UCS Nextcloud Docker Container: Configure fulltextsearch:live

Hi there,

I run the Nextcloud docker container as provided by the UCS App Store. Furthermore, I enabled the fulltextsearch app within Nextcloud which requires ElasticSearch. I configured ElasticSearch directly in UCS, outside the Nextcloud docker container as I did not want to break the original configuration of the docker container.

Creating the first index is a one-time task that I could handle by executing occ fulltextsearch:index. However, to keep the index up and running, occ fulltextsearch:live needs to be run. I tried:

/etc/systemd/system/nextcloud-fulltext-elasticsearch-worker.service

[Unit]
Description=Elasticsearch Worker for Nextcloud Fulltext Search
After=network.target

[Service]
User=www-data
Group=www-data
WorkingDirectory=/var/www/nextcloud
ExecStart=/usr/bin/php /var/www/nextcloud/occ fulltextsearch:live
Nice=19
Restart=always

[Install]
WantedBy=multi-user.target

The I executed:

root@nextc-00667767:/# systemctl enable nextcloud-fulltext-elasticsearch-worker.service
root@nextc-00667767:/# systemctl start nextcloud-fulltext-elasticsearch-worker.service
System has not been booted with systemd as init system (PID 1). Can't operate.

As shown above, I failed to setup a service to be executed within the Docker container that invokes fulltextsearch:live. What is the best practice in this case?

Best regards,
Peter

Modifying the content of a Docker container is generally frowned upon (= polite words for “a really bad idea”). A Docker container is supposed to be disposable — meaning your customizations will be lost the next time the Docker image is updated. Only data stored in the volumes mounted during container startup is kept.

On top of that most Docker container do not run a full service manager such as systemd inside. This is the case for the Nextcloud Docker container, too — just run ps auxw while inside the Docker container and you’ll see that there’s only Cron and Apache running.

If you want to execute that job regularly, set up the systemd timer on the host and use univention-app shell nextcloud <some command> in order to run stuff inside the container. For example:

ExecStart=/usr/bin/univention-app shell nextcloud sudo -u www-data php /var/www/html/occ fulltextsearch:live

You have to remove User= and Group= as univention-app itself must be run as root. Inside the container sudo is used for dropping privileges.

Well understood. Thank you very much for guiding me to the correct direction.

At present, I refrained from using the OCR/Tesseract extension for nextcloud/fulltextsearch, as this requires further packages to be installed. In order to let Nextcloud communicate with Tesseract, I would assume to install Tesseract in the docker container - for which “frowned upon” would be the right word. Do you have any idea to cope with this situation? For Elasticsearch, it was easy: I could install it directly on the UCS and correctly setting the Elasticsearch URL in the Nextcloud settings inside the docker container. But how should this work for the Tesseract packages?

If the Docker solution doesn’t fit your needs, don’t use it. Instead install Nextcloud manually. It really isn’t that hard, even configuring LDAP authentication isn’t all that hard.

I’ve never set up Tesseract, so I cannot go into details. But just because something is available as a UCS app doesn’t mean you have to use it as an app or it’s the right solution for you.

Thank you very much for your hint. I will set up Nextcloud directly within UCS, without using the docker image from the UCS App Store. However, I have some difficulties to setup LDAP in a similar way as I would like to add the parameters nextcloudUser, nextcloudGroup and nextcloudQuota to the LDAP directory. Please see #11715

Mastodon