BitBucket: https://bitbucket.org/erikbarz/nextclouddockercomposegrafana/src/master GitHub: https://github.com/erikbarz/NextcloudDockerComposeGrafana I am running an Nextcloud-Server since 2016 now. While my masters exam in 2020 I migrated the setup to a cloud-native technology stack. Nextcloud itself offers several examples for docker-compose setups. But anyhow I could not find one that fits my needs:
- Enhanced Logging and Monitoring features with Grafana dashboards and Loki as log-driver
- Portainer added directly in compose-file for container administration
- Traefik instead of Nginx Proxy with Letsencrypt Companion -> 1 Container less, easier maintenance
- naming of containers, networks and volumes so it is clearly understandable
- easy configuration via a central env-file
- Manual / Tutorial incl. all necessary commands, for initial setup but as well for maintenance (updates, start, stop, backup)
- deliver the whole folder structure example
- (almost) no "custom" builds to be as much standard as possible for lower complexity (only needed for grafana to have more plugins)
Link to Original example on Github Account nextcloud/docker: https://github.com/nextcloud/docker/tree/master/.examples/docker-compose/insecure/mariadb-cron-redis/apache/
- Technologie-Stack
- Nextcloud-stack: Overview of Containers / Services / Images inkl. Links:
- Monitoring-stack: Overview of Containers / Services / Images inkl. Links:
- Infrastructure-diagrams
- containers, volumes, networks and mounts:
- networking in detail:
- Monitoring and logging screenshots from grafana
- How to / Step-by-Step manual: prepare the system (ubuntu, docker, compose) and run nextcloud containerized
- How to: Establish enhanced Monitoring and logging
- Nextcloud with Apache Webserver https://hub.docker.com/_/nextcloud/
- Maria DB https://hub.docker.com/_/mariadb
- Traefik Proxy https://hub.docker.com/_/traefik
- Cron Jobs
- Redis in-Memory Cache https://hub.docker.com/_/redis
- Portainer Container Management https://hub.docker.com/r/portainer/portainer-ce
- Prometheus - monitoring DB https://hub.docker.com/r/prom/prometheus
- Prometheus - node exporter https://hub.docker.com/r/prom/node-exporter
- Prometheus - Mysql exporter https://hub.docker.com/r/prom/mysqld-exporter
- Prometheus - Cadvisor https://hub.docker.com/r/google/cadvisor
- Prometheus - Redis exporter https://hub.docker.com/r/oliver006/redis_exporter
- Grafana - monitoring dashboards and logviewer https://hub.docker.com/r/grafana/grafana
- Grafana-Loki log collector https://hub.docker.com/r/grafana/loki
How to / Step-by-Step manual: prepare the system (ubuntu, docker, compose) and run nextcloud containerized
- download 20.04.01 - download rufus portable -> create bootable USB Stick - deutsch, install - Keyboard: German, German - minimal Installation, get OS Updates, get Codecs and drivers - Installationsart / Partitionierung -> "etwas anderes" 1 SSD klein -> HostOS inkl. Bootloader mit ext4 und Mount "/" - establish live Patch -> Ubuntu login - keine Fehlerberichte - keine Ortung - Anzeigeger�te -> Display-Aufl�sung - install updates + restart - App "Laufwerke �ffnen" -> Dateisysteme umbenennen, falls notwendig automatische mounts setzen sudo apt-get install openssh-server sudo service ssh status connection test via bitvise client -> https://docs.docker.com/engine/install/ubuntu/
sudo apt-get update sudo apt-get install \ apt-transport-https \ ca-certificates \ curl \ gnupg-agent \ software-properties-common curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - sudo apt-key fingerprint 0EBFCD88 sudo add-apt-repository \ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable" sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io sudo docker run hello-world -> https://docs.docker.com/compose/install/
sudo curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose docker-compose --version apt-get update apt-get install apache2-utils if already existing and only migrating to a new host -> recover var and opt folders
sudo docker plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions opt/docker-compose.env opt/docker-compose-files/nextcloud/traefik/traefik.yml var/docker-volumes/nextcloud_nextcloud/_data/config/config.php sudo mount --bind /media/SSD-Data/var/docker-volumes /var/lib/docker/volumes chmod 600 /media/SSD-Data/opt/docker-compose-files/nextcloud/traefik/acme.json sudo docker network create nextcloud_proxy sudo docker network create nextcloud_backend cd /media/SSD-Data/var/docker-volumes/nextcloud_nextcloud/_data/ chown -R www-data:www-data * sudo bash /media/SSD-Data/opt/scripts/nextcloud_start.sh Trafik call URL in browser http://hostname_internal:8080 have a look at service status -> no errors should be displayed Portainer call URL in browser https://hostname_internal:9001 or http://hostname_internal:9000 create admin user, connect local runtime have a look at running containers -> no errors should be displayed Nextcloud internal and external call URL in browser https://hostname_internal or http://hostname_internal call URL in browser https://hostname_external or http://hostname_external sudo docker exec -u www-data nextcloud-apache-webserver php occ db:add-missing-indices sudo docker exec -u www-data nextcloud-apache-webserver php occ db:convert-filecache-bigint sudo docker exec -u www-data nextcloud-apache-webserver php occ db:add-missing-columns - Documents
- calendar
- contacts
- Lists / tasks
- Browser
- Windows
- iOS / Android
- configure Mailing -> SMTP Server etc. , so admin Mails can be sent
- save all passwords in a password save e.g. Keypass DB OS ...
- Install App Admin Quota , aktivate, configure
- init backup with backintime and as tar-files
- router e.g. Fritz-Box setup open ports restart save config as file
- install and activate 2 Factor Login App / OTP for all users
https://goneuland.de/nextcloud-server-mit-docker-compose-und-traefik-installieren/#6_3_Nextcloud_komplett_auf_HTTPs_umstellen https://goneuland.de/traefik-v2-https-verschluesselung-sicherheit-verbessern/ https://goneuland.de/traefik-v2-reverse-proxy-fuer-docker-unter-debian-10-einrichten/ in the Wiki section you can find many useful commands for maintenance -> how to start, stop, update etc. https://bitbucket.org/erikbarz/nextclouddockercomposegrafana/wiki/Home call URL in browser https://hostname_internal:9091 or http://hostname_internal:9090 have a look at targets section -> all the configured metrics data sources should be active and running login to maria db sudo docker exec -it mariadb bash mysql -u root -pROOTPASSWORD the user "exporter" must be created with the password you set in env-file CREATE USER 'exporter'@'%' IDENTIFIED BY 'nc-db-exporterpw' WITH MAX_USER_CONNECTIONS 5; GRANT PROCESS, REPLICATION CLIENT ON *.* TO 'exporter'@'%'; GRANT SELECT ON performance_schema.* TO 'exporter'@'%'; restart whole project sudo bash /media/SSD-Data/opt/scripts/nextcloud_restart.sh call URL in browser https://hostname_internal:3001 or http://hostname_internal:3000 login via admin:admin and change password create data source for prometheus -> http://mon_prometheus:9090 create data source for loki -> http://loki:3100 import all the dashboards from opt/docker-compose-files/monitoring/grafana Login to grafana container sudo docker exec -it grafana-monitoring-dashboards bash grafana-cli plugins install grafana-piechart-panel exit docker container restart grafana-monitoring-dashboards install app Auditlog change loglevel -> https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/logging_configuration.html cd var/docker-volumes/nextcloud_nextcloud/_data/config/ https://teqqy.de/docker-monitoring-mit-prometheus-und-grafana/