Install Nextcloud AIO behind reverse proxy (NPM)

Installing Nextcloud AIO (All-in-One) behind a reverse proxy is a great way to create a secure, powerful and centralized cloud solution. With a reverse proxy, you can manage SSL certificates, run multiple services on the same server and optimize your infrastructure. This guide will take you through the process step by step.

What is Nextcloud AIO?

Nextcloud AIO is an official Nextcloud project designed to simplify the deployment of Nextcloud for home and business users. Instead of manually installing and configuring each component, a Docker container setup is provided that integrates all important services.

Installation:

• A main Docker container is started, which serves as a control instance.
• A simple one-liner in the terminal(docker run ...) sets up the entire process.

Container architecture:

• Main container: This manages the configuration and ensures communication between the other containers.
• Database container: For storing user and file metadata (e.g. MariaDB or PostgreSQL).
• Web server container: This runs with an optimized Nginx or Apache web server.
• Redis container: For caching and performance optimization.
• Backup container: For automatic backups of the Nextcloud instance.

Central administration:

• Administrators can carry out updates, view logs and adjust settings via a dashboard (integrated into the web interface).

Security functions:

• Support for Let’s Encrypt for automatic SSL/TLS certificate creation.
• Network restrictions that only allow necessary access.

Install Nextcloud AIO behind reverse proxy

Prerequisites

• Operating system: Linux (e.g. Ubuntu 22.04 or Debian 11).
• Installed software

  :Polylang placeholder do not modify

• A domain with DNS entries that point to your server.
• Basic knowledge of Linux and network configuration.

By default, the Nextcloud AIO installation is designed to be installed on a server with a public IP address. For this reason, the system also checks whether the server is accessible under the specified domain. This domain check can be disabled with a Docker variable, which also eliminates some sources of error.

We must first execute the following command:

sudo docker run  \
--init \
--sig-proxy=false \
--name nextcloud-aio-mastercontainer \
--restart always \
--publish 8080:8080 \
--publish 11000:11000 \
--env APACHE_PORT=11000 \
--env APACHE_IP_BINDING=0.0.0.0 \
--env APACHE_ADDITIONAL_NETWORK="" \
--env SKIP_DOMAIN_VALIDATION=true \
--env NEXTCLOUD_MEMORY_LIMIT=1024M \
--env NEXTCLOUD_ENABLE_DRI_DEVICE=true \
--env NEXTCLOUD_DATADIR="/mnt/ncdata" \
--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \
--volume /var/run/docker.sock:/var/run/docker.sock:ro \
nextcloud/all-in-one:latest

Only the “NEXTCLOUD_DATADIR” and, if desired, the “NEXTCLOUD_MEMORY_LIMIT” need to be adjusted. The Nextcloud AIO master container is then downloaded and started. You can then access the admin interface via: IP address:8080.

The passphrase should be saved securely, without it you will no longer have access to the admin backend.

Then a screen appears where you can select the additional services, such as Calmav, Nextcloud Talk, Nextcloud Office, Whiteboard and more. The configuration must be saved and then you can click on “Start”.

As all containers are downloaded and the database is initialized at the first start, this may take a few minutes. You can view the log by clicking on “Starting”. Once all containers have been successfully started, a button is displayed that leads to Nextcloud. The admin login data is also displayed.

Set up reverse proxy

In our example, we will use the Nginx Proxy Manager to connect our Nextcloud to the vastness of the World Wide Web. The configurations for other proxies can be found in the official documentation. We need to create a new proxy host for this:

We need to enter our (sub)domain and as Scheme http, the IP address of the server on which the Nextcloud is installed. For the port, 11000 must be entered. Cache Assets, Block Common Exploits and Websocket Support can be activated.

Nothing needs to be entered for custom locations.

For SSL we request a certificate from Let`s Encrypt, Force SSL and HTTP/2 support can be activated.

The following code must be inserted in the Advanced tab:

client_body_buffer_size 512k;
proxy_read_timeout 86400s;
client_max_body_size  0;

By installing Nextcloud AIO, you have set up a powerful and flexible cloud solution that not only enables you to store data, but also teamwork, calendars, contacts and much more. Thanks to the all-in-one architecture, you save yourself the tedious process of manual configuration while benefiting from a high level of security and expandability.

Whether you use Nextcloud AIO privately or as a central data hub for your company, it offers you an easy way to host your data yourself and retain full control over your information. With regular updates and a growing community, you’re well positioned for the future.

Do you have any questions or did you encounter any problems during installation? Share your experiences in the comments and exchange ideas with the community!