExecStop<\/span>=<\/span>\/usr\/bin\/podman stop nextcloud-fpm<\/span> Restart<\/span>=<\/span>always<\/span> RestartSec<\/span>=<\/span>30<\/span> [Install]<\/span> WantedBy<\/span>=<\/span>multi-user.target<\/span> <\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
After using Podman a lot during the last weeks while adding checkpoint\/restore support to Podman I was finally ready to use containers in production on our mirror server. We were still running the ownCloud version that came via RPMs in Fedora 27 and it seems like many people have moved on to Nextcloud from tarballs. […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-773","post","type-post","status-publish","format-standard","hentry","category-luges"],"_links":{"self":[{"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/posts\/773","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/comments?post=773"}],"version-history":[{"count":19,"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/posts\/773\/revisions"}],"predecessor-version":[{"id":1912,"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/posts\/773\/revisions\/1912"}],"wp:attachment":[{"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/media?parent=773"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/categories?post=773"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lisas.de\/luges\/index.php\/wp-json\/wp\/v2\/tags?post=773"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}