Hi selfhosted! Hope you’re having a good day :)

I’m pretty new to self-hosting and have been traipsing through a minefield attempting to make NextCloud AIO work inside Docker. The instance runs for a few days/weeks and then starts getting extremely slow on the website, then dies entirely. Usually, either the ClamAV or Apache containers get stuck in an unhealthy state that no number of reboots or reinstalls can fix.

Quick context for how this all works. I have one machine that runs Proxmox and a group of VMs for various purposes. One such VM runs my Nextcloud. This VM is running Ubuntu 23.10, Docker, and the NextCloud AIO package.

Another VM hosts OpenMediaVault, which contains a set of SMB Shares mounted to the host VM that act as storage for NextCloud. The symlinks (I think I’m using that word right) on the host VM have user and group permissions updated according to AIO’s documentation. Proxmox is configured to boot this VM first, then boot the rest in sequence once the files are available.

Right now I’ve got Nextcloud handling Synchronization of Files, Calendars, Contacts, and Kanban boards via the Deck Extension. Everything else can be abandoned at this point, these are the only functions I’m truly using. If this gives you an idea for an alternative app I’d love to hear it.

So after AIO broke for about the 5th time in the 8 months since I started trying to self-host it, I’ve been looking at alternatives. Before I go that route, I want to try installing Nextcloud without Docker. Some of the posts I’ve read here suggest that the Docker distribution of NextCloud has serious issues with stability and safely installing updates.

I plan to make a new VM entirely for this, Distro undecided. I still want to run it as a VM and still use my SMB shares for bulk storage.

So where would I begin if I planned to install NextCloud directly to the VM rather than through Docker?

  • mranderson17@infosec.pub
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    3
    ·
    9 months ago

    Nextcloud AIO is not the only way to run Nextcloud in docker. For example you can use the Nextcloud docker repository and docker-compose for which there are many examples. I’ve been running Nextcloud this way for many years now without any un-recoverable issues, and no issues at all that weren’t caused by me. Upgrading is also very easy since you simply increment the version in docker-compose.yml and restart the service.

    That said the NixOS suggestion from @[email protected] looks really neat and I may try that out soon my self since I’ve never played with NixOS before and it seems like a good excuse to do so.

    • *dust.sys@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      Keeping this in the back pocket in case the NixOS ideas don’t work out, thanks for sharing!

  • redcalcium@lemmy.institute
    link
    fedilink
    English
    arrow-up
    15
    ·
    edit-2
    9 months ago

    Nextcloud is just a php app. As long as you can run postgres and apache, you’re golden. How to do that depends on your distro, but usually just involves installing apache and postgres from your package manager.

    Once you have apache and postgres installed, consult this page on how to run nextcloud. It’s not too hard, just copy nextcloud files to apache directory and edit some configuration file.

    • pete_the_cat@lemmy.world
      link
      fedilink
      English
      arrow-up
      9
      ·
      edit-2
      9 months ago

      You don’t even need Apache, you can run it with Nginx or Caddy, all you need is a webserver that supports interactions with php-fpm.

      • redcalcium@lemmy.institute
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        9 months ago

        Using apache is smoother for beginner though because nextcloud can configure some of the webserver configuration it needs by generating a .htaccess file by itself without user intervention. On nginx you might need to tweak the webserver configuration yourself every once in a while when you update nextcloud, which OP seems to hate to do.

    • *dust.sys@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      The original appeal of the AIO package is that it handles all that for you, but I’m beginning to think this is the only way forward that doesn’t break the bank on hosting costs or break the software on update.

      Sincerely appreciate your input!

      • redcalcium@lemmy.institute
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        9 months ago

        One thing to watch for is file permissions. Just make sure it’s all set to www-data and you’re golden.

        • *dust.sys@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          This is very much what messed up my last install. Errors kept telling me that I needed to update file owners to 33:0, despite having done that on every mount point on the Ubuntu server. I even tried updating the ACLs from inside OpenMediaVault, but no dice. In hindsight I’m pretty sure that was stupid but it was already broken at that point and I was trying anything.

          • redcalcium@lemmy.institute
            link
            fedilink
            English
            arrow-up
            2
            ·
            9 months ago

            Some distro actually do not map www-data user to UID 33, so if you’re on one of those distro, changing file owner to UID 33 won’t help you. Pretty sure Ubuntu use UID 33 though, but I’ve seen people on other distros getting bitten by this. Also, some container systems can remap file ownership when mounting a volume.

  • StrawberryPigtails@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    1
    ·
    9 months ago

    Might look into running NextCloud on NixOS. Haven’t tried it myself yet but noticed NextCloud referenced in NixOS’s documentation pretty heavily. If I remember correctly it was as simple as

    service.nextcloud.enable = true;

    in the configuration.nix file to get it started.

    Linux unplugged had an episode on it recently and said they were surprised how performative it was. Sounded like they were going to be moving their instance over to it.

    • dinckel@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      There’s a little more to it, but that’s how i run it, and my experience has been considerably better, than with the docker AIO. That being said, i’m worried about the potential security implications of this running on my home network. I don’t know enough of this yet to make an educated statement

      • StrawberryPigtails@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        I’m just guessing myself, but I suspect it’s probably ok-ish. NextCloud is probably better security wise than most things I self host.

        Follow security best practices and things should be fine.

