Skip to content
/ nextcloud-podman Public

Demo of running nextcloud with rootless podman. Systemd services are generated from quadlets. Containers used: nextcloud, mariadb, redis, nginx

License

MIT license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

eriksjolund/nextcloud-podman

BranchesTags

Repository files navigation

nextcloud-podman

Demo of running nextcloud with rootless podman by using these containers

image
docker.io/library/mariadb:latest
docker.io/library/redis:latest
docker.io/library/nginx:alpine
docker.io/library/nextcloud:fpm

Data is stored in bind mounted volumes under the directory ~/nextcloud-data. All files and directories have the ownership of the regular user on the host. No pods are used. All containers are running in a custom network. Nginx is configured to use socket activation.

status: experimental

Warning

This guide configures nginx to use HTTP. HTTP requests and responses are sent in plaintext to the web browser. This is insecure. For real production use cases, you need to configure nginx to use HTTPS.

Tested with podman 5.3.0-RC1

A minimal test to see that it's possible to log in worked:

  1. sudo useradd test
  2. sudo machinectl shell --uid=test
  3. git clone https://github.com/eriksjolund/nextcloud-podman.git
  4. cd nextcloud-podman
  5. Run command 
    bash install.sh 8080
    The number chosen specifies the port. The command might take a few minutes before it returns because pulling docker.io/library/nextcloud:fpm can take a while.
  6. In a web browser go to http://localhost:8080
  7. Wait until the nextcloud web interface is shown. (Possibly reloading the webpage is required?). This step might take about 5 minutes.
  8. Fill in a username and a password in the create admin account web form.
  9. Log in with the username and password.
  10. Check disk consumption in the bind-mounted directories ~/nextcloud-data 
    $ podman unshare du -sh ~/nextcloud-data/
883M	/var/home/test/nextcloud-data/
$
  11. Verify that all files and directories under ~/nextcloud-data are owned by the regular user on the host 
    $ podman unshare find ~/nextcloud-data -not -user 0
$ podman unshare find ~/nextcloud-data -not -group 0
$
    result: yes, all files and directories under ~/nextcloud-data are owned by the regular user on the host

References

https://github.com/eriksjolund/podman-nginx-socket-activation about: nginx, podman, socket activation

https://github.com/eriksjolund/podman-detect-option about: --userns keep-id:uid=$uid,gid=$gid

containers/podman#20519 This project was created to see if it is possible to run nextcloud in multiple containers (nextcloud, mariadb, redis, nginx) with rootless podman and at the same time only create files and directories that are owned by the regular user on the host. See the discussion for the starting point of the idea.

About

Demo of running nextcloud with rootless podman. Systemd services are generated from quadlets. Containers used: nextcloud, mariadb, redis, nginx

Topics

nginx redis demo systemd nextcloud mariadb socket-activation podman quadlet

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Languages