To set up Nextcloud on Ku­ber­netes, we recommend using S3 for a storage backend and MariaDB as the database. You can increase per­for­mance with a few changes to the con­fig­u­ra­tion.

Nextcloud and Ku­ber­netes is a rewarding com­bi­na­tion

The com­bi­na­tion of Nextcloud and Ku­ber­netes with S3 for storage is a promising solution in the private and business sector. The non-com­mer­cial cloud software is suitable for working with local servers as well as external hosts and boasts an excellent security ar­chi­tec­ture compared to numerous Nextcloud al­ter­na­tives. Ku­ber­netes is an open-source man­age­ment system for container ap­pli­ca­tions and can be used for cloud computing in addition to local use. The system is con­sid­ered to be flexible, highly scalable and fail-safe. Read on to find out how to set up Nextcloud on Ku­ber­netes.

Tip

To use Nextcloud with Docker check out our com­pre­hen­sive in­struc­tions in our Digital Guide. We’ve also covered the cor­re­spond­ing steps for in­stalling Nextcloud on Ubuntu 22.04.

What con­di­tions must be met?

Before you can start setting up Nextcloud on Ku­ber­netes, a few con­di­tions must be met. You need suf­fi­cient storage and should have already created a Ku­ber­netes Cluster. You can choose to create this on your local machine or use cloud storage, depending on your available capacity. Ad­di­tion­al­ly, ensure the Helm package manager is set up for Ku­ber­netes. Once ready, you can proceed with the steps.

How to set up Nextcloud on Ku­ber­netes step by step

Once you have the proper foun­da­tion, you can start setting up Nextcloud on Ku­ber­netes. The key steps are sum­ma­rized in the following sections.

Configure DNS

The first step is to create an A-Record for a subdomain that can point to your desired IP address. If you’re using the local solution, your public IP address is the correct des­ti­na­tion; otherwise, enter the IP provided by your cloud service. Depending on the DNS provider, the steps required for this may differ slightly.

Add and update Helm

Ku­ber­netes is deployed using the Helm package manager, which should be installed on your client. Ad­di­tion­al­ly, ensure you have a con­nec­tion to your Ku­ber­netes cluster. If so, add the Helm repos­i­to­ry and update it with the following commands:

helm repo add nextcloud https://nextcloud.github.io/helm/
helm repo update
shell

Create values.yaml

Now create a new Helm chart with the following command:

nano values.yaml
shell

Then add the following spec­i­fi­ca­tions to this file.

Set cronjobs

First define a time limit for cronjobs. On Unix-like operating systems, cronjobs are tasks that run au­to­mat­i­cal­ly in the back­ground at scheduled intervals. For Nextcloud on Ku­ber­netes, these are primarily main­te­nance tasks. In this example, we set the cronjob to run every five minutes. For larger data volumes, more frequent main­te­nance might be advisable. Use the following code:

cronjob:
    annotations: {}
    curlInsecure: false
    enabled: true
    failedJobsHistoryLimit: 5
    image: {}
    schedule: '*/5*     *** '
    successfulJobsHistoryLimit: 2
shell

Activate HPA

Now, de­ac­ti­vate the Hor­i­zon­tal Pod Au­toscaler (HPA), which au­to­mat­i­cal­ly scales the number of pods. If you use Read­WriteOnce for Nextcloud and prefer to control the scaling manually, you should de­ac­ti­vate HPA and focus on one pod. This approach is more con­ve­nient if only a few users need access. The ap­pro­pri­ate code is:

hpa:
    cputhreshold: 60
    enabled: false
    maxPods: 10
    minPods: 1
shell

Overwrite image tag

To ensure that the current version of Helm is taken into account, overwrite the image tag. Use this code to do this:

image:
    repositor: nextcloud
    tag: 28.0.2-apache
    pullPolicy: IfNotPresent
shell

Version 28.0.2 or a more recent version is now selected.

Select database

You have three options when selecting your database: MariaDB, Post­greSQL, or SQLite. For our example, we opt for MariaDB. Configure this database as follows and de­ac­ti­vate the other two systems:

internalDatabase:
    enabled: false
mariadb:
    db:
        name: nextcloud
        password: db-password
        user: nextcloud
    enabled: true
    master:
        persistence:
            accessMode: ReadWriteOnce
            enabled: true
            size: 8Gi
    replication:
        enabled: false
    rootUser:
        password: root-db-password
        forcePassword: true
postgresql:
    enabled: false
shell

Monitor for metrics

To carry out mon­i­tor­ing with Prometheus or Grafana, insert the following code. This is optional.

metrics:
    enabled: true
    https: false
    image:
        pullPolicy: IfNotPresent
        repository: xperimental/nextcloud-exporter
        tag: v0.3.0
    replicaCount: 1
    service:
        annotations:
            prometheus.io/port: '9205'
            prometheus.io/scrape: 'true'
        labels: {}
        type: ClusterIP
    timeout: 5s
shell
IONOS Cloud Managed Ku­ber­netes
Container workloads in expert hands

The ideal platform for demanding, highly scalable container ap­pli­ca­tions. Managed Ku­ber­netes works with many cloud-native solutions and includes 24/7 expert support.

