Welcome to Richard's Blog

Author: applegater

  • How to set up the Collabora office with portainer and Nginx.

    My goal to make my Nextcloud to become Google Workspace because my goal is our data most important to privacy with our data sensitive. And I would like to purchase free instead of paid Google Workspace because we have our server, and we use it for IT documents and resources.

    So, you need to make sure nginx proxy manger and Portainer Up running before we start this.

    We do not need to create a network because we already did created with nginx proxy manager (nginx)

    Portainer sites → login admin account → stacks → add stacks

    version: '2'
services:
   applegateoffice:
     container_name: collabora
     image: collabora/code:latest
     restart: always
     expose:
       - 9980
     cap_add:
       - MKNOD
     networks:
       - nginx
     environment:
       - username=yourusername
       - password=yourpassword
       - aliasgroup1=https://yoursubdomain.yourdomain.io
       - aliasgroup2=https://yoursubdomain.yourdomain.io
       - extra_params=--o:net.proto=IPv4


networks:
  nginx:
    external: true

    Start the deployment and go to nginx proxy manager to add proxy host detail.

    Advanced Custom Nginx Configuration

    # static files
location ^~ /loleaflet {
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
}

# WOPI discovery URL
location ^~ /hosting/discovery {
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
}

# main websocket
location ~ ^/lool/(.*)/ws$ {
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_http_version 1.1;
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
  proxy_read_timeout 36000s;
}

# download, presentation and image upload
location ~ ^/lool {
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
}

# Admin Console websocket
location ^~ /lool/adminws {
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_http_version 1.1;
  proxy_pass $forward_scheme://$server:$port;
  proxy_set_header Host $http_host;
  proxy_read_timeout 36000s;
}

    Once the configuration has been saved, proceed to open the newly created domain.

    Now we go over the Nextcloud

    Save and your sites are now in collaboration with the office.

  • How to Build Redis on Portainer (Stacks) and Attach It to Your Nextcloud Docker Network

    If you’re self-hosting Nextcloud using Docker, integrating Redis as a caching and file locking service is a must for better speed and reliability. Portainer makes managing Docker super easy, especially with its user-friendly “Stacks” feature. In this post, you’ll learn step by step how to:

    • Deploy Redis using Portainer Stacks
    • Connect the Redis container to the network used by your Nextcloud instance (for simple, secure communication)
    • Update your Nextcloud config to use Redis

    Let’s get started!

    Prerequisites

    • Docker & Docker Compose installed and running
    • Portainer up and accessible (http://your-server:9000)
    • A Nextcloud stack/container already running on Docker
    • Portainer has permissions to manage your Docker host

    Step 1: Identify (or Create) the Nextcloud Docker Network

    First, Nextcloud and Redis need to be on the same Docker network so they can talk.

    Find the Network Name

    If you deployed Nextcloud as a Portainer stack, you likely have a custom network. To check:

    1. In Portainer, go to Containers and find your Nextcloud container.
    2. Click on it and look for the Network section.

    The network name may look like nextcloud_default (if your stack is named ‘nextcloud’). Take note of it!

    If not found, you can always create a network manually:

    docker network create nextcloud-net

    Step 2: Create a Redis Stack in Portainer

    1. In Portainer, go to Stacks > Add Stack
    2. Name your stack, e.g., redis
    3. Use the following example docker-compose file:
    version: '3.7'

services:
  redis:
    image: redis:alpine
    container_name: redis
    restart: unless-stopped
    networks:
      - nextcloud_network
    # For persistent storage (optional):
    # volumes:
    #   - redis-data:/data

# Define external network (replace with your actual network name)
networks:
  nextcloud_network:
    external: true

# Uncomment for persistent volume (optional)
# volumes:
#   redis-data:

    Important:
    Change nextcloud_network to your Nextcloud network name (from Step 1), e.g., nextcloud_default.

    1. Click Deploy the stack

    Step 3: Confirm Redis is Running & Networked

    In Containers, check that the redis container is running and attached to the correct network.
    You should see both nextcloud and redis containers under the same network.

    Step 4: Add Redis Configuration to Nextcloud

    SSH into your Nextcloud server or use Portainer’s console and add the following to your config/config.php for Nextcloud (usually found in the nextcloud/config/ directory):

    'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' => [
   'host' => 'redis',       // the service name from your stack
   'port' => 6379,
   // 'password' => 'yourpassword', // If you set one
   'timeout' => 0.0,
],
    • If you gave your redis container a different name, adjust 'host' => 'redis' accordingly.
    • If you set a redis password (not done in this example, but recommended for production!), include the 'password' line.

    Step 5: Restart Nextcloud Container

    You can do this in Portainer via the container menu (Actions > Restart), or with:

    docker restart <nextcloud-container-name>

    Troubleshooting

    • If Nextcloud can’t connect to Redis, double-check:
    • Both containers are on the same Docker network
    • host matches the Redis container’s service/container name (not localhost or 127.0.0.1)
    • No firewall is blocking Docker internal traffic
    • Use Portainer’s logs for debugging (redis and nextcloud containers)

    Conclusion

    With just a few edits and a quick stack deployment in Portainer, you can power up your Nextcloud setup with Redis for better performance, safer file locking, and future-proof scaling. Let Portainer do the heavy lifting—no need to wrangle the command line!

