docker nextcloud production ready
To upload files, please first save the app
import streamlit as st
import yaml
st.set_page_config(
page_title="Nextcloud Production Docker Setup",
page_icon="☁️",
layout="wide"
)
st.title("☁️ Nextcloud Production Docker Setup")
st.markdown("Generate production-ready Docker configurations for Nextcloud")
# Sidebar configuration
st.sidebar.header("Configuration Options")
# Basic settings
domain = st.sidebar.text_input("Domain", value="nextcloud.example.com")
admin_user = st.sidebar.text_input("Admin Username", value="admin")
admin_password = st.sidebar.text_input("Admin Password", type="password", value="secure_password_123")
# Database settings
db_type = st.sidebar.selectbox("Database Type", ["PostgreSQL", "MySQL", "MariaDB"])
db_password = st.sidebar.text_input("Database Password", type="password", value="db_secure_password_123")
# SSL/TLS settings
ssl_enabled = st.sidebar.checkbox("Enable SSL/TLS", value=True)
ssl_type = st.sidebar.selectbox("SSL Certificate Type", ["Let's Encrypt", "Custom Certificates"]) if ssl_enabled else None
# Storage settings
data_volume = st.sidebar.text_input("Data Volume Path", value="/var/nextcloud/data")
db_volume = st.sidebar.text_input("Database Volume Path", value="/var/nextcloud/db")
# Advanced settings
with st.sidebar.expander("Advanced Settings"):
memory_limit = st.text_input("PHP Memory Limit", value="512M")
upload_limit = st.text_input("Upload Limit", value="16G")
trusted_proxies = st.text_area("Trusted Proxies (one per line)", value="")
redis_enabled = st.checkbox("Enable Redis Cache", value=True)
# Main content
tab1, tab2, tab3, tab4 = st.tabs(["Docker Compose", "Nginx Configuration", "Environment Variables", "Setup Instructions"])
with tab1:
st.header("Docker Compose Configuration")
# Generate docker-compose.yml
compose_config = {
'version': '3.8',
'services': {
'nextcloud': {
'image': 'nextcloud:apache',
'container_name': 'nextcloud',
'restart': 'unless-stopped',
'ports': ['80:80'] if not ssl_enabled else ['80:80', '443:443'],
'volumes': [
f'{data_volume}:/var/www/html',
'./config/php.ini:/usr/local/etc/php/conf.d/nextcloud.ini'
],
'environment': [
f'NEXTCLOUD_ADMIN_USER={admin_user}',
f'NEXTCLOUD_ADMIN_PASSWORD={admin_password}',
f'NEXTCLOUD_TRUSTED_DOMAINS={domain}',
'POSTGRES_HOST=db' if db_type == 'PostgreSQL' else 'MYSQL_HOST=db',
'POSTGRES_DB=nextcloud' if db_type == 'PostgreSQL' else 'MYSQL_DATABASE=nextcloud',
'POSTGRES_USER=nextcloud' if db_type == 'PostgreSQL' else 'MYSQL_USER=nextcloud',
f'POSTGRES_PASSWORD={db_password}' if db_type == 'PostgreSQL' else f'MYSQL_PASSWORD={db_password}',
'REDIS_HOST=redis' if redis_enabled else None
],
'depends_on': ['db', 'redis'] if redis_enabled else ['db']
},
'db': {
'image': 'postgres:13' if db_type == 'PostgreSQL' else 'mariadb:10.6',
'container_name': 'nextcloud-db',
'restart': 'unless-stopped',
'volumes': [f'{db_volume}:/var/lib/postgresql/data' if db_type == 'PostgreSQL' else f'{db_volume}:/var/lib/mysql'],
'environment': [
'POSTGRES_DB=nextcloud' if db_type == 'PostgreSQL' else 'MYSQL_DATABASE=nextcloud',
'POSTGRES_USER=nextcloud' if db_type == 'PostgreSQL' else 'MYSQL_USER=nextcloud',
f'POSTGRES_PASSWORD={db_password}' if db_type == 'PostgreSQL' else f'MYSQL_PASSWORD={db_password}',
'MYSQL_ROOT_PASSWORD=root_password_123' if db_type != 'PostgreSQL' else None
]
}
},
'volumes': {
'nextcloud_data': None,
'db_data': None
},
'networks': {
'nextcloud_network': None
}
}
# Add Redis if enabled
if redis_enabled:
compose_config['services']['redis'] = {
'image': 'redis:alpine',
'container_name': 'nextcloud-redis',
'restart': 'unless-stopped',
'command': 'redis-server --requirepass redis_password_123'
}
# Add Nginx if SSL is enabled
if ssl_enabled:
compose_config['services']['nginx'] = {
'image': 'nginx:alpine',
'container_name': 'nextcloud-nginx',
'restart': 'unless-stopped',
'ports': ['80:80', '443:443'],
'volumes': [
'./nginx/nginx.conf:/etc/nginx/nginx.conf',
'./nginx/ssl:/etc/nginx/ssl',
'/var/log/nginx:/var/log/nginx'
],
'depends_on': ['nextcloud']
}
# Clean up None values
for service in compose_config['services'].values():
if 'environment' in service:
service['environment'] = [env for env in service['environment'] if env is not None]
compose_yaml = yaml.dump(compose_config, default_flow_style=False, sort_keys=False)
st.code(compose_yaml, language='yaml')
st.download_button(
label="Download docker-compose.yml",
data=compose_yaml,
file_name="docker-compose.yml",
mime="text/yaml"
)
with tab2:
st.header("Nginx Configuration")
if ssl_enabled:
nginx_config = f"""events {{
worker_connections 1024;
}}
http {{
upstream nextcloud {{
server nextcloud:80;
}}
server {{
listen 80;
server_name {domain};
return 301 https://$server_name$request_uri;
}}
server {{
listen 443 ssl http2;
server_name {domain};
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
client_max_body_size {upload_limit};
client_body_timeout 300s;
fastcgi_buffers 64 4K;
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
location / {{
proxy_pass http://nextcloud;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}}
location /.well-known/carddav {{
return 301 $scheme://$host/remote.php/dav;
}}
location /.well-known/caldav {{
return 301 $scheme://$host/remote.php/dav;
}}
}}
}}"""
else:
nginx_config = "SSL is not enabled. Nginx configuration not needed for basic setup."
