This guide deploys Nextcloud with Docker Compose on Debian 10 to latest stable, Ubuntu LTS, and RHEL 9+ compatible hosts.
- name: Deploy Nextcloud
hosts: nextcloud
become: true
vars:
app_root: /opt/nextcloud
app_port: 8080
nextcloud_version: stable
db_root_password: "{{ vault_nextcloud_db_root_password }}"
db_password: "{{ vault_nextcloud_db_password }}"
db_name: nextcloud
db_user: nextcloud
tasks:
- name: Install Docker on Debian/Ubuntu
apt:
name:
- docker.io
- docker-compose-plugin
state: present
update_cache: true
when: ansible_os_family == "Debian"
- name: Install Docker on RHEL family
dnf:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-compose-plugin
state: present
when: ansible_os_family == "RedHat"
- name: Enable and start Docker
service:
name: docker
state: started
enabled: true
- name: Create app directory
file:
path: "{{ app_root }}"
state: directory
mode: "0755"
- name: Write Docker Compose file
copy:
dest: "{{ app_root }}/docker-compose.yml"
mode: "0644"
content: |
version: '3.8'
services:
db:
image: mariadb:10.6
restart: always
command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW
volumes:
- db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD={{ db_root_password }}
- MYSQL_PASSWORD={{ db_password }}
- MYSQL_DATABASE={{ db_name }}
- MYSQL_USER={{ db_user }}
app:
image: nextcloud:{{ nextcloud_version }}
restart: always
ports:
- "{{ app_port }}:80"
volumes:
- nextcloud:/var/www/html
environment:
- MYSQL_PASSWORD={{ db_password }}
- MYSQL_DATABASE={{ db_name }}
- MYSQL_USER={{ db_user }}
- MYSQL_HOST=db
depends_on:
- db
volumes:
nextcloud:
db:
- name: Start application stack
community.docker.docker_compose:
project_src: "{{ app_root }}"
state: present
- name: Wait for Nextcloud to be ready
uri:
url: "http://localhost:{{ app_port }}"
status_code: 200,302
register: result
until: result.status in [200, 302]
retries: 30
delay: 5
Create an ansible-vault file with secure passwords:
# group_vars/all/vault.yml
vault_nextcloud_db_root_password: "your-secure-root-password-here"
vault_nextcloud_db_password: "your-secure-db-password-here"
# Run the playbook
ansible-playbook -i inventory.ini nextcloud.yml
# With vault password
ansible-playbook -i inventory.ini nextcloud.yml --ask-vault-pass
For production deployments, consider adding:
See Configuration and Security for production hardening.
Any questions?
Feel free to contact us. Find all contact information on our contact page.