docker.recipes

Nextcloud Complete Stack

advanced

Full Nextcloud deployment with collabora, talk, and office suite.

Overview

Nextcloud is a comprehensive self-hosted productivity platform that emerged as a fork of ownCloud in 2016, providing organizations with complete control over their file storage, collaboration, and communication infrastructure. Built to replace proprietary cloud services like Google Workspace or Microsoft 365, Nextcloud offers file synchronization, collaborative document editing, video conferencing, calendar management, and an extensive app ecosystem while maintaining data sovereignty and privacy. This complete stack orchestrates six critical components to deliver enterprise-grade Nextcloud functionality: NGINX serves as the high-performance reverse proxy handling SSL termination and static file delivery, MariaDB provides robust relational database storage for user data and metadata, Redis accelerates performance through in-memory caching and session management, Collabora Online enables real-time collaborative document editing within the browser, and Coturn operates as a TURN server ensuring reliable peer-to-peer connections for Nextcloud Talk video calls even behind NAT and firewalls. Organizations seeking complete digital sovereignty, educational institutions requiring GDPR-compliant collaboration tools, and businesses needing integrated file storage with office suite capabilities will find this stack invaluable. The combination delivers production-ready functionality that rivals commercial cloud platforms while maintaining full administrative control, making it ideal for privacy-conscious enterprises, government agencies, healthcare organizations bound by data residency requirements, and technical teams building internal collaboration infrastructure.

Key Features

  • File synchronization across desktop, mobile, and web clients with conflict resolution
  • Real-time collaborative document editing through integrated Collabora Online office suite
  • Nextcloud Talk video conferencing with TURN server support for NAT traversal
  • High-performance file serving via NGINX with HTTP/2 support and static asset optimization
  • MariaDB Galera-ready database backend with READ-COMMITTED isolation for Nextcloud compatibility
  • Redis-powered file locking, session storage, and distributed caching for multi-instance deployments
  • App ecosystem integration supporting calendar, contacts, mail, and 200+ community applications
  • End-to-end encryption for files with server-side encryption and client-side key management

Common Use Cases

  • 1Enterprise file sharing replacement for Dropbox Business or Google Drive with on-premises data control
  • 2Educational institutions providing students and faculty with FERPA-compliant collaboration tools
  • 3Healthcare organizations requiring HIPAA-compliant document storage and secure patient data sharing
  • 4Government agencies needing classified data handling with air-gapped deployment capabilities
  • 5Remote teams requiring integrated video conferencing, file sharing, and collaborative document editing
  • 6Software development teams needing project file storage with version control and team communication
  • 7Small businesses seeking cost-effective office suite alternatives with customer data privacy

Prerequisites

  • Minimum 4GB RAM recommended (2GB+ for Nextcloud, 1GB+ for MariaDB, 512MB+ for Redis/Collabora)
  • Available ports 80, 443, 9980 for web services and 3478 TCP/UDP for TURN server functionality
  • Valid SSL certificates and domain name configuration for trusted domain security
  • Docker Compose version 3.8+ with volume mount permissions for persistent data storage
  • Basic understanding of Nextcloud administration for app installation and user management
  • Network firewall configuration allowing WebRTC traffic for Nextcloud Talk functionality