        • Don’t expose to the public net anything that doesn’t need to be.
        • Keep it updated.
        • Make sure it can’t see anything it doesn’t need to on your home network.
        • Use strong passwords and don’t reuse them.
        • Keep backups (RAID is not a backup!)
        • *dust.sys@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          3
          ·
          9 months ago

          Gonna be reading into Nixos, this may be the way forward I’m looking for. Thank you both for your responses!

          • 2xsaiko@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            3
            ·
            9 months ago

            Join the Matrix support channel if have any problems getting started! The documentation can be very scattered and NixOS throws a lot of new concepts at you :P

      • halva@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        in theory it should be somewhat more responsive because there’s no sandboxing or containerization going on, nix operates with tools that are much more straightforward

  • Brownian Motion@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    edit-2
    9 months ago

    It’s in their docs. https://docs.nextcloud.com/server/latest/admin_manual/installation/index.html

    Follow the pages one by one, (ie install php modules etc, edit settings, install apache2, edit settings, etc etc). Follow the recommendations (eg. PHP8.2, don’t try to use bleeding edge).

    You’ll be running in no time, and have a properly updatable system using apt, and the nextcloud ./occ command.

    I would recommend using Debian 12 over Ubuntu variants. There are other guides, like this: https://www.digitalocean.com/community/tutorial-collections/how-to-install-and-configure-nextcloud But you may have to “convert” some of the Ubuntu specific stuff to Debian, but actually there is probably no difference (php module naming convention maybe? Is that still a problem today?)

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    4
    ·
    9 months ago

    It can be run in any LAMP stack, after all NC is just a PHP app. The thing is that no matter the setup NC will always be a pile of bugs and misbehave like nothing else.

      • Synestine@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        6
        ·
        edit-2
        9 months ago

        True, but SQLite is not recommended in production settings, and is quite often the source of Nextcloud slowdowns, in my experience. A dedicated DB is the first thing I recommend for a production Nextcloud instance.

        Oh and to be clear, in this instance, “production” means “people depend on this”, be that your family group, team/department, fraternal order, church group, etc. as opposed to “I’m just playing with this thing.”

          • *dust.sys@lemmy.worldOP
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            Long-term plan is that this will be something my immediate and extended family relies on to securely share family photos and make plans among ourselves, so it absolutely needs to not run SQLite. I made that mistake already and fortunately the only one affected was me.

            Thanks everyone!

  • RustyNova@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    3
    ·
    9 months ago

    If you’re willing to use snaps, the next cloud snap is pretty great and easy to set up.

    I’m not a fan of snaps nor how canonical push them, but this one gets a pass

    • terminhell@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      Can confirm, I’ve been using it for about three years now. With some minimal tweaks for my own us case.

      It auto updates itself, can use LetsEncrypt. I’ve had an A to A+ rating from their own security thing. It does usually stay a few minor point releases behind, but that’s never been an issue for me.

      • *dust.sys@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Trying not to learn another deployment scheme, but keeping this on the list. Thank you for sharing!

  • haui@lemmy.giftedmc.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    9 months ago

    I‘m running a stack of containers for nc and it runs without issue. Not saying your experience is invalid but stuff breaks and usually, the solution is either reading or posting issues for the community to fix them. NC has a giant forum which also is helpful. Good luck to you though. :)

  • SayCyberOnceMore@feddit.uk
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    9 months ago

    If this gives you an idea for an alternative app I’d love to hear it.

    I don’t have any direct experiences with kanban, but I ditched nc because I found that no-one used the web UI and it was just a complex file, calendar and contact sync. Replacing nc with syncthing and radicale made no impact to the users and saved me a whole heap of misery upgrading and maintaining nc. If those can support your kanban needs, then… just sayin’…

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    9 months ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    DNS Domain Name Service/System
    Git Popular version control system, primarily for code
    HTTP Hypertext Transfer Protocol, the Web
    LAMP Linux-Apache-MySQL-PHP stack for webhosting
    LXC Linux Containers
    NFS Network File System, a Unix-based file-sharing protocol known for performance and efficiency
    PiHole Network-wide ad-blocker (DNS sinkhole)
    RAID Redundant Array of Independent Disks for mass storage
    SMB Server Message Block protocol for file and printer sharing; Windows-native
    SSH Secure Shell for remote terminal access
    nginx Popular HTTP server

    [Thread #650 for this sub, first seen 1st Apr 2024, 22:35] [FAQ] [Full list] [Contact] [Source code]

  • sfcl33t@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    9 months ago

    I did it from scratch following a guide from Linux Magazine from a few months ago. I had to do some modifying and it was a lot of work, but it runs pretty seamlessly now, so the effort was worth it. I’ll see if I can find it and tell you which month’s issue it was in.

  • pound_heap@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    ·
    9 months ago

    I’m running Nextcloud from a Turnkey LXC template that’s available in Proxmox. Runs solid, I have no complaints for performance or stability. But upgrades are manual and very involved. It’s not too complicated, but there is always something that needs extra attention or troubleshooting. I also wasn’t able to figure out Turnkey migration toolset that they suggest to use for major upgrades, such as to new version of OS.

    • *dust.sys@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      I tried that first, actually. Gave up on it, perhaps too quickly. I’ll give it another peek.

      Thanks for sharing!