LDAP is an authentication protocol that we now have access to using FreeIPA. Many of the applications and server have an ability to integrate LDAP authentication versus using the built in authentication of the application.
We will explore using LDAP with NextCloud as part of our continuing series on FreeIPA. I chose NextCloud, because if it's ever growing number of add-on applications, and the overall usefulness of those applications in an office or school environment.
You get file syncing (like Dropbox), along with options for a web-based email client (per user of course), Calendar, Office suite via Collabora (LibreOffice online), Voice and Video chat along with text chat through Talk, and so much more.
Let's get into the NextCloud install with Docker.
What you'll need
- Docker and Docker-compose installed and ready. You can see this video and article to get that done if you don't already have it setup.
- NGinX Proxy Manager installed and ready for use if you don't already have it setup. You can see the same article above for that install as well.
- A simple text editor.
- NextCloud, MySQL installed via Docker and Docker-Compose.
We will use NextCloud with a MySQL/MariaDB backend, and both will be installed with the Docker-Compose command.
Setting up our docker-compose.yml file.
First create a new "nextcloud" directory to work in, and cd into it.
mkdir nextcloud and then cd into that directory with
To setup the docker-compose.yml file first enter the following in the terminal, or open your built in text edior, and copy the below text, then paste it into your text editor.
version: '2' volumes: nextcloud: db: app: config: data: themes: services: db: image: mariadb command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW restart: always volumes: - /home/<your_username>/nextcloud/db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=<mariadb root user password> - MYSQL_PASSWORD=<mariadb user password> - MYSQL_DATABASE=nextcloud - MYSQL_USER=<mariadb username app: image: nextcloud ports: - 8080:80 links: - db volumes: - /home/<your_username>/nextcloud/nextcloud:/var/www/html - /home/<your_username>/nextcloud/app:/var/www/html/custom_apps - /home/<your_username>/nextcloud/config:/var/www/html/config - /home/<your_username>/nextcloud/data:/var/www/html/data - /home/<your_username>/nextcloud/theme:/var/www/html/themes/<YOUR_CUSTOM_THEME> restart: always
In the above file, after pasting, change the parts with <> symbols to be actual information.
<mariadb root user password> and <mariadb user password> should both be different, srtong password.
<your_username> should be your actual username on the system. If you want to use a different location for the data storage, then you should put that path in place of /home/<your_username>/ and make a "nextcloud" directory with the sub-directories shown in that location.
Now we make our other directories in this folder with:
mkdir app config db theme nextcloud
Now you should have five folders, and your docker-compose.yml file in the nextcloud directory.
All variable should be set in place of the values in <> in the docker-compose.yml file. Finally, ensure the port (listed above ad 8080) is free on your host system. If it isn't, change the port number on the left side of the colon "8080:80" to a free port on your host system. For instance, 8080 was taken on my host, so I used 8670.
Save the docker-compose.yml file again if any changes were made.
docker-compose up -d
This will start docker downloading the mysql and mariadb images from docker hub, create a network for our two containers to communicate on inside docker, and start the containers running.
You should get some output when it's all finished that shows
done in the terminal.
You can check this by using the
command, and you should see nextcloud_nextcloud_app and nextcloud_nextcloud_mariadb listed in your command.
The NextCloud First Run Wizard
Getting NextCloud setup complete, uses the first run wizard in it's Web UI. We'll run through this wizard, and let NextCloud finish it's full setup, but first you must make certain your "data" directory on your host (from the docker-compose.yml file) is set with the proper permissions and ownership, or the Wizard will fail with various errors.
First let's make sure the owner is correct:
sudo chown -R www-data:www-data <path to your nextcloud data folder>
Next, let's set the appropriate permissions on the folder:
sudo chmod -R 755 <path to your nextcloud data folder>
Now, we can start the Wizard by visitng our Host IP on the port you set in the file.
Mine, for instance, is http://192.168.7.125:8670
Now, you need to create your admin user. Enter a username and password for your admin user.
Below this, you'll see a warning about using SQLite. Click the option just above it to expand the section and expost 3 options for the db. Select "MariaDb", and you should now see four fields.
Enter your DB Username (same as in your docker-compose file), then your password (same as in your docker-compose file), next enter your db name (same as in your docker-compose file), and finally we need to enter the IP and port of our MariaDB server.
To find this, you can use the following in the terminal:
docker network ls
to list the networks you have for yoru docker install. In this list look for one called something similart to " nextcloud_default".
Now use that name to get the detail of the servers included in that network.
docker network inspect nextcloud_default
This will show you the network details in JSON format. Find the section for "nextcloud_db" and then find the value for the IPv4Address and copy the IP address (everything before the "/").
Paste that IP address (in my case it's 172.25.0.2, but your's may and likely will be different) into the field on the browser. Follow it with a colon ":" and the port number 3306. The whole field should look like:
Of course use the proper values for your install.
Next, the install default apps is checked by default. i left it checked as I wnat to use many of those apps, but feel free to uncheck it, and you can install apps later if you wish.
Now click the finish button, and be patient.
If you've set everything up properly, you'll se a spinner while it creates your db tables, and performs some initall setup, then it will switch to a screen showing each app it is installing.
Once complete, you'll be taken to the Welcome screen.
Well done! Now dig around a bit, and check out all fo the cool things NextCloud has to offer, and in our next episode, we'll get into setting up our LDAP authentication for nextcloud.