Nextcloud Server, a safe home for all your data
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Go to file
Philipp Rothmann e996b5c057
chore: publish 2.1.4+24.0.6-fpm release
5 months ago
.vscode dev: added chellcheck settings for vscode users 2 years ago
releases chore: publish 2.0.0+23.0.4-fpm release 10 months ago
.drone.yml Attempt to ignore mariadb upgrade 2 years ago
.env.sample .env.sample template domain 6 months ago
.gitignore Fix secrets & network definition 3 years ago add note about broken-ness 8 months ago let app container wait for db init 5 months ago
compose.mariadb.yml add postgres db (#26) 10 months ago
compose.postgres.yml let app container wait for db init 5 months ago
compose.yml chore: publish 2.1.4+24.0.6-fpm release 5 months ago let app container wait for db init 5 months ago
fpm-tune.ini Skip those unknown things for php-fpm 2 years ago
my-tune.cnf fix: increase packets to avoid comm timeouts 1 year ago
nginx.conf.tmpl fix frame ancestors 5 months ago
renovate.json Attempt to ignore mariadb upgrade 2 years ago


Build Status

Fully automated luxury Nextcloud via docker-swarm.

  • Category: Apps
  • Status: 2, beta
  • Image: nextcloud, 4, upstream
  • Healthcheck: Yes
  • Backups: No
  • Email: 3
  • Tests: 2
  • SSO: 1 (OAuth)

Basic usage

  1. Set up Docker Swarm and abra
  2. Deploy coop-cloud/traefik
  3. abra app new nextcloud --secrets (optionally with --pass if you'd like to save secrets in pass)
  4. abra app YOURAPPDOMAIN config - be sure to change $DOMAIN to something that resolves to your Docker swarm box
  5. abra app YOURAPPDOMAIN deploy

How do I customise the default home page when logging in?

  • Delete the dashboard app since it is so corporate
  • Follow these docs to set the default files list for each user in the Files app
  • Configure a defaultapp in your config.php or use apporder

Running occ

abra app run --user www-data YOURAPPDOMAIN app occ user:list --help

Upgrading Nextcloud apps

abra app run --user www-data YOURAPPDOMAIN app occ app:update --all

How do I fix a Nextcloud version snafu?

Exception: Updates between multiple major versions and downgrades are unsupported.


  • Look at log files to determine the old Nextcloud version
  • Change your local ~/.abra/recipes/nextcloud/compose.yml to the highest minor version in the old version -- e.g. choose 22.2.5 for 22, if you're upgrading to 23.
  • Then, do one of (both bad):
    1. abra app deploy --chaos ..., then app run to go in and manually lower the version number in PHP (shell in, apt install vim-core && vi version.php), then try php ./occ upgrade
    2. abra app undeploy ..., abra volume rm, CAREFULLY only choose the volume ENDING _nextcloud, then abra app deploy --chaos ..., then edit the compose.yml to add entrypoint: ['tail', '-f', '/dev/null'] to app, then app deploy --chaos again, then app run --user=www-data ... app bash to get in and run ./occ maintenance:repair, and ./occ upgrade.
  • Change compose.yml to the new version number; git checkout compose.yml
  • abra app deploy --force
  • This wasn't even multiplle major versions was it 😾

How do I integrate with Keycloak SSO?

Use this plugin. Unlike the plugin it's forked from, there is no configuration UI, so you'll need to edit /var/www/html/config/config.php:

  'oidc_login_client_id' => 'nextcloud',
  'oidc_login_client_secret' => 'mysecret',
  'oidc_login_provider_url' => '',
  'oidc_login_disable_registration' => false,
  'oidc_login_hide_password_form' => true,
  'oidc_login_button_text' => 'Log in with your myssodomain',
  'oidc_login_default_group' => 'mygroup',
  'oidc_login_attributes' =>
  array (
    'id' => 'sub',
    'name' => 'name',
    'mail' => 'email',
  'oidc_create_groups' => true,

You can use this trick (see "Cryptic Usernames" work-around) to get proper usernames.

If you ever need to change the realm, you'll need to reset the cache with:

docker exec -u www-data <container-id> php occ config:app:delete oidc_login last_updated_well_known
docker exec -u www-data <container-id> php occ config:app:delete oidc_login last_updated_jwks

How do I enable multiple SSO login buttons?

We've been able to get this setup by using the social login plugin.

If using Keycloak, you'll want to do this trick also.

How can I customise the CSS?

There is some basic stuff in the admin settings.

To go a little deeper, you can use this handy app.

Here is an example CSS config which hides the local login and makes space for a central image:

#body-login .wrapper main form[name="login"],
#body-login .wrapper main form[name="login"] ~ a {
  display: none;

#body-login .logo {
  visibility: hidden;

#body-login #alternative-logins a.button[href*="oidc"] {
  background: #233b4a;
  color: #fff;
  transition: all 0.2s ease-in-out;
#body-login #alternative-logins a.button[href*="oidc"]:hover {
  background: linear-gradient(-35deg, #233b4a 40%, #486c83 100%);

#body-login #alternative-logins a.button[href*="/sociallogin/oauth/google"] {
  border: 0;
  color: #db4437 !important;
  background-color: #fff;

  a.button[href*="/sociallogin/oauth/google"]::before {
  width: 25px;
  background-color: #db4437;
  border-radius: 100%;
  background-size: 60%;
  background-position: center;
  height: 25px;
  vertical-align: middle;
  margin-right: 4px;

#body-login main {
  padding: 50vh 0 0 0;

#body-login a[href*="#body-login"] {
  visibility: hidden;

#body-login footer a,
#body-login footer p {
  color: #233b4a;

#body-login footer a:hover {
  color: #fff;

#body-login footer {
  text-shadow: none;

Using previewgenerator app

Beware, this appp has been known to not work...

After you install, enable etc. then you need to run the generation (warning: it can take a long time!):

abra app run <domain> app bash -u www-data
./occ preview:generate-all

To set up the cron to run again, there is no clear solution in the context of containers. So, a pretty dodgy hack is to run it from the system directly: /etc/cron.hourly $ cat foo-com-preview-generate 

docker exec -u www-data $(docker ps -f name=foo_com_app -q) ./occ preview:pre-generate

This app will improve performance of image browsing at the cost of storage space.