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  nextcloud: 
3    image: nextcloud:28-fpm
4    container_name: nextcloud
5    environment: 
6      - MYSQL_HOST=db
7      - MYSQL_DATABASE=nextcloud
8      - MYSQL_USER=nextcloud
9      - MYSQL_PASSWORD=${DB_PASSWORD}
10      - REDIS_HOST=redis
11      - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN}
12      - OVERWRITEPROTOCOL=https
13    volumes: 
14      - nextcloud-html:/var/www/html
15      - nextcloud-data:/var/www/html/data
16    depends_on: 
17      - db
18      - redis
19    networks: 
20      - nextcloud-network
21    restart: unless-stopped
22
23  nginx: 
24    image: nginx:alpine
25    container_name: nextcloud-nginx
26    volumes: 
27      - ./nginx.conf:/etc/nginx/nginx.conf:ro
28      - nextcloud-html:/var/www/html:ro
29    ports: 
30      - "80:80"
31      - "443:443"
32    depends_on: 
33      - nextcloud
34    networks: 
35      - nextcloud-network
36    restart: unless-stopped
37
38  db: 
39    image: mariadb:10.11
40    container_name: nextcloud-db
41    environment: 
42      - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASSWORD}
43      - MYSQL_DATABASE=nextcloud
44      - MYSQL_USER=nextcloud
45      - MYSQL_PASSWORD=${DB_PASSWORD}
46    volumes: 
47      - mariadb-data:/var/lib/mysql
48    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
49    networks: 
50      - nextcloud-network
51    restart: unless-stopped
52
53  redis: 
54    image: redis:7-alpine
55    container_name: nextcloud-redis
56    volumes: 
57      - redis-data:/data
58    networks: 
59      - nextcloud-network
60    restart: unless-stopped
61
62  collabora: 
63    image: collabora/code:latest
64    container_name: nextcloud-collabora
65    environment: 
66      - domain=${NEXTCLOUD_DOMAIN}
67      - username=admin
68      - password=${COLLABORA_PASSWORD}
69      - extra_params=--o:ssl.enable=false --o:ssl.termination=true
70    cap_add: 
71      - MKNOD
72    ports: 
73      - "9980:9980"
74    networks: 
75      - nextcloud-network
76    restart: unless-stopped
77
78  coturn: 
79    image: coturn/coturn:latest
80    container_name: nextcloud-coturn
81    command: -n --log-file=stdout --listening-ip=0.0.0.0 --listening-port=3478 --realm=${NEXTCLOUD_DOMAIN} --static-auth-secret=${TURN_SECRET}
82    ports: 
83      - "3478:3478/tcp"
84      - "3478:3478/udp"
85    networks: 
86      - nextcloud-network
87    restart: unless-stopped
88
89volumes: 
90  nextcloud-html: 
91  nextcloud-data: 
92  mariadb-data: 
93  redis-data: 
94
95networks: 
96  nextcloud-network: 
97    driver: bridge

.env Template

.env
1# Nextcloud Complete
2NEXTCLOUD_DOMAIN=nextcloud.example.com
3DB_PASSWORD=secure_nextcloud_password
4DB_ROOT_PASSWORD=secure_root_password
5COLLABORA_PASSWORD=collabora_admin_password
6
7# Generate with: openssl rand -hex 32
8TURN_SECRET=your_turn_secret_here

Usage Notes

  1. 1Nextcloud at https://localhost
  2. 2Collabora Office integration
  3. 3Nextcloud Talk with TURN server
  4. 4Run occ commands: docker exec nextcloud php occ
  5. 5Enable apps from admin panel

Individual Services(6 services)

Copy individual services to mix and match with your existing compose files.

nextcloud
nextcloud:
  image: nextcloud:28-fpm
  container_name: nextcloud
  environment:
    - MYSQL_HOST=db
    - MYSQL_DATABASE=nextcloud
    - MYSQL_USER=nextcloud
    - MYSQL_PASSWORD=${DB_PASSWORD}
    - REDIS_HOST=redis
    - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN}
    - OVERWRITEPROTOCOL=https
  volumes:
    - nextcloud-html:/var/www/html
    - nextcloud-data:/var/www/html/data
  depends_on:
    - db
    - redis
  networks:
    - nextcloud-network
  restart: unless-stopped
nginx
nginx:
  image: nginx:alpine
  container_name: nextcloud-nginx
  volumes:
    - ./nginx.conf:/etc/nginx/nginx.conf:ro
    - nextcloud-html:/var/www/html:ro
  ports:
    - "80:80"
    - "443:443"
  depends_on:
    - nextcloud
  networks:
    - nextcloud-network
  restart: unless-stopped
db
db:
  image: mariadb:10.11
  container_name: nextcloud-db
  environment:
    - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASSWORD}
    - MYSQL_DATABASE=nextcloud
    - MYSQL_USER=nextcloud
    - MYSQL_PASSWORD=${DB_PASSWORD}
  volumes:
    - mariadb-data:/var/lib/mysql
  command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW"
  networks:
    - nextcloud-network
  restart: unless-stopped
redis
redis:
  image: redis:7-alpine
  container_name: nextcloud-redis
  volumes:
    - redis-data:/data
  networks:
    - nextcloud-network
  restart: unless-stopped
collabora
collabora:
  image: collabora/code:latest
  container_name: nextcloud-collabora
  environment:
    - domain=${NEXTCLOUD_DOMAIN}
    - username=admin
    - password=${COLLABORA_PASSWORD}
    - extra_params=--o:ssl.enable=false --o:ssl.termination=true
  cap_add:
    - MKNOD
  ports:
    - "9980:9980"
  networks:
    - nextcloud-network
  restart: unless-stopped
coturn
coturn:
  image: coturn/coturn:latest
  container_name: nextcloud-coturn
  command: "-n --log-file=stdout --listening-ip=0.0.0.0 --listening-port=3478 --realm=${NEXTCLOUD_DOMAIN} --static-auth-secret=${TURN_SECRET}"
  ports:
    - 3478:3478/tcp
    - 3478:3478/udp
  networks:
    - nextcloud-network
  restart: unless-stopped

