How to setup caddy container for Nextcloud:fpm-alpine

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
,
1

Hello, i am trying to set up nextcloud:fpm-alpine in a pod rootless environment with podman, but i am not getting loock reaching it.

Here is the script to setup the enviromente:

#!/usr/bin/env bash
# -*- coding: utf-8 -*-
# shellcheck disable=SC1083

# Dependencies
zypper in -y podman systemd-container

# NAMES
USER_NAME="cloud"

if ! id -u "${USER_NAME}" &>/dev/null; then
    useradd -Uc "${USER_NAME} Daemon" -m "${USER_NAME}"
    loginctl enable-linger "${USER_NAME}"
fi

machinectl shell "${USER_NAME}"@

## Container Setup Database
# shellcheck disable=SC2016
cp -R /usr/share/containers "${HOME}"/.config/
sed -i '0,/"journald"/s,,"k8s-file",' "${HOME}"/.config/containers/containers.conf

# ================= #
# ===Environment=== #
# ================= #

POD_NAME="podCloud"
DB_NAME="pg-cloud"
CLOUD_NAME="cloud"
VOL="/opt/cloud"
NET="nextcloud"

podman rm -af --volumes && podman secret rm -a && podman volume prune -f && podman unshare rm -rf "${HOME}".enc/ /opt/cloud/* && podman network rm ${NET}

# =================== #
# ===Miscellaneous=== #
# =================== #

# Secret Setup
mkdir -m 700 "${HOME}"/.enc
openssl rand -base64 32 >"${HOME}"/.enc/pgpass
PGSECRET=$(podman secret create pgpass "${HOME}"/.enc/pgpass)
openssl rand -base64 32 >"${HOME}"/.enc/pgapp
PGAPPSECRET=$(podman secret create pgapp "${HOME}"/.enc/pgapp)
# CLOUDSECRET=$(openssl rand -base64 32 | podman secret create pgsecret -)

# ============= #
# ===Volumes=== #
# ============= #

# Cloud Management
folders=(
    "html"
    "config"
    "data"
)

paths="${VOL}/cloud"
for d in "${folders[@]}"; do
    if [ ! -d "${paths}/${d}" ]; then
        mkdir -p "${paths}/${d}"
    fi
    podman volume create \
        -o type=none \
        -o device="${paths}/${d}" \
        -o o=bind \
        "${d}"
done

# DB Management
folders=(
    "pgdata"

)

paths="${VOL}/pgdb"
for d in "${folders[@]}"; do
    if [ ! -d "${paths}/${d}" ]; then
        mkdir -p "${paths}/${d}"
    fi
    podman volume create \
        -o type=none \
        -o device="${paths}/${d}" \
        -o o=bind \
        "${d}"
done

# Caddy Management
folders=(
    "caddy_data"
    "caddy_config"
    "caddy_etc"
    "caddy_log"
)

paths="${VOL}/caddy"
for d in "${folders[@]}"; do
    if [ ! -d "${paths}/${d}" ]; then
        mkdir -p "${paths}/${d}"
    fi
    if ! podman volume inspect "${d}" &>/dev/null; then
        podman volume create \
            -o type=none \
            -o device="${paths}/${d}" \
            -o o=bind \
            "${d}"
    fi
done

# ============= #
# ===Network=== #
# ============= #

podman network create "${NET}"

# =============== #
# ===POD_Cloud=== #
# =============== #

podman pod create \
    --replace \
    --restart unless-stopped \
    --network "${NET}" \
    -n "${POD_NAME}" \
    -p 8080:80 \
    -v pgdata:/data/postgresql \
    -v html:/var/www/html \
    -v config:/var/www/html/config \
    -v data:/opt/data \
    -v caddy_data:/data \
    -v caddy_config:/config \
    -v caddy_etc:/etc/caddy \
    -v caddy_log:/var/log/caddy

# ========================= #
# ===Database_PostgreSQL=== #
# ========================= #

# pgSQL_Apps Container
podman run -d \
    --pod podCloud \
    --replace \
    --pull=newer \
    --label "io.containers.autoupdate=registry" \
    --restart unless-stopped \
    --name "${DB_NAME}" \
    --secret "${PGSECRET}" \
    -e PGDATA=/data/postgresql \
    -e POSTGRES_PASSWORD=/var/run/"$(podman secret inspect --format {{.Spec.Name}} "${PGSECRET}" | grep -vE "^$")" \
    docker.io/postgres:latest

sleep 20s
podman exec -it -u postgres "${DB_NAME}" psql -c "CREATE USER cloud WITH PASSWORD '$(podman secret inspect --format {{.SecretData}} --showsecret "${PGAPPSECRET}" | grep -vE "^$")';" &&
    podman exec -it -u postgres "${DB_NAME}" psql -c "CREATE DATABASE cloud OWNER cloud;" &&
    podman exec -it -u postgres "${DB_NAME}" psql -c "GRANT ALL PRIVILEGES ON DATABASE cloud TO cloud;"

# =============== #
# ===NextCloud=== #
# =============== #

podman run -d \
    --pod podCloud \
    --replace \
    --pull newer \
    --label "io.containers.autoupdate=registry" \
    --restart unless-stopped \
    --name "${CLOUD_NAME}" \
    --secret "${PGSECRET}" \
    -e POSTGRES_DB=cloud \
    -e POSTGRES_USER=cloud \
    -e POSTGRES_PASSWORD=/var/run/"$(podman secret inspect --format {{.Spec.Name}} "${PGSECRET}" | grep -vE "^$")" \
    -e POSTGRES_HOST=localhost \
    -e NEXTCLOUD_DATA_DIR=/opt/data \
    -e NEXTCLOUD_TRUSTED_DOMAINS=contraProcuratorem \
    -e NEXTCLOUD_INIT_HTACCESS=true \
    -e PHP_MEMORY_LIMIT=1024M \
    -e APACHE_DISABLE_REWRITE_IP=1 \
    docker.io/nextcloud:fpm-alpine

# ================ #
# ===Rev. Proxy=== #
# ================ #

cat >"$paths/${folders[2]}"/Caddyfile <<EOF
{
    # Server Options
    auto_https off
}

* {
    reverse_proxy ${CLOUD_NAME}:9000
    log {
        output file /var/log/caddy/cloud.log
        level ERROR
    }
}
EOF

podman run -d \
    --pod podCloud \
    --replace \
    --pull=newer \
    --restart unless-stopped \
    --label "io.containers.autoupdate=registry" \
    --cap-add=NET_ADMIN \
    --name contraProcuratorem \
    docker.io/caddy:latest

podman logs -f contraProcuratorem
2

Please take a look at this guide:

3

Thanks, but not working when setting the domain, here is a update of the script, is more functional, but when a domain is assigned to the caddy it would not load the nextcloud, or nextcloud wont response correctly:

4

I’m sorry I’m not going to troubleshoot your rather complex script.

Please isolate a problem and provide the smallest example you can reproduce the issue so we can find the reason. I would recommend you start with simple working example and add complexity step by step until it brakes.