st.code(nginx_config, language='nginx')
if ssl_enabled:
st.download_button(
label="Download nginx.conf",
data=nginx_config,
file_name="nginx.conf",
mime="text/plain"
)
with tab3:
st.header("Environment Variables")
php_ini_content = f"""memory_limit = {memory_limit}
upload_max_filesize = {upload_limit}
post_max_size = {upload_limit}
max_execution_time = 3600
max_input_time = 3600
date.timezone = UTC
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
apc.enable_cli=1"""
st.subheader("PHP Configuration (php.ini)")
st.code(php_ini_content, language='ini')
st.download_button(
label="Download php.ini",
data=php_ini_content,
file_name="php.ini",
mime="text/plain"
)
st.subheader("Environment Variables Summary")
env_vars = {
"NEXTCLOUD_ADMIN_USER": admin_user,
"NEXTCLOUD_ADMIN_PASSWORD": "[HIDDEN]",
"NEXTCLOUD_TRUSTED_DOMAINS": domain,
"DATABASE_TYPE": db_type,
"REDIS_ENABLED": redis_enabled,
"SSL_ENABLED": ssl_enabled,
"UPLOAD_LIMIT": upload_limit,
"MEMORY_LIMIT": memory_limit
}
st.table(env_vars)
with tab4:
st.header("Setup Instructions")
st.markdown("""
## Production Deployment Steps
### 1. Prepare the Server
```bash
# Update system
sudo apt update && sudo apt upgrade -y
# Install Docker and Docker Compose
sudo apt install docker.io docker-compose -y
sudo systemctl enable docker
sudo usermod -aG docker $USER
```
### 2. Create Directory Structure
```bash
mkdir -p /opt/nextcloud/{config,nginx,ssl}
cd /opt/nextcloud
```
### 3. Deploy the Configuration
```bash
# Download the docker-compose.yml file
# Place it in /opt/nextcloud/
# Create the PHP configuration
# Place php.ini in /opt/nextcloud/config/
# If using SSL, place nginx.conf in /opt/nextcloud/nginx/
```
### 4. SSL Certificate Setup
""")
if ssl_enabled and ssl_type == "Let's Encrypt":
st.markdown("""
#### Let's Encrypt Setup
```bash
# Install Certbot
sudo apt install certbot -y
# Generate certificates
sudo certbot certonly --standalone -d """ + domain + """
# Copy certificates to nginx directory
sudo cp /etc/letsencrypt/live/""" + domain + """/fullchain.pem /opt/nextcloud/ssl/cert.pem
sudo cp /etc/letsencrypt/live/""" + domain + """/privkey.pem /opt/nextcloud/ssl/key.pem
# Set up auto-renewal
sudo crontab -e
# Add: 0 12 * * * /usr/bin/certbot renew --quiet
```
""")
elif ssl_enabled and ssl_type == "Custom Certificates":
st.markdown("""
#### Custom Certificate Setup
```bash
# Place your certificate files in /opt/nextcloud/ssl/
# cert.pem - Your SSL certificate
# key.pem - Your private key
# Ensure proper permissions
sudo chown -R root:root /opt/nextcloud/ssl/
sudo chmod 600 /opt/nextcloud/ssl/*
```
""")
st.markdown(f"""
### 5. Create Data Directories
```bash
sudo mkdir -p {data_volume}
sudo mkdir -p {db_volume}
sudo chown -R www-data:www-data {data_volume}
```
### 6. Deploy Nextcloud
```bash
cd /opt/nextcloud
docker-compose up -d
```
### 7. Post-Installation Configuration
```bash
# Check container status
docker-compose ps
# View logs
docker-compose logs nextcloud
# Access Nextcloud at https://{domain}
```
### 8. Security Hardening
- Configure firewall (UFW recommended)
- Set up regular backups
- Enable fail2ban
- Configure log rotation
- Set up monitoring (optional)
### 9. Maintenance Commands
```bash
# Update Nextcloud
docker-compose pull
docker-compose up -d
# Backup database
docker-compose exec db pg_dump -U nextcloud nextcloud > backup.sql
# View resource usage
docker stats
```
""")
st.success("Your Nextcloud production environment is ready to deploy!")
# Warning box
st.warning("""
**Security Reminders:**
- Change all default passwords
- Keep Docker images updated
- Monitor logs regularly
- Implement proper backup strategy
- Use strong SSL/TLS configuration
- Consider using a reverse proxy like Traefik for advanced setups
""")Hi! I can help you with any questions about Streamlit and Python. What would you like to know?