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  nextcloud:
5    image: nextcloud:28-fpm
6    container_name: nextcloud
7    environment:
8      - MYSQL_HOST=db
9      - MYSQL_DATABASE=nextcloud
10      - MYSQL_USER=nextcloud
11      - MYSQL_PASSWORD=${DB_PASSWORD}
12      - REDIS_HOST=redis
13      - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_DOMAIN}
14      - OVERWRITEPROTOCOL=https
15    volumes:
16      - nextcloud-html:/var/www/html
17      - nextcloud-data:/var/www/html/data
18    depends_on:
19      - db
20      - redis
21    networks:
22      - nextcloud-network
23    restart: unless-stopped
24
25  nginx:
26    image: nginx:alpine
27    container_name: nextcloud-nginx
28    volumes:
29      - ./nginx.conf:/etc/nginx/nginx.conf:ro
30      - nextcloud-html:/var/www/html:ro
31    ports:
32      - "80:80"
33      - "443:443"
34    depends_on:
35      - nextcloud
36    networks:
37      - nextcloud-network
38    restart: unless-stopped
39
40  db:
41    image: mariadb:10.11
42    container_name: nextcloud-db
43    environment:
44      - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASSWORD}
45      - MYSQL_DATABASE=nextcloud
46      - MYSQL_USER=nextcloud
47      - MYSQL_PASSWORD=${DB_PASSWORD}
48    volumes:
49      - mariadb-data:/var/lib/mysql
50    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
51    networks:
52      - nextcloud-network
53    restart: unless-stopped
54
55  redis:
56    image: redis:7-alpine
57    container_name: nextcloud-redis
58    volumes:
59      - redis-data:/data
60    networks:
61      - nextcloud-network
62    restart: unless-stopped
63
64  collabora:
65    image: collabora/code:latest
66    container_name: nextcloud-collabora
67    environment:
68      - domain=${NEXTCLOUD_DOMAIN}
69      - username=admin
70      - password=${COLLABORA_PASSWORD}
71      - extra_params=--o:ssl.enable=false --o:ssl.termination=true
72    cap_add:
73      - MKNOD
74    ports:
75      - "9980:9980"
76    networks:
77      - nextcloud-network
78    restart: unless-stopped
79
80  coturn:
81    image: coturn/coturn:latest
82    container_name: nextcloud-coturn
83    command: -n --log-file=stdout --listening-ip=0.0.0.0 --listening-port=3478 --realm=${NEXTCLOUD_DOMAIN} --static-auth-secret=${TURN_SECRET}
84    ports:
85      - "3478:3478/tcp"
86      - "3478:3478/udp"
87    networks:
88      - nextcloud-network
89    restart: unless-stopped
90
91volumes:
92  nextcloud-html:
93  nextcloud-data:
94  mariadb-data:
95  redis-data:
96
97networks:
98  nextcloud-network:
99    driver: bridge
100EOF
101
102# 2. Create the .env file
103cat > .env << 'EOF'
104# Nextcloud Complete
105NEXTCLOUD_DOMAIN=nextcloud.example.com
106DB_PASSWORD=secure_nextcloud_password
107DB_ROOT_PASSWORD=secure_root_password
108COLLABORA_PASSWORD=collabora_admin_password
109
110# Generate with: openssl rand -hex 32
111TURN_SECRET=your_turn_secret_here
112EOF
113
114# 3. Start the services
115docker compose up -d
116
117# 4. View logs
118docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/nextcloud-complete/run | bash

Troubleshooting

  • Trusted domain error on first access: Add your domain to NEXTCLOUD_TRUSTED_DOMAINS environment variable and restart container
  • Collabora connection failed in Nextcloud: Verify port 9980 accessibility and set Collabora server URL to http://collabora:9980 in Nextcloud Office settings
  • Video calls failing to connect: Check coturn container logs for TURN authentication and ensure UDP port 3478 is properly forwarded through firewalls
  • Database connection errors during setup: Confirm MariaDB container fully initialized by checking logs for 'ready for connections' before starting Nextcloud
  • Redis connection warnings in Nextcloud logs: Verify Redis container accessibility and configure file locking in Nextcloud config.php with 'filelocking.enabled' => true
  • File upload failures or timeouts: Increase PHP memory limits and max file size in Nextcloud container or adjust NGINX client_max_body_size directive

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

nextcloudnginxmariadbrediscollaboracoturn

Tags

#nextcloud#file-sharing#collaboration#office#storage

Category

Storage & Backup

Related Recipes

Ad Space