OpenCloud with Docker Compose

Install a internet facing OpenCloud with SSL certification with Docker Compose.

This installation documentation is for Ubuntu and Debian systems. The software can also be installed on other Linux distributions, but the commands and package managers may differ.

Prerequisites

Four domains pointing to your server:
- cloud.YOUR.DOMAIN → OpenCloud frontend
- collabora.YOUR.DOMAIN → Collabora Online Server
- wopiserver.YOUR.DOMAIN → WOPI server for document editing
- traefik.YOUR.DOMAIN → Traefik dashboard
Alternatively, you can use a wildcard domain (*.YOUR.DOMAIN)
A hosted server (e.g., Hetzner, AWS, or your own VPS) with Linux and SSH access

1. Connect to Your Server

Log into your server via SSH:

ssh root@YOUR.SERVER.IP

2. Install Docker

Update your system and install Docker.

First, perform an update and upgrade:

apt update && apt upgrade -y

Install Docker following the official Docker guide

Once Docker is installed, enable and start the service:

systemctl enable docker && systemctl start docker

3. Clone the OpenCloud Repository

Download the necessary configuration files:

git clone https://github.com/opencloud-eu/opencloud.git

4. Configure the .env File for Staging Certificates

Before requesting real SSL certificates, test the setup with Let's Encrypt’s staging environment.

Navigate to the OpenCloud configuration folder:

cd opencloud/deployments/examples/opencloud_full

Edit the .env file with the editor of your choice:

In our example we use nano

nano .env

Modify these settings:

✅ Disable insecure mode

# INSECURE=true

✅ Set your domain names

TRAEFIK_DOMAIN=traefik.YOUR.DOMAIN
OC_DOMAIN=cloud.YOUR.DOMAIN
COLLABORA_DOMAIN=collabora.YOUR.DOMAIN
WOPISERVER_DOMAIN=wopiserver.YOUR.DOMAIN

✅ Set your admin password

ADMIN_PASSWORD=YourSecurePassword

✅ Set your email for SSL certification

TRAEFIK_ACME_MAIL=your@email.com

✅ Use Let's Encrypt staging certificates (for testing)

TRAEFIK_ACME_CASERVER=https://acme-staging-v02.api.letsencrypt.org/directory

Save and exit.

🚨 Production Setup Consideration

Production Setup Recommended

By default, OpenCloud stores configuration and data inside internal Docker volumes.
This works fine for local development or quick evaluations — but is not suitable for production environments.

📦 Mount Persistent Volumes

In production, you should mount persistent local directories for configuration and data to ensure:

Data durability
Easier backups and recovery
Full control over storage location and permissions

Update your .env file with custom paths:

OC_CONFIG_DIR=/your/local/path/opencloud/config
OC_DATA_DIR=/your/local/path/opencloud/data

Folder Permissions

Ensure these folders exist and are owned by user and group 1000:1000, which the Docker containers use by default:

sudo mkdir -p /your/local/path/opencloud/{config,data}
sudo chown -R 1000:1000 /your/local/path/opencloud

If these variables are left unset, Docker will use internal volumes, which do not persist if the containers are removed — not recommended for real-world use.

Security Warning

The user with UID 1000 on your host system will have full access to these mounted directories. This means that any local user account with this ID can read, modify, or delete OpenCloud config and data files.

This can pose a security risk in shared or multi-user environments. Make sure to implement proper user and permission management and consider isolating access to these directories.

5. Start OpenCloud

Launch OpenCloud using Docker Compose:

docker compose up -d

This will start all required services in the background.

6. Verify SSL Certification

In your web browser, visit:

https://cloud.YOUR.DOMAIN

You should see a security warning because the staging certificate is not fully trusted. Same should appear with the other domains you are using.

Example with Chrome browser:

✅ Check the certificate details to confirm it’s from Let's Encrypt Staging.

7. Apply a Real SSL Certificate

Once the staging certificate works, switch to a production certificate.

Steps:

1️⃣ Stop Docker Compose

docker compose down

2️⃣ Remove old staging certificates

docker volume rm opencloud_full_certs

(If you changed volume names, adjust accordingly.)

3️⃣ Disable staging mode in `.env`

nano .env

Comment the staging server:

# TRAEFIK_ACME_CASERVER=https://acme-staging-v02.api.letsencrypt.org/directory

4️⃣ Restart OpenCloud with a real SSL certificate

docker compose up -d

✅ Now, visiting https://cloud.YOUR.DOMAIN should show a secure connection with a valid SSL certificate.

8. Log into OpenCloud

Open a browser and visit:

https://cloud.YOUR.DOMAIN

Username: admin

Password: (your password)

Troubleshooting

If you encounter any issues, check the Common Issues & Help

Prerequisites​

1. Connect to Your Server​

2. Install Docker​

3. Clone the OpenCloud Repository​

4. Configure the .env File for Staging Certificates​

✅ Disable insecure mode​

✅ Set your domain names​

✅ Set your admin password​

✅ Set your email for SSL certification​

✅ Use Let's Encrypt staging certificates (for testing)​

🚨 Production Setup Consideration​

📦 Mount Persistent Volumes​

5. Start OpenCloud​

6. Verify SSL Certification​

7. Apply a Real SSL Certificate​

Steps:​

1️⃣ Stop Docker Compose​

2️⃣ Remove old staging certificates​

3️⃣ Disable staging mode in .env​

4️⃣ Restart OpenCloud with a real SSL certificate​

8. Log into OpenCloud​

Troubleshooting​