Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.
Resource icon

Scripted installation of Nextcloud 16 in iocage jail 2018-03-23

Status: This script appears to work without issues in the 11.2 RELEASE series.

There are a number of guides on the forum to install Nextcloud/Owncloud, but they all rely on a lot of manual work. Where there's manual work to be done, there are ways to get it wrong. Therefore, this guide is designed to minimize manual work--all that's really needed is to download the script, set up a small configuration file, and run the script--it will do the rest of the work. And by "the rest of the work", I mean that it will create the jail, download Caddy 1.0, PHP 7.2, MariaDB 10.3 (or PostgreSQL if desired), and the latest Nextcloud 16 release; configure all of them; obtain and install a trusted TLS certificate for the jail (if desired); and automatically renew the certificate.

The most up-to-date instructions will be at

This script works best when the jail is able to automatically obtain and renew a trusted certificate from Let's Encrypt. For that to happen, you must own or control a domain name, and
  1. That domain name can reach your jail on ports 80 and 443 from the public Internet--if an Internet user browses to http://domain_name, he'll reach your jail; or
  2. Your domain's DNS hosting is provided by a host who has an API allowing for automated updates--Cloudflare provides such a service at no cost.
Domains need not be expensive; most are under $15/year with registrars like EasyDNS, and some domains are even free from Freenom. DNS Service is also available at no cost; Cloudflare is cost-free and works quite well with Caddy.

It's also preferred to have three datasets created on your pool: files (for the Nextcloud data files), db (for the MariaDB database files), and portsnap (for the FreeBSD ports collection). If you do create these datasets, for best performance, set atime to off for files and db, and set the record size for db to 16 KB (this can be found in the Advanced settings). If you don't create these datasets, the script will create directories on your pool instead.

Change to a convenient directory on your FreeNAS server. It can be on your boot device, on your data pool, on a separate (perhaps SSD) pool, wherever you like. Then run
git clone This will download the script. Then change into that directory: cd freenas-iocage-nextcloud.

You'll now need to create the configuration file: nano nextcloud-config. It should look like this:

The entries here are fairly self-explanatory:
  • JAIL_IP is the IP address you want to assign to your jail.
  • DEFAULT_GW_IP is the IP address of your default gateway.
  • POOL_PATH is the filesystem path for your pool. If your pool is called tank, then the path is /mnt/tank.
  • TIME_ZONE is the time zone of your server. See the PHP documentation to make sure you state it correctly.
  • HOST_NAME is the fully-qualified domain name that you're going to assign to your jail. It must meet one of the two criteria listed under "Prerequisites" above.
  • STANDALONE_CERT, DNS_CERT, SELFSIGNED_CERT, and NO_CERT control how TLS is implemented for this installation. NO_CERT means that there's no certificate, and therefore no TLS (HTTPS) support. SELFSIGNED_CERT will generate a self-signed certificate. STANDALONE_CERT and DNS_CERT will obtain a certificate from Let's Encrypt using either HTTP or DNS validation, respectively. One and only one of these must be set to 1.
  • CERT_EMAIL is the email address to which Let's Encrypt will send notices of cert expiration. Under normal circumstances this should receive very little traffic.
  • DNS_PLUGIN: If DNS_CERT is set, DNS_PLUGIN must contain the name of the DNS validation plugin you'll use with Caddy to validate domain control. See the Caddy documentation under the heading of "DNS Providers" for the available plugins, but omit the leading "tls.dns.". For example, to use Cloudflare, set DNS_PLUGIN="cloudflare".
  • DNS_ENV: If DNS_CERT is set, DNS_ENV must contain the authentication credentials for your DNS provider. See the Caddy documentation under the heading of "DNS Providers" for further details. For Cloudflare, you'd set DNS_ENV="CLOUDFLARE_EMAIL=foo@bar.baz CLOUDFLARE_API_KEY=blah".
Optional Settings
  • DB_PATH, FILES_PATH, and PORTS_PATH are the filesystem paths to your db, files, and portsnap datasets, respectively. They default to $POOL_PATH/db, $POOL_PATH/files, and $POOL_PATH/portsnap.
  • INTERFACE defaults to "vnet0" (for vnet usage), but you can manually specify a different network interface.
  • JAIL_NAME defaults to "nextcloud", but can be specified and changed if desired.
  • DATABASE: Which database management system to use. Default is "mariadb", but can be set to "pgsql" if you prefer to use PostgreSQL.
  • VNET: Whether to use the iocage virtual network stack. Defaults to on.

Final steps
Make sure that is executable (it should be by default), then run ./ Have a cup of your beverage of choice; it may take 15-20 minutes to run. When the script finishes, it will give you your Nextcloud admin password. Browse to the web address shown, log in with admin and that password, and you should be set.
First release
Last update
5.00 star(s) 5 ratings

More resources from danb35

Latest reviews

Very useful script to create all the nextcloud environment.
Very nicely done! I created mine the old fashioned way (by hand), but really like the little extras that you created to make this work! Bravo!
Works perfectly on FreeNAS 11.1-U4 as long as you have configured correctly port-forwarding and firewall rules on your router.
Works great with 11.1-U4
This script accomplished in 25 minutes what I was not able to do in 3 months of attempts to install nextcloud. Great resource!