Qortal-Nextcloud-Integration/docs/nextcloud-vm-setup.md

Nextcloud VM Setup (Production-Like)

This doc targets the Nextcloud VM style deployments (Apache + Postgres in the VM, other services in Docker).

Overview

We run:

• qortal-oidc-broker in Docker
• broker Postgres in Docker
• Qortal External Auth (recommended local container; can be external)
• Qortal Gateway (optional, URL only for now)

The broker is exposed via Apache reverse proxy + TLS.

Installer Script

Run on the VM:

chmod +x ./scripts/nextcloud-vm-install.sh
sudo ./scripts/nextcloud-vm-install.sh

The script:

1. Copies the qortal_integration app into Nextcloud.
2. Enables qortal_integration + user_oidc.
3. Configures the OIDC provider to your broker URL.
4. Creates /opt/qortal-broker with Docker Compose + .env.
5. Starts the broker containers.
6. Writes an Apache reverse proxy vhost for qortalbroker.<domain>.
7. Optionally runs certbot.

Required Inputs

You will be prompted for:

• Nextcloud URL (e.g. https://cloud.example.com)
• Broker hostname (default qortalbroker.<base-domain>)
• External Auth URL + app credentials
• Nextcloud service user + password (used for provisioning)

Notes

• Broker must be reachable by:
  • Nextcloud server (for token exchange), and
  • the user’s browser (authorization redirect).
• Use HTTPS in production for user_oidc.
• If you use an external External Auth server, ensure additional wallet encryption is enabled.

Files Created

• /opt/qortal-broker/docker-compose.yml
• /opt/qortal-broker/.env
• /etc/apache2/sites-available/qortalbroker.conf

Post-Install Checks

• Confirm user_oidc provider:

sudo -u www-data php /var/www/nextcloud/occ user_oidc:providers --output=json_pretty

• Confirm broker:

curl -sS https://qortalbroker.example.com/api/health

• Login page shows Login with qortal.
• Qortal Account dashboard:
  • https://cloud.example.com/apps/qortal_integration/account