Allow your own con­fig­u­ra­tion files

By default, Nextcloud also uses a file called config.php for con­fig­u­ra­tion on Ku­ber­netes. To simplify or make this more flexible, you can insert your own con­fig­u­ra­tion files using the following code:

nextcloud:
    configs:
        custom.config.php: |-
            <?php
            $CONFIG = array (
                'overwriteprotocol' => 'https',
                'overwrite.cli.url' => 'https://drive.example.com',
                'filelocking.enabled' => 'true',
                'loglevel' => '2',
                'enable_previews' => true,
                'trusted_domains' =>
                     [
                        'nextcloud',
                        'drive.example.com'
                     ]
            );
shell

Replace the place­hold­er “example.com” with your own domain.

Configure Redis

To improve caching with Redis and enhance overall per­for­mance, you can include a custom con­fig­u­ra­tion file. By default, Helm Redis is installed without password pro­tec­tion, but it’s advisable to add an ad­di­tion­al layer of security. Use the following code to set up Redis with password pro­tec­tion and integrate it with Nextcloud:

redis.config.php: |-
    <?php
    $CONFIG = array (
      'memcache.local' => '\\OC\\Memcache\\Redis',
      'memcache.distributed' => '\OC\Memcache\Redis',
      'memcache.locking' => '\OC\Memcache\Redis',
      'redis' => array(
        'host' => getenv('REDIS_HOST'),
        'port' => getenv('REDIS_HOST_PORT') ?: 6379,
        'password' => getenv('your-password-for-redis')
      )
    );
shell

Con­fig­ur­ing the storage backend

The last con­fig­u­ra­tion file is inserted for the storage backend S3. It is stored in the code as follows:

s3.config.php: |-
    <?php
    $CONFIG = array (
      'objectstore' => array(
        'class' => '\\OC\\Files\\ObjectStore\\S3',
        'arguments' => array(
        'bucket'     => 'bucket-name',
        'autocreate' => true,
        'key'      => 's3-access-key',
        'secret'     => 's3-secret-key',
        'region'     => 's3-region',
        'hostname'   => 's3-endpoint',
        'use_ssl'    => true,
        'use_path_style' => true
        )
      )
    );
shell

Switch off Redis con­fig­u­ra­tion

Since you’ve over­writ­ten the default con­fig­u­ra­tion for Redis above, this must now be de­ac­ti­vat­ed to avoid errors using the following code:

defaultConfigs:
    .htaccess: true
    apache-pretty-urls.config.php: true
    apcu.config.php: true
    apps.config.php: true
    autoconfig.php: false
    redis.config.php: false
    smtp.config.php: true
shell

Set host, admin and password

Now enter the host, the ad­min­is­tra­tor and the cor­re­spond­ing password for the use of Nextcloud on Ku­ber­netes. Use this code for this:

host: drive.example.com
password: your-password
username: name-of-admin
shell

Replace the place­hold­ers with your own details.

Set up email no­ti­fi­ca­tions

You can op­tion­al­ly set up an SMTP service (Simple Mail Transfer Protocol) to receive no­ti­fi­ca­tions from Nextcloud:

mail:
    domain: example.com
    enabled: false
    fromAddress: user
    smtp:
      authtype: LOGIN
      host: example.com
      name: username
      password: your-password 
      port: 465
      secure: ssl
shell

Configure the per­sis­tence drive

The following per­sis­tence con­fig­u­ra­tion is intended for data that Nextcloud stores on the cor­re­spond­ing data carrier. This doesn’t affect your user data, which is stored on S3 on a scheduled basis:

persistence:
    accessMode: ReadWriteOnce
    annotations: {}
    enabled: true
    size: 8Gi
shell

Password protect Redis

It’s advisable to secure Redis with a password. This prevents errors during au­then­ti­ca­tion. Use the following code to do this, replacing your password where relevant:

redis:
    enabled: true
    password: 'your-password-for-redis'
    usePassword: true
shell

Limit repli­ca­tions

Since you’ve already de­ac­ti­vat­ed HPA, you should limit the possible number of repli­ca­tions to 1:

replicaCount: 1
shell

Install Nextcloud on Ku­ber­netes

Finally, install Nexcloud on Ku­ber­netes and also add MariaDB and Redis:

kubectl create ns nextcloud
helm upgrade --install --namespace nextcloud -f your-values.yaml nextcloud nextcloud/nextcloud
shell
IONOS Cloud Object Storage
Secure, af­ford­able storage

Cost-effective, scalable storage that in­te­grates into your ap­pli­ca­tion scenarios. Protect your data with highly secure servers and in­di­vid­ual access control.

Go to Main Menu