Owncloud with Traefik
This guide will create a running Owncloud Docker container with SSL certificates using Traefik.
Create owncloud directory and files:
mkdir owncloud; cd owncloud
touch docker-compose.yml
docker-compose file
version: '3.7'
volumes:
files:
driver: local
mysql:
driver: local
backup:
driver: local
redis:
driver: local
services:
owncloud:
image: "owncloud/server:latest"
container_name: "owncloud"
restart: unless-stopped
depends_on:
- db
- redis
environment:
- OWNCLOUD_DOMAIN=owncloud.mycooldomain.com
- OWNCLOUD_DB_TYPE=mysql
- OWNCLOUD_DB_NAME=owncloud
- OWNCLOUD_DB_USERNAME=owncloud
- OWNCLOUD_DB_PASSWORD=yourpassword<-- same as "MARIADB_PASSWORD"
- OWNCLOUD_DB_HOST=db
- OWNCLOUD_ADMIN_USERNAME=admin
- OWNCLOUD_ADMIN_PASSWORD=owncloudadminpassword <--change
- OWNCLOUD_UTF8MB4_ENABLED=true
- OWNCLOUD_REDIS_ENABLED=true
- OWNCLOUD_REDIS_HOST=redis
networks:
- proxy
- internal
labels:
- "traefik.enable=true"
- "traefik.http.routers.owncloud-secure.entrypoints=websecure"
- "traefik.http.routers.owncloud-secure.rule=Host(`cloud.mycooldomain.net`)"
#- "traefik.http.services.owncloud-service.loadbalancer.server.port=80"
- "traefik.docker.network=proxy"
healthcheck:
test: ["CMD", "/usr/bin/healthcheck"]
interval: 30s
timeout: 10s
retries: 5
volumes:
- files:/mnt/data
db:
image: webhippie/mariadb:latest
restart: unless-stopped
environment:
- MARIADB_ROOT_PASSWORD=myrootpassword <--change
- MARIADB_USERNAME=owncloud
- MARIADB_PASSWORD=yourpassword <--change
- MARIADB_DATABASE=owncloud
- MARIADB_MAX_ALLOWED_PACKET=128M
- MARIADB_INNODB_LOG_FILE_SIZE=64M
- MARIADB_INNODB_LARGE_PREFIX=ON
- MARIADB_INNODB_FILE_FORMAT=Barracuda
healthcheck:
test: ["CMD", "/usr/bin/healthcheck"]
interval: 30s
timeout: 10s
retries: 5
volumes:
- mysql:/var/lib/mysql
- backup:/var/lib/backup
networks:
- internal
redis:
image: webhippie/redis:latest
container_name: "redis"
restart: unless-stopped
environment:
- REDIS_DATABASES=1
healthcheck:
test: ["CMD", "/usr/bin/healthcheck"]
interval: 30s
timeout: 10s
retries: 5
volumes:
- redis:/var/lib/redis
networks:
- internal
networks:
proxy:
external: true
internal:
As you can see from the above example docker-compose.yml file, we will be utilizing the "internal" network for communication to our mysql container with our owncloud container as well as our standard "proxy" network for communication to traefik. This will ensure that our mysql container is not able to be reached externally from outside our local area network while allowing our owncloud container to be reached externally.
You'll want to ensure that your "OWNCLOUD_DB_PASSWORD" matches the "MARIADB_PASSWORD" in this file so that owncloud can access its database files properly. Be sure to alter each password with something of your own before running this container.
We have also made a volume declaration at the top of this docker-compose file to state that we would like to use the docker host's volume creation for our owncloud and database files. You can also use local paths if you would prefer to. Just be sure to remove the volume statement at the top of the docker-compose file before running it.
Last, but not least, we've added labels to communicate with our traefik container that direct us to only use HTTPS protocol with owncloud externally and HTTP protocol internally as well as create our own sub domain to access. In the above example file, we've chosen the sub domain "cloud.mycooldomain.net".
Create the container
docker-compose up -d
We'll need to give docker some time to download all the necessary images as well as the owncloud container to run its initial configuration process. Once ready, you should be able to access your owncloud web UI and login with the credentials you saved in the docker-compose file. For more information regarding configuring your Owncloud Server, see their documentation page.