    Have questions or run into issues? Drop them below or check the Nextcloud docs for more tips.

    Happy self-hosting!

    Please let me know if you’d like examples for persistent volumes, securing Redis, or extra performance tuning!

  • 🚀 How to Set Up VaultWarden with MariaDB, Portainer, and Nginx Proxy Manager

    VaultWarden is a lightweight, open-source Bitwarden server. Deploying it on Docker with Portainer and securing it via Nginx Proxy Manager ensures easy access, security, and maintenance for your password manager. While MariaDB isn’t officially supported instead of SQLite, experienced users can try it. This guide explains the full Docker setup.

    Prerequisites

    • Docker & Portainer installed and running.
    • Nginx Proxy Manager installed (as a Docker container).
    • A domain or subdomain (e.g., vault.yourdomain.com) pointed to your server’s IP.
    • Open TCP ports 80, 443 on your server.
    • Again: For stables, production setups, use SQLite/Postgres/MySQL 8.

    Step 1: Create VaultWarden + MariaDB Stack in Portainer

    1.1 Access Portainer

    Visit http://YOUR.SERVER.IP:9000 and log in.

    1.2 Add a New Stack

    • Go to Stacks > + Add stack.
    • Name it, e.g., vaultwarden-mariadb.

    1.3 Paste in the Stack YAML (docker-compose format)

    version: '3.8'

services:
  mariadb:
    image: mariadb:11.4
    container_name: vaultwarden-mariadb
    restart: unless-stopped
    environment:
      - MARIADB_DATABASE=vaultwarden
      - MARIADB_USER=vaultwarden
      - MARIADB_PASSWORD=supersecurepassword
      - MARIADB_ROOT_PASSWORD=superrootpassword
    volumes:
      - vw-mariadb-data:/var/lib/mysql
    networks:
      - vw-net

  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: unless-stopped
    depends_on:
      - mariadb
    environment:
      - DATABASE_URL=mysql://vaultwarden:supersecurepassword@mariadb:3306/vaultwarden
      - ADMIN_TOKEN=use_a_long_random_string
    volumes:
      - vaultwarden-data:/data
    networks:
      - vw-net
    # Don't map ports, will use NPM

volumes:
  vw-mariadb-data:
  vaultwarden-data:

networks:
  vw-net:
    driver: bridge

    Notes:

    • Change passwords and ADMIN_TOKEN to secure values.
    • By default, no port is mapped; Nginx Proxy Manager will forward traffic via Docker networking.

    1.4 Deploy the Stack

    Click “Deploy the stack” and wait for containers to start.

    Step 2: Connect Nginx Proxy Manager to the Docker Network (if needed)

    To allow NPM to forward by container name, attach NPM to the same Docker network.
    Assume your NPM container is named nginx-app-1:

    You can do this using Portainer UI (Containers > nginx-app-1 > Networks > Join network > select vw-net),
    or via CLI:

    docker network connect vw-net nginx-app-1

    Step 3: Add a Proxy Host in Nginx Proxy Manager

    1. Go to NPM UI: http://YOUR.SERVER.IP:81
    2. Proxy Hosts > Add Proxy Host
    3. Settings:
      • Domain Names: vault.yourdomain.com
      • Scheme: http
      • Forward Hostname/IP: vaultwarden
      • Forward Port: 80
      • Block Common Exploits: Checked
    4. SSL Tab:
      • Enable SSL: Yes
      • Force SSL: Yes
      • Request a new SSL Certificate: Use your email and agree to TOS
    5. Save

    Step 4: Access Vaultwarden

    • In your browser, go to https://vault.yourdomain.com
    • You should see the VaultWarden login screen.
    • If you want to access the admin panel:
      https://vault.yourdomain.com/admin
      (use the ADMIN_TOKEN you set)

    Troubleshooting

    • 502 Gateway Error: Verify NPM is on the same network and forwarding to the right container name and port.
    • Database Errors: If you see “unsupported backend” or MariaDB-related errors, this is a sign MariaDB isn’t compatible.
      Try with MySQL 8 or switch to SQLite for production use.
    • SSL Issues: Make sure DNS is correct and ports 80/443 are open.

    Security & Production Warnings

    • MariaDB is not supported by Vaultwarden, even if it appears to work at first. Use MySQL 8 or SQLite/PostgreSQL instead.
    • Back up your /data and database volumes regularly.
    • Always use a strong ADMIN_TOKEN.

    Conclusion

    You’ve now deployed Vaultwarden in Docker using Portainer, experimented with MariaDB as a backend, and secured your setup using Nginx Proxy Manager! For mission-critical password management, please consider using SQLite, MySQL 8, or PostgreSQL.

    Happy Self-Hosting! Have questions? Drop them below.

    Further Reading:

    Tags: VaultWarden, docker, portainer, MariaDB, nginx proxy manager, self-host, Bitwarden alternative, tutorial

Secret Link